Post Office reveals plans for identity assurance services

The Post Office is tendering for hardware and software which will enable it to become a provider of the government's proposed Identity Assurance (IDA) services.   

IDA is a key part of the government’s move to "digital by default" public services, and will require citizens to electronically verify who they are to access public services online.

The government’s intention is to create a market of private sector identity assurance services, with individuals given the option to choose a certified private sector company to assure their identity. Banks, supermarkets and even social network sites could set themselves up as identity assurance providers.

The Post Office's search for a technology partner reveals its intent to provide identity assurance services across online, telephony and face-to-face channels, throughout its branch network and brand, according to its tender notice.

The contract will be worth £9m over 12 months and has been split into two lots. The first lot worth £2.5m includes consumer data services, which will process the personal details of users, as a means of authentication.

The second lot worth £6.5m includes identity management services, for systems and software for a single-sign-in system; near-field communication (NFC) tools, and mobile telephony for authentication and transaction delivery, as well as customer relationship management and support services.

Speaking at the official launch of the Government Digital Service in December 2011, Cabinet Office minister Francis Maude said the government would seek an online-only model in digital services where possible to cut costs: “Where public services are capable of being delivered digitally online they should be, and only online.”

Maude has earmarked £10m for implementation of IDA from the government’s £650m cyber defence fund

Mike Bracken, director of digital and senior responsible owner for IDA, recently told Computer Weekly that more widely used security protocols for IDA would be key to identifying users. “Even some of our best services, like driving registration, require users to put all their data in for parking permit even if they have already submitted it for registration. There is no common ID framework recognised in two places,” he said.

“What we are building is not an IT programme but standards the market can coalesce around. So it’s more nuanced than classic IT programmes, where you throw in a system integrator and wait for it to be delivered."