Identity Revocation and Repair – Concluded
There will continue to be instances of identity fraud, for example where a user’s digital identity account is compromised, either lost or stolen, or where another person’s identity details are used to create a fraudulent account with an Identity Provider. In such instances an individual (user) whose identity has been compromised will need to ‘repair’ their digital identity. Relying Party organisations will have to repair the damage caused by these fraudulent transactions.
The current GOV.UK Verify operations manual requires individual Identity Providers to be able to repair digital identities. However, Identity Providers will need to collaborate with one another to develop identity repair services so that Relying Party organisations understand how to respond when instances of identity fraud are notified.
This project explored how users expect an identity repair service to work in a manner that respects their privacy and maintains their confidence in the Verify scheme. The project tested out an online identity repair function, which canvassed users’ channel preferences for contact during the interaction- online, telephone or face-to-face, in order to understand which are most appropriate. It also considered how identity repair services should be branded and initiated.
Penny Newton, GDS
Learn about the results of this project in the White Paper.