The future of public service identity: blockchain
The applications of blockchain technology seem to be limitless, from financial transactions to safe data sharing of healthcare information. It has the potential to radically transform public services by offering a new identity management model.
A Reform report published today argues that a new identity management model, using blockchain, would enable citizens to view their public service identity, various pieces of data used to verify a person's identity allowing them to access government services, via an identity app on their smartphone and share relevant data with government to access public services. The technology would allow the control of identity data to move from government to the citizen, securely and efficiently.
Today's world: multiple identities
Siloed identities, held by different government departments can be inefficient for citizens as it translates into inconvenient identity verification processes. Reform research shows that of 25 identity-authentication forms used by departments, 76 per cent requested National Insurance numbers and 68 per cent bank details. Thus, to access and use public services, a citizen must repeat the information it gives to departments.
In addition, this system is inefficient for government. Separate databases, with no system to reconcile the truth, makes it difficult to share information and result in duplication, overlap and contradiction in the information held.
As the Government stores data on centralised systems, it is more attractive to hackers. The 2015 cyber-attack on US government databases resulted in the theft of personal information from over 19.7 million people, including social security numbers and fingerprints.
Blockchain: single, secure identity
A new approach is needed – one which is secure, efficient and puts the individual at the centre of identity management. Blockchain offers this.
Blockchain is a distributed, peer-to-peer database that can hold either a record of data sharing or the data itself, on a shared ledger.
The shift in ownership of data, from government to the citizen, forms the basis of a new model for identity management (see Figure 2). A blockchain network could be built across several departments and would act as a thin layer on top of current databases.
The new model would be highly secure as blockchain is safer than centralised databases. Information stored on the ledger is encrypted at all times. In addition, its distributed nature makes it difficult to hack, which could reduce the risk of identity fraud.
Government would retain overall authority over the new identity management model through a so-called permissioned blockchain. It would own the network and decide who else could access it. Bitcoin, in contrast, uses an unpermissioned blockchain to document transactions, which means anyone can join and view the information. Given the sensitive nature of a citizen's data, however, this type of network would not be appropriate for the identity management model.
Using your public service identity: ID at your fingertips
The blockchain architecture is complex, but its use from a citizen's perspective could not be simpler. When paying tax, claiming benefits or passing through the border, citizens are required to verify personal information with government departments.
An identity app – accessible via smartphone – could allow citizens to share data with government departments and access information, such as tax records or benefit claims.
When asked to share personal data with government, citizens would receive a notification on their smartphones, review the request and grant access to that information.
Estonia's identity system demonstrates the ability of a smartphone to hold a citizen's data. Its Mobile-ID system allows citizens to access a host of public services, digitally sign documents and vote through the phone's web browser.
Access to a public service identity via a smartphone would be underpinned by biometric technology – thus providing two layers of security.
By using facial-recognition technology or fingerprint scans through a smartphone, a citizen could authenticate their identity and interact with public services.
The Government of Dubai is developing a proof of concept for digital passports that combines biometric verification with blockchain technology. It aims to create a gate-less border, which cuts waiting times and verifies passenger information prior to airport arrival.
The smart contract, computer code that can process data automatically and honour an agreement if specific requirements are met, would underpin the new identity management model and determine what personal information was needed to enable citizens to access public services.
The future of identity management
Although still in its infancy, blockchain has the potential to be as transformational as the internet, particularly in terms of identity management. Now is the time for the UK government to embrace this technology and remain a truly entrepreneurial, digital state.