Commonwealth, state and territory digital ministers have signed off on sweeping identity reforms, designed to make Australians’ digital identities harder to steal, and easier to restore.
After a Data and Digital Ministers’ meeting last week, the group published a National Strategy for Identity Resilience [pdf].
Under the strategy, the ministers have pledged to make government-issued digital IDs more interoperable.
In addition, for those caught up in a data breach, they agreed to make ID credential revocation and reissuance processes more consistent, and to make clear who should bear the cost of remediating credentials.
The objective is to create “a nationally consistent approach to identity resilience, with all jurisdictions working together on common objectives, standards and practices.”
The ministers have also endorsed an approach to identity that minimises data collection and retention, so the strategy seeks to allow “government agencies and businesses to verify identity while minimising their collection of personal information”.
As part of minimising data collection, the governments will update the National Identity Proofing guidelines, used by both governments and the private sector to determine how much information constitutes a proof of ID.
Two key initiatives are promised in the three-to-five year timeframe: improvements to the credential protection register; and the introduction of mobile phone trust scores.
The credential protection register was created in October 2022, and is designed to help block stolen credentials being used for fraudulent purposes.
Further development promised in the strategy includes giving individuals better control of their credentials; and to make the register more sophisticated.
Mobile phone number trust scores “would allow telecommunication providers to assign trust scores to mobile phone numbers based on risk factors such as recent SIM swaps, tenure of phone plan and virtual private numbers,” the strategy stated.
“The trust score will help to prevent mobile phones being used to facilitate fraud.”
In the longer term, the ministers would like to see digital IDs reissued through digital wallets, the strategy states.