Questions and Answers

What online services use the igovt logon service?

The igovt identity verification service is a shared service between participating service providers. It is a way for users of a service provider’s services to verify their identity in an online environment in real time. It confirms four verified key attributes; name, date of birth, place of birth and gender. These four verified key attributes make up the igovt ID.

What is the igovt identity verification service used for?

The purpose of the igovt identity verification service is to allow people to use the Internet as a more convenient way to prove who they are when they are dealing with service providers.

To use some services, people need to verify who they are. For example, government agencies cannot provide services that involve the exchange of money or personal information unless they have verified a person’s identity. Currently, proving your identity to government agencies can require you to provide multiple documents, which can take time.

The igovt identity verification service aims to give people a way to do this that is quick, safe, and easy while protecting their privacy at the same time. Using the Internet provides people with the convenience of anytime/anywhere access. The igovt identity verification service will complement other methods of establishing identity. For instance, people will still be able to establish their identity when accessing government services by visiting the relevant government agency office or by post.

How do people get to use the identity verification service?

To use the igovt identity verification service, people need to first apply for an igovt ID by enrolling with igovt through a high strength evidence of identity process. For the initial implementation of the igovt identity verification service, the person would need to do this in person and hold a current New Zealand passport (less than five years old) or have a citizenship granted within the last 5 years. As part of the enrolment process a photograph of the person will be taken to compare against existing passport or citizenship photographs of the person.

Once the enrolment process is done, the person is issued with an igovt ID that comprises four verified attributes; name, date of birth, place of birth and gender (note — the photograph is used only for the initial establishment of the identity). The igovt ID is an electronic credential the person can use online to assert their identity to organisations. To participate, organisations have to first enrol with igovt as a participating service provider.

How does the igovt identity verification service work?

Once a person has joined igovt by getting an electronic identity credential called an igovt ID, the person can use the service to verify their identity to a participating service provider whenever they need to, using the Internet. They can release igovt ID information to service providers by using their igovt logon.

How do people use the igovt identity verification service?
This involves the following steps:

• A person goes to the participating service provider’s website and requests a service that uses the igovt identity verification service
• The person then chooses to be directed to the igovt website so igovt can verify their identity to the participating service provider
• The person logs on to igovt
• igovt displays the person’s name, date of birth, gender, place of birth or only some of these as required by the service provider
• The person gives their consent for the information to be sent (electronically) to the service provider
• The person will then be re-directed back to the original service provider ’s website, which will know who the person is and enable access to the service the person requires
• The logon can also be used for ongoing access to that service provider’s online services

Do people need to use the igovt identity verification service for all their online interactions with government agencies or other organisations?

The igovt identity verification service won’t replace other methods of establishing identity. People could still establish their identity when accessing services by visiting the relevant government agency or organisation’s office or by post.

How is a person's privacy protected?

The igovt identity verification service protects privacy in a similar way to the igovt logon service. Each service provider involved with the igovt identity verification service will identify people in a different way using an identifier or code unique to that service provider. There is no external national unique identifier. There is no way for service providers to share information about anyone through this service.

Federated identifiers (unique codes) are sent to the service providers to represent igovt logons and igovt IDs. The federated identifier for any given logon or igovt ID is different for each service provider to which it is sent. This approach avoids the use of unique identifiers which could be used to facilitate data matching or any exchange of data about a user.

The igovt logon service and the igovt identity verification service are two separate, distinct services. Each of the services will maintain the association between federated identifiers that they hold and the logon or igovt ID (respectively).

The federated identifier generated from the igovt logon service is called the Federated Logon Tag (FLT). The Federated Identifier generated from the igovt ID is called the Federated Identity Tag (FIT).

What are the main features of the igovt identity verification service?

• Always available — 24 hours a day, seven days a week service
• Opt in — people choose to enrol in and use the service and they must give consent to send the information to a service provider
• Flexible — igovt can accommodate a service provider’s individual business processes and branding
• Secure — high level of security of data, systems and processes provides assurance that privacy information is appropriately handled. Rapid response to changing security and risk management requirements
• Protects privacy — world leading privacy protective design. Physical separation of who a person is (igovt identity verification service) from their ongoing usage of online service (igovt logon service). No common external number or national identifier is generated
• User centric — people using the IVS are in control of the transaction
• Standards compliant — automatic adoption and implementation of the relevant standards relating to identity management
• Information integrity — the identifier sent to the service provider is unique for that service provider and can not be used to match or share an individual’s information.

