Online public service users may be asked to allow access to their Facebook, LinkedIn or Twitter accounts to help prove they are who they say they are.
The Government Digital Service (GDS) is testing ways to use people’s social media accounts to help prove their identity when accessing online public services.
Staff working on Gov.uk Verify, the identity assurance system being developed by GDS, recently evaluated the use of Facebook, LinkedIn, Twitter and Paypal as part of the process of proving people are who they say they are when logging in to government websites.
Verify works by asking users to set up an account with one of a selection of third-party identity providers, such as the Post Office, Experian or Verizon. Each company then asks the user to prove who they are, using available data such as their credit history or by allowing electronic access to documents such as passports.
The current methods of identity assurance do not work for everyone – only around 70% of users have been able to successfully verify their identity.
As part of a test to find ways of proving identity – and thereby open up Verify for more people to be able to use it – the Verify team evaluated use of social network data as an additional source of information. Users in the tests had to agree to allow access to their social media accounts.
However, the use of social networks in this way does not mean that users will log in to online public services using their Facebook log-in details, for example.
The tests found that Verify’s ability to adequately identify the adult population could increase by 9% by using social media data, and for 16-to-25-year olds could potentially increase by up to 38%.
“Our research suggests that people appear to be becoming more amenable to using online activity verification and allowing certified companies access to their personal online accounts to acquire a verified identity that gives safer, faster access to government services,” said Livia Ralph of GDS in a blog post.
Read more about Gov.uk Verify
As the Government Digital Service prepared to go fully live with its identity assurance service Gov.uk Verify, Computer Weekly spoke to programme director Janet Hughes.
The government’s Verify identity verification platform isn’t secure enough for the NHS, so Liverpool Clinical Commissioning Group and HSCIC are working to add extra levels of security.
An academic paper suggested the Gov.uk Verify system could be used as a spy network, but the Government Digital Service (GDS) insists this is not the case.
GDS has also been trying to persuade private sector companies to use Verify as a means of identity assurance, and is working with local authorities to evaluate how the system could work for council services.
Some of the first government departments that adopted Verify found that many users were unable to prove their identity, mostly due to a lack of sufficient data to complete the verification process.