Australia releases first component of the Trusted Digital Identity Framework
On Feb 21, Australia has released the first component of the Trusted Digital Identity Framework — an important milestone in the development of a digital identity solution for Australia.
According the Digital Transformation Agency of Australia (DTA), the framework outlines the robust accreditation standards organisations must meet in order to be accredited to provide digital identity services.
The Trusted Digital Identity Framework replaces the National e-Authentication Framework and Third Party Identity Services Assurance Framework.
As reported last November, the Australian Government launched a public consultation and released a draft of the Trusted Digital Identity Framework.
The Trusted Digital Identity Framework outlines requirements for security, usability, privacy protection, accessibility, fraud protection and risk management. Providing a standard for digital identity in Australia, it aims to make sure all users have a safe and secure way to connect with government services online.
During the public consultation, the DTA received over 1,000 comments from the financial sector, privacy advocates, digital identity experts and the public which helped to develop the standards shape the framework.
This set of 10 newly released component of the framework outlines the standards for identity services for individuals, covering issues like: (1) accreditation process, (2) authentication credential requirements, (3) fraud control requirements, (4) identity proofing requirements, (5) privacy requirements, (6) protective security requirements, (7) risk management requirements, (8) usability and accessibility requirements, (9) protective security reviews, and (10) community and industry feedback.
The Trust Framework Accreditation Process includes a number of accreditation activities and involves a combination of documentation, independent evaluations and operational testing that the applicant must complete to the satisfaction of the Trust Framework Accreditation Authority in order to achieve accreditation.
According to the Authentication Credential Requirements, there are 3 Authentication Credential Levels depending on level of assurance. Each of the Authentication Credential Level has a different set of authentication protocol.
The other part of the digital identity system is the verification and authentication technology which is currently in beta development.
Later this year, the Australian Government will release additional components which will manage an offline option for creating a digital identity and standards to authorise individuals to act on behalf of a business.
These components will help remove the barriers for people who do not have the required documentation to create their digital identity online. It will also simplify the interactions business people have to have with government to get their work done.
DTA is working with government agencies, the private sector and the public to design and implement a digital identity solution for Australia. Other than the Trusted Digital Identity Framework, the DTA also manages the Gatekeeper Public Key Infrastructure Framework which governs the use of digital certificates by Australian Government agencies.