Australian Government Architecture
Search

Identity Management (Individual)

What is Identity Management for Individuals?

Identity Management is a set of processes to manage the identification and authentication of individual users of government digital services. It includes identity proofing, and login.

Objectives

To adopt a consistent and efficient approach to identifying individuals for customer-facing government services, and provide a uniform and secure experience for individuals dealing with government.

Policy Elements

Policy:
POL13
Identity Management Individual policy (Position) Mandate:
Unendorsed
Status:
Consulting
  • Assess the suitability of biometrics when planning investment in high assurance identity services, particularly whether a biometric solution is best suited to meet the business need identified

  • Determine if there are any specific ethical, privacy or legislative requirements that need to be considered, and how these are best addressed in any proposed solution

  • Engage with other agencies with prior experience in adoption of biometric technologies to leverage existing investment as well as knowledge, patterns, and services

  • Ensure that there are appropriate Biometrics governance and risk management frameworks in place during the implementation phase of the technology deployment

  • Establish monitoring and reporting systems and processes that will measure and report on Biometrics performance, risks, and key operational issues post implementation

  • Investigate the reuse of existing investment in biometric solutions

  • Maintain manual control over biometric decision making, such that errors in the biometric solution can be overridden and corrected by human operators

  • Separately verify a person’s identity before associating a biometric with a claimed identity

  • Use accredited providers through the Services Australia Identity Exchange under the Trusted Digital Identity Framework (TDIF) when verifying identity

  • Avoid investment in new identity capabilities that are available as existing government assets

  • Ensure best practices are applied in building digital services

Domains

This capability is part of the following domain.
DOM1

Individual Experience

Policies

The following policies have requirements that impact this capability.
Mandate: Unendorsed
Status: Consulting

Standards

The following standards support development of digital solutions in this capability.
The Trusted Digital Identity Framework (TDIF) is an accreditation framework for Digital Identity services and underpins the Australian Government's Digital Identity System. It sets out strong rules around privacy, security, transparency, trust, and choice, to achieve accreditation. Any entity that…
TDIF Attribute Provider is an accreditation standard within the TDIF. Attributes are additional information about you such as entitlements or characteristics of an individual (for example, that you have a particular qualification). Attribute providers generate and manage attributes and claims about…
The TDIF Credential Level 1 (CL1) is an accreditation standard within the TDIF. It provides a basic authentication credential suitable for use at the IP1 proofing level. This allows single-factor authentication, e.g. password.
The TDIF Credential Level 2 (CL2) is an accreditation standard within the TDIF. It provides a strong authentication credential suitable at the IP1, IP2 and IP3 proofing levels. This requires two-factor authentication, e.g. password with  additional one-time password
The TDIF Credential Level 3 (CL3) is an accreditation standard within the TDIF. It provides a very strong authentication credential, suitable at the IP1, IP2, IP3 and IP4 levels. This requires two factor authentication and hardware verification.
The TDIF Identity Exchange is an accreditation standard within the TDIF. It is an entity that has been accredited in accordance with the TDIF as an identity exchange and that provides a service that conveys, manages and coordinates the flow of data or other information between participants in an…
The TDIF Identity Proofing Level 1 (IP 1) is an accreditation standard within the TDIF. It is used when no Identity verification is needed or when a very low level of confidence in the claimed Identity is needed. This level supports self-asserted Identity (I am who I say I am) or pseudonymous…
The TDIF Identity Proofing Level 1 Plus (IP 1 Plus) is an accreditation standard within the TDIF. It is used when a low level of confidence in the claimed Identity is needed. This requires one Identity Document to verify someone’s claim to an existing Identity. The intended use of Identity Proofing…
The TDIF Identity Proofing Level 2 (IP 2) is an accreditation standard within the TDIF. It is used when a low-medium level of confidence in the claimed Identity is needed. This requires two or more Identity Documents to verify someone’s claim to an existing Identity. The intended use of Identity…
The TDIF Identity Proofing Level 2 Plus (IP 2 Plus) is an accreditation standard within the TDIF. It is used when a medium level of confidence in the claimed Identity is needed. This requires two or more Identity Documents to verify someone’s claim to an existing Identity and requires the Binding…
The TDIF Identity Proofing Level 3 (IP 3) is an accreditation standard within the TDIF. It is used when a high level of confidence in the claimed Identity is needed. This requires two or more Identity Documents to verify someone’s claim to an existing Identity and requires the Binding Objective to…
The TDIF Identity Proofing Level 4 (IP 4) is an accreditation standard within the TDIF. It is used when a very high level of confidence in the claimed Identity is needed. This requires four or more Identity Documents to verify someone’s claim to an existing Identity and the Individual claiming the…

Designs

The following designs include examples of how digital solutions in this capability can be delivered.

Lead Agency: Attorney General’s Department

The Document Verification Service (DVS) checks whether the biographic information on your identity document matches the original record. The result will simply be ‘yes’ or ‘no’. The DVS does not check facial images

Lead Agency: Department of Home Affairs

To support the FVS and FIS, state and territory road agencies will gradually provide copies of all driver licence photos and related identity information. These are stored in the National Driver Licence Facial Recognition Solution (NDLFRS)

Lead Agency: Services Australia

Technology Type: PRODA - Provider Digital Access

Provider Digital Access (PRODA) is an online identity verification and authentication system. It lets you securely access government online services

Lead Agency: Services Australia

Technology Type: Services Australia Identity Exchange

The Services Australia Identity Exchange allows any Australian with a digital identity to reuse it to log on and be identified at any participating government service

Lead Agency: Australian Taxation Office

Technology Type: Nuance

Confirms a person’s identity by matching the characteristics of their voice to the voiceprint managed by each agency

Lead Agency: Attorney General’s Department

The Face Identification Service (FIS), administered by the Department of Home Affairs, compare a client photo against the client’s image recorded on identity documents or held in government records

Lead Agency: Attorney General’s Department

The Face Verification Service (FVS), administered by the Department of Home Affairs, compare a client photo against the client’s image recorded on identity documents or held in government records

Lead Agency: Australian Taxation Office

myID is a whole-of-government digital identity solution which can be used by Australians to prove who they are online, and provide an identity that can be re-used to access participating government online services. myID is the Australian Government's Digital ID app available through the…

Lead Agency: Services Australia

Technology Type: Nuance

Confirms a person’s identity by matching the characteristics of their voice to the voiceprint managed by each agency

Lead Agency: Department of Employment and Workplace Relations

Technology Type: myGovID

The Unique Student Identifier (USI) Student Portal is used by students to create a USI and log in to their USI account. A USI or login can be created using a myGovID with Standard identity strength.

Lead Agency: Department of Finance

The Gatekeeper Public Key Infrastructure (PKI) Framework governs the way the Australian Government uses digital keys and certificates to assure the identity of subscribers to authentication services.  Please note this framework is currently under review. Annual audits of existing accredited…
Was this information helpful?

Do not include any personal information. We are unable to respond to comments or feedback. If you would like a response, please email, or phone us. Our details are on the AGA contact page www.architecture.digital.gov.au/contact-us.