What is Identity Management for Individuals?
Identity Management is a set of processes to manage the identification and authentication of individual users of government digital services. It includes identity proofing, and login.
Objectives
To adopt a consistent and efficient approach to identifying individuals for customer-facing government services, and provide a uniform and secure experience for individuals dealing with government.
Policy Elements
-
Assess the suitability of biometrics when planning investment in high assurance identity services, particularly whether a biometric solution is best suited to meet the business need identified
-
Determine if there are any specific ethical, privacy or legislative requirements that need to be considered, and how these are best addressed in any proposed solution
-
Engage with other agencies with prior experience in adoption of biometric technologies to leverage existing investment as well as knowledge, patterns, and services
-
Ensure that there are appropriate Biometrics governance and risk management frameworks in place during the implementation phase of the technology deployment
-
Establish monitoring and reporting systems and processes that will measure and report on Biometrics performance, risks, and key operational issues post implementation
-
Investigate the reuse of existing investment in biometric solutions
-
Maintain manual control over biometric decision making, such that errors in the biometric solution can be overridden and corrected by human operators
-
Separately verify a person’s identity before associating a biometric with a claimed identity
-
Use accredited providers through the Services Australia Identity Exchange under the Trusted Digital Identity Framework (TDIF) when verifying identity
-
Avoid investment in new identity capabilities that are available as existing government assets
-
Ensure best practices are applied in building digital services