nanomanpro - Fotolia

Government tests use of social media accounts for verifying online user identity

Online public service users may be asked to allow access to their Facebook, LinkedIn or Twitter accounts to help prove they are who they say they are

The Government Digital Service (GDS) is testing ways to use people’s social media accounts to help prove their identity when accessing online public services.

Staff working on Gov.uk Verify, the identity assurance system being developed by GDS, recently evaluated the use of Facebook, LinkedIn, Twitter and Paypal as part of the process of proving people are who they say they are when logging in to government websites.

Verify works by asking users to set up an account with one of a selection of third-party identity providers, such as the Post Office, Experian or Verizon. Each company then asks the user to prove who they are, using available data such as their credit history or by allowing electronic access to documents such as passports.

The current methods of identity assurance do not work for everyone – only around 70% of users have been able to successfully verify their identity.

As part of a test to find ways of proving identity – and thereby open up Verify for more people to be able to use it – the Verify team evaluated use of social network data as an additional source of information. Users in the tests had to agree to allow access to their social media accounts.

However, the use of social networks in this way does not mean that users will log in to online public services using their Facebook log-in details, for example.

The tests found that Verify’s ability to adequately identify the adult population could increase by 9% by using social media data, and for 16-to-25-year olds could potentially increase by up to 38%.

“Our research suggests that people appear to be becoming more amenable to using online activity verification and allowing certified companies access to their personal online accounts to acquire a verified identity that gives safer, faster access to government services,” said Livia Ralph of GDS in a blog post.

Read more about Gov.uk Verify

As many as 50 digital government services could be using the Gov.uk Verify identity verification system within months, if current plans are successful.

GDS has also been trying to persuade private sector companies to use Verify as a means of identity assurance, and is working with local authorities to evaluate how the system could work for council services.

Some of the first government departments that adopted Verify found that many users were unable to prove their identity, mostly due to a lack of sufficient data to complete the verification process.

Verify has missed a number of targets for user adoption and only went officially live in May 2016. ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ...

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT for government and public sector

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

This looks like thrashing. Why not instead try to identify why the other 30% fail? Why not take a look at how the banks and mobile phone operators do it? Or would that risk calling in question the basis of the approach?  
Cancel
Seems like there are more secure and less invasive ways to validate a user’s identity, such as web identity federation.
Cancel
The bank and mobile phone systems track back to records of physical contact. Anything that is digital by default is, by definition, susceptible to digital impersonation with no yardstick for physical checking. Where that risk matters, e.g. some-one dependent on benefits loses access after a successful impersonation, something more robust is needed.   
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close