IDA is the Cabinet Office Identity Assurance programme. And it's dead.
In his serious youth DMossEsq read Strange Life of Ivan Osokin: A Novel by PD Ouspensky. Chapter 1 opens with:
Chapter 26, The Turn of the Wheel, opens with:.
ON THE SCREEN a scene at Kursk station in Moscow. A bright April day of 1902. A group of friends, who came to see Zinaida Krutitsky and her mother off to the Crimea, stand on the platform by the sleeping-car. Among them Ivan Osokin, a young man about twenty-six ...
You get the idea. There's no need to read the intervening chapters. The wheel keeps turning. It's one of hundreds of drearily portentous novels ideal for a certain sort of moody and ignorant teenager. The last words are, predictably:
ON THE SCREEN a scene at Kursk Station in Moscow. A bright April day of 1902. A group of friends who came to see Zinaida Krutitsky and her mother off to the Crimea stand by the sleeping car. Among them is Osokin ...
Profoundly ignorant of course, but not moody enough, DMossEsq had forgotten all about the ghastly Ivan until yesterday, and the publication on the Government Digital Service blog of What is identity assurance? by Janet Hughes.
Osokin looks round, and suddenly an extraordinarily vivid sensation sweeps over him that, if he were not there, everything would be exactly the same.
Here we go again:
Identity assurance is a new service that will give people a secure and convenient way to sign in to government services.
The wheel will turn. We know that. Please see Identity assurance. Only the future is certain – doom 1. RIP IDA.
PD Ouspensky writes:
On her Twitter account Janet Hughes is shown eating a takeaway at what looks like a station.
But which station?
Surely ... no ... it can’t be ... Kursk?
"Identity assurance is a new service that will give people a secure and convenient way to sign in to government services", say GDS. Anyone clicking on the link provided by DMossEsq on the word "secure" is taken to his post Hyperinflation hits the unicorn market, which casts doubt on GDS's or anyone else's ability to offer security on the web. It's an attractive object, security, but like unicorns it doesn't exist.
People are well-advised to regard promises of on-line security with scepticism – "We live on a diet of data hacking stories fed to us by the media. Have done for years", says the unicorn post. And anyone clicking on that link is meant to be taken to DMossEsq's list of hacking stories. That list is maintained on http://DematerialisedID.com, an old website of his which, on Thursday, was obliterated by some eHooligan.
It's annoying but in a small way it does sort of make the point, doesn't it? Security?
DMossEsq and his ISP are currently working to resume normal service. In the meantime the list of hacking stories has been moved to here.
Take a look at some of the hacking stories there. Or here. Or take a look at the Home Office's latest attempt to warn people about on-line security. Then ask yourself, how confident are you that GDS can offer security for your personal data stored in their identity assurance system. You be the judge. No-one else will.
What is identity assurance? offered "a new service that will give people a secure and convenient way to sign in to government services". Can GDS deliver on that offer?
The question is taken up in a new post today, Security and convenience: Meeting user needs. Security is a user need and "if we don’t fulfil this need, digital services won’t be trustworthy or trusted, so people won’t want to use them". Yes. Obviously.
GDS are due to start testing IDA in the next few weeks with a view to having some services live by the end of the summer with hundreds of thousands of members of the public using them, if not millions. There's not long to go. What are GDS doing about this user need?
Their answer is "we’re trying to stimulate a competitive market for identity assurance as the quickest and most effective way to close the gap between solutions that are convenient and those that provide security ... We expect to see new methods emerge that are more convenient for end users but satisfy the required standards".
IDA goes back to a meeting held on 20 September 2010 if not earlier. Three-and-a-bit years later and they're still "expecting" to see a number of solutions "emerge"? That's the GDS approach to public services?
Good luck with that.