Site navigation

Flexibility Key to Success of Digital Identity Plans

Ross Kelly



A report suggests that the continued development of Scottish digital identity programmes requires flexibility in order to cater to the needs of a diverse population.

The Scottish Government has an ambition to make Scotland a truly digital society, a world leader in digital inclusion with digital ‘at the heart of everything we do’. To make this ambition a reality, one fundamental requirement is a the provision of a robust and secure digital identity for every person in the country.

Creating a verifiable and secure digital identity is not a simple task. Requirements to scan documents, visit offices or provide official correspondence from suppliers may work for some, but it can exclude some of the most vulnerable people in society.

A new report on the various digital identity options for Scottish citizens has highlighted concerns over the adoption of the UK Government’s Verify as a national system and implies that people should have a greater variety of choice when choosing identity providers.

The report, compiled by Consult Hyperion and ASE, assessed the discovery phase of the Scottish Government’s Online Identity Assurance Programme that was launched last year. The Identity Assurance Programme aims to build a framework by which people are able to prove their identities through accessing digital public services.

Adopting a flexible approach to meet the needs of Scotland’s varied population demographics is critical to ensuring that digital identity programmes are inclusive and highly accessible. As Scotland continues to develop its digital infrastructure, the necessity of digital citizenship grows.

To prevent citizens from being left behind during this transition, the importance of digital verification cannot be understated.

A Flexible Approach

Scotland aims to take a flexible approach throughout development of digital identity, with the aim to to “support different Identity Providers, as the landscape evolves” and to meet the tailored needs of the population.

During the discovery phase of the programme, the Scottish Government looked at a broad range of identity services available, including Verify, fintech start-ups and the myaccount service – the latter of which already provides digital identity services for Scottish local authorities.

From a technical perspective Verify is “well placed to provide assured digital identity services”, however the report added that there are potential issues with its “current reach”. Additionally, it also recognises that there are “other players in the market that could provide plausible alternatives”.

Myaccount also faces difficulties as a viable option as it does not offer a sufficiently strong level of authentication, whereas fintech providers may be able to offer just that.

Examination of Identity Pools

The programme board also examined the reach of current identity services in Scotland, highlighting that programmes with existing users have the potential to provide “quick wins” due to initial volumes.

The paper said: “Today there is no single pool of digital identities that the Scottish Government can leverage to address a significant proportion of the Scottish population.”. It added that the government should, in turn, measure the reliability of alternative data sources such as local authority data, school data and national entitlement cards and use these sources as a means by which to “provide routes for as many people as possible” to obtain assured digital identities.


User Concerns

A blog post on the Scottish Government website highlighted that consultation with users raised three main areas of concern, including:

  • Convenience
  • Data Privacy and Security
  • Barriers to Accessibility


Respondents regularly expressed concerns over the complexity and apparent fragmentation of services. Application and assessment processes are said to often involve sending originals of documents to each individual agency; a laborious task for a programme that seeks to streamline citizenship.

Respondents highlighted a clear demand to make people’s lives easier by simplifying processes for public services through giving permission for data to be stored and/or shared. Additionally, improving the process of creating and authenticating identity in order to apply for and transact with private sector services is needed.

Maintaining consistency of service could prove a key factor in ensuring that Online Identity Assurance services are a success. Respondents insisted that consistency must be maintained in regards to language, visual appearance and functionality in order to provide easy navigation of online platforms.

Data Privacy and Security

Respondents appear to have mixed reactions over the handling and storing of personal data, with both private and public sector being cause for concern. Some people were more comfortable with private organisations, such as banks, holding data, yet were distrustful of government services.

Alternatively, there was a significant distrust of government holding user data. This perfectly illustrates the need for a variety of options to suit different peoples concerns and mindset on the issue.

There were genuine concerns raised over the security of data being held centrally. The risks and implications of having a single online identity that provides access to multiple services were of significant interest to a number of respondents.

Barriers to Accessibility

A lack of digital skills, available technology or internet access at home were all cited as main barriers to accessing public services among respondents.

Smartphones are a staple aspect of day-to-day life in 2018, with around 70% of people in Scotland owning smartphones according to Ofcom. Additionally, for over 40% of people nationwide, smartphones represent the most important device for accessing the internet. The report suggests that any solution to Online Identity Assurance must work easily on a mobile phone.

Continued Development

The programme is set to move into its alpha phase in August for a period of six to nine months. This period will aim at developing a prototype and will be followed by a beta phase – scheduled to begin in April 2019.

The alpha phase will help establish whether the programme should continue on its current trajectory or whether it requires “redesign or restructuring”.

Ross Kelly

Staff Writer

Latest News

Data Protection Trending Articles
Energy Government
%d bloggers like this: