|
|
|
|
SSC gets advice on e-identity 9 February, 2004 by Tom Pullar-Strecker Original article can be found at The Dominion Post Technology companies say it may make sense to let the private sector piggy-back on a government project to identify people accessing government services online. The State Services Commission issued a request for information (RFI) to technology providers in November for a system to authenticate the identity of people accessing e-government services. The department says this is needed if many more government services are to be provided over the Net. Of the 24 New Zealand and overseas companies that responded to the RFI, 15 said an authentication system could have broader application beyond government. Banks also need to authenticate the identity of people online, to provide access to Internet banking services, as do other businesses. According to the SSC, the advantages of a common public-private sector infrastructure cited by technology companies include a reduced need for people to maintain "multiple digital identities". The SSC has appeared to favour an authentication system which would let people access most government services online using a simple log-in and password. However, there are fears a password-based system may not be sufficiently secure for some types of transaction. Another concern is the cost of handling queries from people who forget their log-ins and passwords. The SSC says vendors suggested a variety of other ways people could prove their identity online. Suggestions included issuing people with smart cards or similar devices which would store electronic signatures that could be read by PC card readers. Biometric techniques such as fingerprint scanners were also suggested, as was identifying people over the phone by analysing their voice patterns. The SCC says vendors were unable to estimate how much an all-of-government online authentication system might cost to implement without knowing more details of the Government's requirements and expected transaction volumes. Suppliers say a government proposal to separate the agencies responsible for issuing passwords or "keys" from the agency that would actually authenticate people's identity could add a layer of cost and complexity to the project. Using a "two-factor" authentication process which might involve sending a one-off access code to people's mobile phones or computers once they had entered their government password online would increase security, but would also add to the cost of the system. The SSC indicates a hi-tech smartcard-based system could potentially cost hundreds of millions of dollars if it were to be used by the bulk of the population. "For inclusion of an overall system and supporting infrastructure, estimated costs were put at $200 per user for a large scale operation." Cabinet is due to make a decision later this year on how to proceed. Original article is copyright 2004 to, and can be found at The Dominion Post |
|
Send mail to
webmaster with questions or comments about this web site.
|
