As every systems analyst and programmer knows, records in computer systems need an identifier of some sort. I actually started my career as a systems analyst and I clearly remember being struck by how identity verification was right at the heart of all corporate IT systems.

Since then, identity has become even more central to our lives, not just in IT but everywhere. Recently, when hiring a van, I had to prove that I was who I said I was. I took along my passport, but that wasn’t proof enough. The hire company also wanted to see two recent letters addressed to my home from a utility, council or bank. Identity has been called the new money, and experiences like this certainly make us feel like it is.

It was against this backdrop that in March Sir James Crosby published his independent review, Challenges and Opportunities in Identity Assurance. The review examines how to maximise the economic and social advantage to the UK from having the most effective identity assurance systems and infrastructure. Summing up the report, Crosby said, “The potential of any mass ID system such as ID cards therefore lies in the extent to which it is created by consumers for consumers. The future of identity lies in putting the consumers first. For many organisations, that calls for radical new thinking.”

We are now seeing a proliferation of identity schemes in both the private and public sectors. I expect we all have a range of user names and passwords for various services and have signed up to different loyalty schemes. This unco-ordinated approach does not help anyone. It is confusing to users and could lead to a higher risk of identity fraud. I believe Crosby is absolutely right. A great many organisations do not really understand what it means to really put the consumer or user at the heart of an identity management scheme.

Let’s take the government as an example. It is currently engaged in making public services more citizen-centric. The same should go for its national identity scheme. In Estonia, for example, the national identity card is used by citizens for a mix of private and public services, including banking, accessing libraries and health records, signing electronic documents and payment on public transport. However, in the UK different departments demand different kinds of ID from citizens using their services, and local authorities have their own requirements ­ some are happy to see photocopies of important documents, while for others only the actual document will do.

The fact is that today we have a piecemeal assortment of authentication arrangements that relate to records held about citizens initiated by agencies that remain largely disconnected.

This approach fails to assure the government that the records it holds about an individual in fact relate to that individual, and nor does it assure citizens that the information the government holds about them is accurate and the service they receive is therefore appropriate. There is real potential here for lose-lose outcomes.
It seems to me that the debate about identity needs to include a much stronger focus on actual usability and benefits to citizens.

Identity schemes should be easy for citizens to understand and should provide real benefit to them. And this needs to be clearly demonstrated. In short, it is no good having the latest technology if it does not meet the needs of consumers, or if the processes associated with it are overly complex.