Australia’s TDIF Expands Digital Identity Exchange Accreditation Scheme
Eftpos (electronic funds transfer at the point of sale) has become the first accredited non-government operator of a digital identity exchange under the Australian federal government's Trusted Digital Identity Framework (TDIF).
By becoming an accredited operator, Eftpos’ ‘connectID’ can now facilitate online transactions requiring a digital identity from Australians.
Eftpos went live with connectID in June as a fully-owned subsidiary of the organisation and as a standalone fintech company. It has been set up to act as ‘broker’ between identity service providers and merchants or government agencies that require identity verification, such as proof of age, address details, or bank account information.
It has been designed to work within the TDIF and the banking industry's TrustID framework.
Although the Australian government has its own digital identity solution with myGovID, Eftpos has previously said its solution could provide a ‘smoother, faster, and more secure onboarding experience, including for government services’.
Eftpos has also assured that connectID does not store any identity data.
‘A safe, thriving digital economy is the best way we can grow the Australian economy. A safe, thriving digital economy is not possible without digital identity - that is, a safe, secure, and convenient way for Australians to prove their identity online,’ Minister for Employment, Workforce, Skills, Small and Family Business Stuart Robert said.
‘Through accreditation, we make sure Australians and Australian businesses can have trust and confidence that their personal information is safe and secure.
‘As an accredited provider, Eftpos has demonstrated that connectID is trustworthy, safe, and secure and has met strict usability and accessibility requirements. I congratulate Eftpos for being the first private identity exchange to be accredited under the TDIF.’ Eftpos applied for accreditation in May. The federal government's myGovID was the first to be granted a TDIF accreditation, followed by Australia Post's Digital ID. Last month, OCR Labs became the first accredited non-government operator to provide digital identity services to the private sector.
‘TDIF accreditation is a big step forward for Eftpos and industry to help bring the benefits of digital identity to more sectors of the economy. It is a significant and tangible milestone in the rollout of Australia's digital identity ecosystem and comes after months of rigorous assurance evaluations and privacy and security testing,’ Eftpos CEO Stephen Benton said.
According to Eftpos Digital Identity Managing Director Andrew Black, the company is looking to use connectID to help businesses address issues in areas such as commerce onboarding, recruitment, responsible gaming, anti-money laundering and identity verification.
The news follows Mastercard and the Digital Transformation Agency (DTA) announcing plans to scope out how the former's digital identity service could enable Australians to digitally verify their age and identity.
Mastercard is also seeking accreditation under the TDIF.
If granted, Mastercard said it would enable consumers to create a reusable digital identity using official identity documents, such as passports, driving licences, as well as protect digital identity data using encryption and facial biometrics.
Last year, Mastercard announced the expansion of the trial for its digital identification service, following the successful completion of phase one with partners Deakin University and Australia Post.
Announced in December 2020, the three parties started two trials. The first was for an identity verification process of student registration and digital exams at Deakin's Burwood and Geelong campuses in the state of Victoria, and the second integrating Mastercard's digital ID solution with the one the postal service had been working on.
The pilot saw students create a digital identity in Australia Post's Digital ID app and use it to gain access to Deakin University's exam portal. Mastercard said the ID successfully orchestrated the sharing of verified identity data between the two parties, sending only the specific personal information required to permit entry using its network.
The three organisations expanded the trial to verify students taking exams online.
In June 2021, the Australian government published a consultation paper on digital identity that indicated legislation would enter Parliament later this year to allow non-government entities to provide digital identification services to Australians.
Under the TDIF, the set of rules can only be applied to Australian government entities -- it can't be applied to states and territories, or to the private sector – which is why legislation is required.
The Digital Identity Legislation is hoping to ensure privacy safeguards are in place, such as limiting access to biometric information, but it will include the ability for users to consent to their biometric information being accessed for fraud or security investigations.
Subscriber content
Read the full article
Full access to ID & Secure Document News articles, newsletters and archives.