• Reduced costs of identity verification to a service provider and reduced total cost of ownership
• Savings from reducing identity fraud
• Enables a service provider to have confidence in the identity asserted by an individual to a high level of confidence
• Provides convenience and time savings for the people who use a service provider’s services
• Builds trust in online transactions
• Avoids individual service providers investing in online identity verification infrastructure
• Enhances reputation — a service provider signed up will be seen as efficient, forward thinking and user focused
• Provides benefits of scale, expertise, and adoption of best practices
• Gives inherent compliance with New Zealand e-GIF Identity Management and Authentication Standards.

The igovt services are operated by the Department of Internal Affairs.

How does igovt protect personal privacy?

The igovt services protect personal privacy in the following ways:

• igovt separates the logon process (what a person does online) from identity verification (who the person is) as well as from what a person does with a service provider. This means igovt is very secure and protects privacy
• igovt will only verify a person’s identity to a service provider at the person’s request and with the person’s consent, using only the minimum identity information each time
• Service providers are not able to collect personal information from the other service providers using the igovt services.

How does government protect the security of the igovt services?

Significant precautions have been taken to ensure the igovt services are safe and secure.

• The very best security standards, practices and guidelines available today have been used to design the services
• The igovt services have undergone a comprehensive review of security and testing by independent specialists
• The igovt logon service separates the key that gives users access to an online service from any information the service provider might hold about the user.

The key thing that holds organisations back from offering more services of greater transactional value via the internet, and therefore slows the pace with which they transform, is confidence and trust in identity. Service providers need to know who they are dealing with. And the citizens and businesses that organisations serve need to know that they are dealing with a bona fide agency or firm and that their personal information is being handled with care.

igovt helps people more conveniently and securely verify their identity when dealing with service providers via the Internet. igovt means that service providers can offer more personalised online services involving more valuable transactions because they have confidence in the identity of who they are dealing with. igovt unlocks the potential for New Zealand to transform service delivery from the industrial to the information age.

Why should government provide igovt services?

Not only does government know a lot about its citizens, it knows it to a very good level of accuracy, certainly suitable for most governmental and commercial administrative purposes. For example, the passports evidence of identity process involves checking against authoritative data sources (e.g. birth and death records and citizenship records), trusted referee processes, use of facial recognition processes supported by investigative processes. This data as such provides a high level of assurance about identity of people.

Yet, government does very little to allow the citizens whose data it is, and who typically have paid for government to assess it and declare it ‘authoritative’, to unlock the value created, either for government’s own purposes or for citizens’ transactions with the commercial sector. Typically, such re-use is limited to physical documents that are a poor fit for that purpose.

Why would a service provider want to use the igovt services?

Using the igovt services means a service provider can offer more personalised online services involving more valuable transactions because the service provider can have confidence in the identity of who they are dealing with.

What is an example for igovt services use?

Currently, to apply for a student loan an applicant has to provide: a birth certificate or passport to show date of birth, a passport or citizenship papers to show residency status, a pre-printed letter or notice from Inland Revenue to show their IRD number and a marriage certificate or papers to show any name change. If these are to be copies, then they need to be verified (signed and dated) by someone like a StudyLink (or a Work and Income) staff member, Justice of the Peace or authorised staff member from the education provider.

All these pieces of information are already known by government, and all the documents the applicant is being asked to provide were issued by government. The applicant has been asked to manually receive, store, retrieve, assemble, transport, and present the documents. All this is done at their own expense. The receiving department has had to manually inspect the documents for veracity, copy them and store the copies, and transpose the data from the document into its own systems. All this is done at the applicant’s and/or the general taxpayers’ expense.

During this process, the best case is that no value has been added for the considerable cost incurred by the applicant and the taxpayer. The worst case is that the documents were stolen or forged, that the data was out of date, that the issuing department had unsuccessfully attempted to cancel or recall them, or that errors were made in the transposition to the receiving department’s systems.

