The Department for Work and Pensions (DWP) is taking a ‘pantry’ approach in its development of an interim digital identity solution, the lead official on the project has said.
Chery Stevens, digital director shared channels experience, outlined the plan at last week’s Think Digital Identity for Government conference.
DWP is using the solution as it steps back from using GOV.UK Verify and before it takes on the One Login service under development by the Government Digital Service (GDS). The department has been collaborating on One Login but it is not fully clear when it will be ready to be deployed around central government.
“DWP are so briefed in to One Login for government, we are almost horizontal, and have people in the team helping to shape it,” Stevens said.
She added: “We can’t wait for One Login, we don’t use Verify any more, therefore, when the time is right for our services, our customers and GDS, we will converge with that service. But that time is not today.”
This is taking the form of several services to provide the appropriate levels of confidence for different activities.
High hurdle
“A high hurdle for identity just wasn’t suitable for DWP. We had a higher hurdle in GOV.UK Verify, and it didn’t work for 75% of our customers because it was too high. That was a barrier to entry for our services.”
This has led the department to adopt a pantry approach – a place that provides a store for different ingredients – to create an identity service. Stevens made the point that ingredients providing proportionality would be needed for different processes requiring a low, medium or high level of confidence in an identity.
The digital pantry is named the Dynamic Trust Hub. Stevens presented a slide showing it consists of elements such as document evidence, DWP knowledge based verification questions, the customer’s activity history and counter fraud checks, which are used to provide differing strengths of identity for processes such as checking payments, requesting documents and updating details.
The service runs through the internal identity policy service, which receives confidence calculation requests, then draws on an ID store – which stores relevant verification events rather than identities – to calculate confidence levels, along with activity history for the individual and the store for data on identity fraud.
It is being used for processes such as telephony identity verification – in which the check takes about 60 seconds and is strong enough to take the agent out of the process in some instances such as obtaining payment date – and a minimum viable product for online identity verification for medium confidence processes.
“The next service we move to not look like a service we have just completed, it will look different, and the service after that will look different,” Stevens said. “What will look the same is the user interface for the customer.
“We will hide that wiring and hide how go through that digital identity, but they will see a seamless journey.”