Sunday, 20 November 2016

The odd couple

81.6% of people are satisfied or very satisfied with how easy it is to use GOV.UK Verify (RIP). 84.5% of people feel secure registering with the system and 80.5% are comfortable with "identity providers"/certified companies.

These user satisfaction figures are taken from the GOV.UK Verify (RIP) dashboard on the Government Digital Service's GOV.UK performance platform. They are based on 11,687 responses to the ease of use question, 11,623 to the security question and 11,552 on "identity providers".

DMossEsq and other critics can carp all they like. They're wrong, GDS may say. Just look at those user satisfaction ratings. Over 80% of people are satisfied with GOV.UK Verify (RIP) or very satisfied with it. That's what counts. And "counts" is the right word. We're dealing with numbers here. And you can't argue with numbers ...

... or can you?

Friday, 18 November 2016

Untitled 3





----------

Untitled 2

Untitled 1

Tuesday, 1 November 2016

RIP IDA – other people's money

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.

Selected UK local authorities are now conducting trials of the Government Digital Service's dead duck, GOV.UK Verify (RIP).

Tuesday, 11 October 2016

RIP IDA – local government, the lender of last resort

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.


The Government Digital Service (GDS) have convinced 19 local authorities to conduct trials of GOV.UK Verify (RIP).

11 local authorities are going to try to use GOV.UK Verify (RIP) to issue concessionary travel passes. And 14 local authorities are going to try to use it to issue residents' parking permits.


The plan previously was to see if GOV.UK Verify (RIP) could help with issuing taxi licences as well. It was always a peculiar plan and now it's been dropped.

GDS are demanding that local authorities commit to the trials/pilot runs. Once they've started they have to finish – GDS lays down law on council Verify adoption criteria. It's expensive, conducting trials ...

... and local authorities only want to use GOV.UK Verify (RIP) if it saves them money. That plan hasn't been dropped. GDS still haven't provided a price list but they're going to have to soon.

What should we expect to see as these trials unfold?

Let's work our way through an example.

Thursday, 29 September 2016

"Stale" and "self-legitimising" public administrators

"... we foster a user-centred culture in GDS and across government by getting everyone involved in user research", it says in a Government Digital Service blog post today, Don’t forget! 2 hours every 6 weeks. "We have user researchers as part of agile teams, for example. That's part of our DNA ... Our natural state can be to look inwards [horror], towards our teams [awful], not outwards towards our users [that's better] ...".

This is all part of putting user needs first, rule #1 in the GDS Design Principles: "Service design starts with identifying user needs. If you don’t know what the user needs are, you won’t build the right thing. Do research, analyse data, talk to users. Don’t make assumptions. Have empathy for users, and [you] should remember that what they ask for isn't always what they need".

This initially clear picture is clouded by the genetically modified Government as a Platform (GaaP) team at GDS, who said in May 2016: "Everyone knows we start with user needs. Except we don't. We start with the needs of our team ... When we don't do this our research isn't useful to our team and they ignore it. There's nothing more pointless than doing research that no one listens to". That's one of their Eight principles for user researchers on Government as a Platform.

Should GDS "look outwards towards [their] users" and start with "identifying user needs"? Or is that "pointless"? Should they rather "start with the needs of [the GDS GaaP] team"?

Confusing, isn't it. Which one is the doctrine? Outwards? Or inwards?

Monday, 26 September 2016

RIP IDA – however you cut it, GOV.UK Verify (RIP) is no more. It has ceased to be. It's expired and gone to meet its maker. This is a late identity assurance scheme. It's a stiff. Bereft of life, it rests in peace. If GDS hadn't nailed it to GOV.UK, it would be pushing up the daisies. It's rung down the curtain and joined the choir invisible. This is an ex-identity assurance scheme. RIP.

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
We have seen how Digidentity, one of the Government Digital Service's "identity providers", can unilaterally revoke your on-line GOV.UK Verify (RIP) identity. In GDS's projected digital-by-default "internet era" world, with no on-line identity you won't exist.

We have seen how users of GOV.UK Verify (RIP) who registered with Barclays and the Post Office may find it impossible to access public services.

We have seen how Safran Morpho/SecureIdentity make you download an app to your mobile phone if you want to use their GOV.UK Verify (RIP) services. Not a good idea. (Digidentity also now want their parishioners to download an app. Ditto, not a good idea.)

We have seen how GOV.UK Verify (RIP) flouts every one of the identity assurance privacy principles. Again, not a good idea.

Cassidian, Ingeus, Mydex, PayPal and Verizon have all pulled out as "identity providers" to GOV.UK Verify (RIP).

Who does that leave?

Sunday, 25 September 2016

RIP IDA – privacy/identity assurance principles

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
We have seen how Digidentity, one of the Government Digital Service's "identity providers", can unilaterally revoke your on-line GOV.UK Verify (RIP) identity. In GDS's projected digital-by-default internet era world, with no on-line identity you won't exist.

We have seen how users of GOV.UK Verify (RIP) who registered with Barclays and the Post Office may find it impossible to access public services.

Cassidian, Ingeus, Mydex, PayPal and Verizon have all pulled out as "identity providers" to GOV.UK Verify (RIP).

Who does that leave?

Thursday, 22 September 2016

RIP IDA – the Post Office

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
We have seen how Digidentity, one of the Government Digital Service's "identity providers", can unilaterally revoke your on-line GOV.UK Verify (RIP) identity. In GDS's projected digital-by-default internet era world, with no on-line identity you won't exist.

We have seen how users of GOV.UK Verify (RIP) who registered with Barclays may find it impossible to access public services.

Cassidian, Ingeus, Mydex, PayPal and Verizon have all pulled out as "identity providers" to GOV.UK Verify (RIP).

Who does that leave?

Wednesday, 21 September 2016

RIP IDA – Ingeus, Cassidian, Mydex, Paypal, Verizon, Digidentity and Barclays

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
We have seen how Digidentity, one of the Government Digital Service's "identity providers", can unilaterally revoke your on-line GOV.UK Verify (RIP) identity. In GDS's projected digital-by-default internet era world, with no on-line identity you won't exist.

In the remaining months of your existence, let's take a look at the other "identity providers". Are they behaving like Digidentity?

Ingeus – one of GDS's early "identity providers", they never provided anyone with a GOV.UK Verify (RIP) on-line identity. Ditto Cassidian. And Mydex. And PayPal. They all pulled out before they could do any harm. Verizon stayed a while, but now they, too, have pulled out. So that's five "identity providers" we don't need to worry about.

Tuesday, 20 September 2016

RIP IDA – agile identity, now you are you, now you're not

No need to say it, it goes without saying, it should be obvious to all but,
just in case it isn't obvious to all,
IDA is dead.

IDA, now known as "GOV.UK Verify (RIP)",
is the Cabinet Office Identity Assurance programme.
"Congratulations!", they said in the email, "You have completed the registration process":


There he was, DMossEsq, all kitted up with a brand new on-line identity, provided by GOV.UK Verify (RIP) via Digidentity, one of the Government Digital Service's "identity providers".

Digidentity had collected all the details of DMossEsq's passport and driving licence, among other things, and here they were confirming that he is him, the person he claims to be. "Your registration has been completed" – that's what the email says. And polite to a fault, Digidentity even said: "Thank you for registering".