Yet, this remains the dominant method of getting information from one part of government to another, and for identification processes used by the private sector. It is a method that is essentially unchanged since the beginning of the industrial age.

What is an example of potential private sector use of the igovt services?

A person visits a website to check out fridges. They want to buy a fridge online and have it delivered to them. However, the person needs finance to buy the fridge. They want to enter into a hire purchase agreement with the fridge seller.

Instead of cancelling the online transaction and having to visit the fridge seller’s nearest retail outlet — if the person has an igovt logon and igovt ID they could complete the transaction online. This could involve the following steps:

• The fridge seller is a participating service provider they are signed-up to igovt
• The person has an igovt logon and an igovt ID
• The person goes to the fridge seller’s website and requests finance for the fridge they want to buy
• The person then chooses to be directed to the igovt website so igovt can verify their identity to the fridge seller
• The person logs on to igovt using their name, password and second factor identification (an SMS message with a unique code)
• igovt displays that person’s name, date of birth, gender, place of birth or only some of these as required by the fridge seller
• The person gives their consent for the information to be sent (electronically) to the fridge seller
• The person will then be re-directed back to the fridge seller’s website, which will know who the person is
• The fridge seller may choose then to approve the finance – of course subject to other things like credit checks being OK, and getting the person to accept the hire purchase terms and conditions.
• If the person agrees, the disclosure documents for the hire purchase agreement can be sent by email (see the Credit Contracts and Consumer Finance Act 2003 and Electronic Transactions Regulations 2003 Schedule 1). Also see section 24 Electronic Transactions Act 2002 for criteria for reliability of electronic signatures, which is also being considered under the Identity Verification Bill that is currently included in the legislative programme.

Internet technologies allow organisations to displace reliance on documents with online, real time exchange of data directly between igovt and organisations – the departments that have authoritative data and the organisations that need it to make decisions. Such exchanges mean that the data is current, can be recalled or cancelled immediately, and cannot be subject to transposition errors. The exchange of data happens in real time, and no human intervention is required other than the approval of the citizen to the exchange (thus protecting their privacy).

This reduces transaction times from days and weeks to seconds, and transaction costs from tens and hundreds of dollars to cents. Across the full scope of government’s and the private sector’s transaction set, the potential savings are truly game-changing.

Is there support for use of the igovt services?

Overall, there has been significant support for the igovt services. A common refrain from people participating in workshops we ran and in submissions we received, was the convenience the igovt services are expected to provide and the resulting time and cost savings in dealing with government. A wide variety of applications for the igovt services were noted.

One of the overall messages was that the igovt services should go ahead as quickly as possible and be made available as widely as possible. Key messages included the need for a simple, user-friendly, accessible, free, and safe service where privacy is protected. The igovt services were particularly attractive to users with disabilities because of the convenience of the online channel and with students who are heavy users of online services.

Which government agencies are using the igovt services?

The government agencies using Logon Service are:

State Services Commission, Ministry of Agriculture and Forestry, Crown Company Monitoring Advisory Unit, New Zealand Food Safety Authority, New Zealand Police, New Zealand Transport Agency, Auckland City Council, The Department of Internal Affairs, Statistics New Zealand. Three more government agencies are currently implementing the logon service, and additional agencies are in the planning phase.

The Births, Deaths and Marriages business unit of the Department proposes to pilot a limited service igovt identity verification service in November 2009.

What are other government’s doing in this area?

All governments with which New Zealand is commonly compared are investigating or building such systems. However, most are driven by concerns of national security, large-scale illegal immigration, and catastrophic fraud against the state. Their solutions are typically extremely expensive, and would be unacceptable in New Zealand.
The New Zealand government has led the world in the design of a method of information exchange that is driven by effectiveness and efficiency of service delivery, and with principles of security, privacy, simplicity, and value for money. The work has attracted wide domestic and international acclaim, including winning a global industry award, and is now the foundation for the development of the next wave of international standards in the area of identity management.

Why will igovt services work in New Zealand?

Policy is the driver — Studies of successes and failures in other jurisdictions have shown that systems for managing identities can only be successful if they are led by policy, not by technology. Policy sets the foundations for interoperability. Further, the policy must be acceptable to the citizens and businesses whose data is at stake. The policy base for the New Zealand government’s work has been largely stable since 2003, has been very widely reviewed domestically and internationally, and has been subject to two rounds of formal public consultation.

