Australian Government Architecture
Search

Identity Management Individual policy (Position)

Policy (Position)

  • Assess the suitability of biometrics when planning investment in high assurance identity services, particularly whether a biometric solution is best suited to meet the business need identified

  • Determine if there are any specific ethical, privacy or legislative requirements that need to be considered, and how these are best addressed in any proposed solution

  • Engage with other agencies with prior experience in adoption of biometric technologies to leverage existing investment as well as knowledge, patterns, and services

  • Ensure that there are appropriate Biometrics governance and risk management frameworks in place during the implementation phase of the technology deployment

  • Establish monitoring and reporting systems and processes that will measure and report on Biometrics performance, risks, and key operational issues post implementation

  • Investigate the reuse of existing investment in biometric solutions

  • Maintain manual control over biometric decision making, such that errors in the biometric solution can be overridden and corrected by human operators

  • Separately verify a person’s identity before associating a biometric with a claimed identity

  • Use accredited providers through the Services Australia Identity Exchange under the Trusted Digital Identity Framework (TDIF) when verifying identity

  • Avoid investment in new identity capabilities that are available as existing government assets

  • Ensure best practices are applied in building digital services

Capabilities

This policy includes requirements that relate to the following capability.
CAP17

Identity Management (Individual)

Standards

The following standards show what to do to satisfy this policy.
The Trusted Digital Identity Framework (TDIF) is an accreditation framework for Digital Identity services and underpins the Australian Government's Digital Identity System. It sets out strong rules around privacy, security, transparency, trust, and choice, to achieve accreditation. Any entity that…
TDIF Attribute Provider is an accreditation standard within the TDIF. Attributes are additional information about you such as entitlements or characteristics of an individual (for example, that you have a particular qualification). Attribute providers generate and manage attributes and claims about…
The TDIF Credential Level 1 (CL1) is an accreditation standard within the TDIF. It provides a basic authentication credential suitable for use at the IP1 proofing level. This allows single-factor authentication, e.g. password.
The TDIF Credential Level 2 (CL2) is an accreditation standard within the TDIF. It provides a strong authentication credential suitable at the IP1, IP2 and IP3 proofing levels. This requires two-factor authentication, e.g. password with  additional one-time password
The TDIF Credential Level 3 (CL3) is an accreditation standard within the TDIF. It provides a very strong authentication credential, suitable at the IP1, IP2, IP3 and IP4 levels. This requires two factor authentication and hardware verification.
The TDIF Identity Exchange is an accreditation standard within the TDIF. It is an entity that has been accredited in accordance with the TDIF as an identity exchange and that provides a service that conveys, manages and coordinates the flow of data or other information between participants in an…
The TDIF Identity Proofing Level 1 (IP 1) is an accreditation standard within the TDIF. It is used when no Identity verification is needed or when a very low level of confidence in the claimed Identity is needed. This level supports self-asserted Identity (I am who I say I am) or pseudonymous…
The TDIF Identity Proofing Level 1 Plus (IP 1 Plus) is an accreditation standard within the TDIF. It is used when a low level of confidence in the claimed Identity is needed. This requires one Identity Document to verify someone’s claim to an existing Identity. The intended use of Identity Proofing…
The TDIF Identity Proofing Level 2 (IP 2) is an accreditation standard within the TDIF. It is used when a low-medium level of confidence in the claimed Identity is needed. This requires two or more Identity Documents to verify someone’s claim to an existing Identity. The intended use of Identity…
The TDIF Identity Proofing Level 2 Plus (IP 2 Plus) is an accreditation standard within the TDIF. It is used when a medium level of confidence in the claimed Identity is needed. This requires two or more Identity Documents to verify someone’s claim to an existing Identity and requires the Binding…
The TDIF Identity Proofing Level 3 (IP 3) is an accreditation standard within the TDIF. It is used when a high level of confidence in the claimed Identity is needed. This requires two or more Identity Documents to verify someone’s claim to an existing Identity and requires the Binding Objective to…
The TDIF Identity Proofing Level 4 (IP 4) is an accreditation standard within the TDIF. It is used when a very high level of confidence in the claimed Identity is needed. This requires four or more Identity Documents to verify someone’s claim to an existing Identity and the Individual claiming the…

Designs

The following designs can be relevant to meeting the requirements of this policy.
The Document Verification Service (DVS) checks whether the biographic information on your identity document matches the original record. The result will simply be ‘yes’ or ‘no’. The DVS does not check facial images
To support the FVS and FIS, state and territory road agencies will gradually provide copies of all driver licence photos and related identity information. These are stored in the National Driver Licence Facial Recognition Solution (NDLFRS)
Provider Digital Access (PRODA) is an online identity verification and authentication system. It lets you securely access government online services
The Services Australia Identity Exchange allows any Australian with a digital identity to reuse it to log on and be identified at any participating government service
Confirms a person’s identity by matching the characteristics of their voice to the voiceprint managed by each agency
The Face Identification Service (FIS), administered by the Department of Home Affairs, compare a client photo against the client’s image recorded on identity documents or held in government records
The Face Verification Service (FVS), administered by the Department of Home Affairs, compare a client photo against the client’s image recorded on identity documents or held in government records
myGovID is a whole-of-government digital identity solution which can be used by Australians to prove who they are online, and provide an identity that can be re-used to access participating government online services.
Confirms a person’s identity by matching the characteristics of their voice to the voiceprint managed by each agency
The Unique Student Identifier (USI) Student Portal is used by students to create a USI and log in to their USI account. A USI or login can be created using a myGovID with Standard identity strength.
Was this information helpful?

Do not include any personal information. We are unable to respond to comments or feedback. If you would like a response, please email, or phone us. Our details are on the AGA contact page www.architecture.digital.gov.au/contact-us.