Governments are looking to online as the future of service delivery for citizens. But one fundamental problem has stood in the way of that goal: how can they be sure that an individual is indeed the person they claim to be over the Internet?
British Columbia is choosing to tackle this question of “identity management” head-on. Using contactless secure-chip technology in conjunction with advanced infrastructure, B.C. believes it has found the right blend of technology and policy to enable privacy protected and trustworthy access to valuable information and online self-services that set the future path for service delivery and engagement with citizens.
Citizens make daily use of the Internet for banking, shopping and all manner of things that used to require in-person, telephone or paper mail to complete. They rightly expect to be able to do the same with public services in areas such as healthcare, education, justice administration and the vital government functions that surround business and commerce.
Yet concerns about security and privacy risk – already seen through online banking, credit card fraud and hacked access into things like Facebook accounts – have made citizens cautious with how, when and where they share their information online.
For public services seeking to serve citizens online, the inability to be confident about “who is at the keyboard” puts many good ideas and projects for service modernization on hold, even when all parties see the benefits in change. In B.C. it has become clear that for online self-services to take root, the problem of digital identity and authentication must be addressed.
Fortunately there is a growing convergence of international and pan-Canadian opinion about the right way to move ahead with digital identity and authentication. Leading experts in the field, privacy experts, the government of Canada “federated identity strategy” and the U.S. government National Strategy for Trusted Identities in Cyberspace (NSTIC) all see the solution in a distributed “eco-system” of parties, each of whom solves only a part of the identity puzzle.
The approach allows the user to have choices over the particular credentials they might wish to use. Importantly, it keeps identity information distributed across a broad range of different parties that serve as trusted authorities for only a particular claim about a piece of a person’s identity information. The problem of the master identity data store is eliminated.
To address security threats and risks, it is important that the credentials used to obtain identity information claims are not easily compromised. This means simple user IDs and passwords must be switched out and secure contactless “near field communications” (NFC) secure-chip based authentication credentials switched in.
Equally important, a person’s identity information is not stored in the secure-chip itself. Identity information is stored with the distributed set of trusted parties operating within the eco-system.
British Columbia is putting this model into action with the development of a new B.C. Services card that combines this “identity eco-system” approach with secure authentication credentials utilizing NFC contactless secure-chips. Combined with recent amendments to provincial privacy laws allowing for creation of a provincial identity information services provider, this new card will allow provincial service providers to know “who is at the keyboard” in an interaction.
As a first step, B.C. plans to replace the now obsolete health CareCard with the new services card starting in late 2012. Upon expiry and renewal of their driver’s license, citizens will have the choice of combining the B.C. Services card with their drivers licence or obtain a separate services card.
The new card will be then be used for access to health services and information. The secure-chip card can also be safely used for access to any other online services that may become available. This will remove what has long been a major barrier for public service providers when it comes to delivering quality, self-serve government services to citizens online.
B.C. has been participating in the pan-Canadian developments for digital identity and authentication where, through efforts such as the Canadian Payment Systems Review task force, the opportunity for a pan-Canadian eco-system involving government, banks and telecommunications industry is a growing possibility. This is a problem that government and industry alike must tackle, and we are proud to be part of driving the solution.
Dave Nikolejsin is the chief information officer for British Columbia, Ministry of Labour, Citizens’ Services and Open Government.