Standards are seen as important — Standards allow organisations to gather, store, use, and dispose of identity data in a way that provides the ability to interoperate efficiently. The base set of New Zealand standards has been completed and was launched in 2006. This work is now part of ‘business as usual’ as the standards are rolled out.

igovt ‘future services’ — This is mainly policy work to determine the rate at which government can allow citizens to unlock the value of other government-held authoritative data and releasing the full potential of inter-operability. It is also starting to consider whether there are better ways of involving the commercial sector in the overall work.

Do government agencies have to use the igovt services?

Government agencies have been encouraged to use the igovt services and directed not to invest in or build online credential management or identity verification capability without consulting the State Services Commission, and obtaining the approval of their Minister and the Minister of State Services.

How can you ensure integrity and protection of my identity information?

The igovt services are designed with a strong commitment to protecting personal privacy.
This is managed in a number of ways:

• People choose to use the igovt identity verification service and give their consent to send their identity information to the government agency each time
• The identifier sent to the service provider is unique for that service provider and can not be used to match or share your information with other service providers
• A high level of security of data, systems and processes provides assurance that private information is appropriately handled
• The Privacy Commissioner has been kept informed of the service
• Privacy assessments will be ongoing. Previous Privacy Impact Assessments are available online at www.dia.govt.nz
• Independent security reviews will be ongoing

There is the potential for the igovt services to be developed further. The igovt services could be used by private sector organisations, as well as government agencies, that provide services which are identity dependent. For instance, getting finance/loans online, establishing trade credit terms, and purchasing age restricted products.

The igovt services could also be used with other information the person might want to control the release of online in a privacy-protected secure way — like qualifications verification (eg NCEA results or University marks), confirmation of bank details, confirmation of professional registration or accreditation status (eg lawyer holds a current practicing certificate with the New Zealand Law Society), confirmation of their IRD number, and current credit score information.

One of the objectives of the IPCO is to solicit innovative ideas for extending the igovt services.

While the igovt services can be seen as progress, do they still give people protection?

The igovt services provide an answer to identification and authentication online – they are essential to New Zealand’s progress in the electronic age. But importantly, the services are privacy-protective — the Office of the Privacy Commissioner has been involved right from the start, so the design is privacy compliant and actually world-leading in that regard.

The services are also person-centric — that means people have control over their information — they decide whether to release it, it can’t be shared or searched without their consent, and it can’t be matched or used for other purposes.

The Department will continue to develop the igovt services using secure and proven authentication technologies, and ensure they remain secure and can be trusted by service users and service providers.

IPCO stands for “Invitation to Present Commercial Opportunities”. An IPCO is an invitation to the private sector to present ideas for commercial relationships with government in relation to a good or service already built/created by a government agency. The commercial relationships can include a public-private partnership or other arrangement between the private sector and the government to use and/or further develop, fund, innovate, deliver, operate or ensure uptake and use of the good or service.

An IPCO is issued where government is seeking options that provide it access to private sector specialised expertise, innovative ideas, and funding and the sharing of risk. Extending the reach of the goods or services and building on the benefits of established branding and related market penetration are also important aspects.

Is an IPCO a government procurement process?

An IPCO is not a procurement process for goods or services, and it does not signal whether any final decision has been made on any future procurement process or any other action will be taken. Rather, it is intended to enable government to gauge whether there are organisations interested in, and what options are available for, public-private partnerships or other commercial arrangements to use and/or further develop, operate, innovate, fund, distribute and ensure uptake and use of a government agency’s products or services by the public, government and the private sector.

Why is the IPCO on GETS?

We are using the Government Electronic Tenders Service (GETS) site to issue the IPCO. This is to help with alerting the private sector to the invitation. GETS is a familiar distribution mechanism for government to interact with the private sector. However, we recognise that some of the target respondents may not be linked into GETS, so we are using a range of ways to reach the audience, such as posting the IPCO on our website (link).

What is this IPCO about?

We would like to hear from organisations interested in entering into a commercial relationship with the government to extend the use of the secure online igovt logon service and igovt identity verification service beyond government agencies.

We are asking for responses from organisations with specialised expertise and innovative ideas that are interested in extending the igovt services to a large proportion of the New Zealand public. This could take the form of a public-private partnership or other commercial arrangement to use the igovt services or to further develop, distribute and ensure uptake, or all of these.

What are we interest in receiving?

Responses to the IPCO do not need to deal with specifics of technology, business design or the technical aspects of the igovt services. We want to hear about the commercial and use aspects of the options presented.

What are the “untouchable” pre-requisites for any commercial relationship?

The IPCO outlines a number of areas that are pre-requisites for any commercial relationship options. Basically, respondents must meet commercial relationship parameters regarding the Authentication Principles, sovereignty requirements, and ownership and protection limitations.

What are the Authentication Principles?

The Authentication principles (link) contain policy principles and implementation principles.

The policy principles require an approach that is fit for purpose, secure, protects privacy, is generally acceptable to potential users, and is optional for people to use.

The implementation principles require options to consider aspects including user focus, enduring solution, affordability and reliability, technology neutral, risk-based approach, and functional equivalence.

What are the sovereignty requirements?

Recognising that the manner in which information flows over the Internet using public service provider networks is difficult to control, the information obtained, created, processed, managed and stored for the purposes of the igovt services:

• Must remain under the sovereign control of New Zealand, in both legal and physical terms, to the greatest extent practicable
• Must not be transmitted out of New Zealand, except in specific circumstances, such as for transactions by authorised individuals living abroad or with authorised overseas-based participating agencies
• Must be subject to New Zealand law and there must not be any risk of it being subject to the laws of a foreign jurisdiction

Processes for establishing an individual’s identity for the purposes of the igovt services, and stewardship of the resulting databases of personal information will remain under Crown ownership and protection. Particularly, the Crown will retain ownership and protection of identity data created through the process of individuals applying to use the services.

This is not an IT project

This is not an IT project — that bit’s been done and the services have been built. This is about seeing if the services would be used widely in New Zealand, and if they were, what benefits that would bring.

Why is the Department looking at commercial relationships?

The Department wants to get commercial relationship options on the table — it wants to look at public-private partnerships or other commercial arrangements for the igovt services to enhance investment, get operational scale and bring more innovation into the services over time.

Is private sector involvement the only option being looked at?

No. Private sector involvement is only part of the mix of options being considered. It’s not the only approach open to the Department, but it’s worth exploring. Responses to the IPCO will help the Department report to government later this year on a number of uptake and funding options for the igovt services.

What sort of commercial relationships are we looking for?

We are interested in receiving responses presenting credible and innovative commercial relationship options, including:

• Operator of igovt services — an organisation wanting to partner with the Department through a public-private partnership (for example, a partnership to lease/develop/operate the igovt services for use by the public with government and private sector organisations).
• Member of a cooperative (or consortium) — an organisation wanting to co-ordinate with others and the Department to fund and develop the igovt services for the cooperative’s use (for example, a consortium of large organisations with similar interests in being participating service providers that can provide upfront and ongoing funding for the development and operation of the igovt services).
• Co-developer of igovt services — an organisation wanting to use the igovt services as a participating service provider and co-ordinate with the Department to fund and co-develop customised igovt services.
• Direct user of igovt services — an organisation wanting to use the services as a participating service provider only, with no involvement in delivery, uptake or distribution of the igovt services to users or other service providers.
• Other commercial relationships suitable to meet the Department’s objectives, outcomes and parameters set out in the IPCO.

Private sector involvement is about reach and convenience for the public. Private sector involvement would be good because it would open the igovt services up to a wider community of users.

People transact online more often with the private sector than with government, so private sector involvement would increase uptake and use of the services — this benefits everyone — government agencies and private sector firms wanting to provide services online, and members of the public wanting to access services online.

Increasing use increases convenience. More people using online services, more service providers offering online services, more online services — these are all connected.

Is there an opportunity to promote igovt services overseas?

Potentially, yes. The issues addressed by the igovt services affect governments worldwide, and the services have been developed with a focus on practical, privacy-protective and citizen centric solutions. This has attracted praise from overseas commentators, industry bodies and government agencies.