The government’s new flagship digital identity programme, GOV.UK One Login, risks ending up like its predecessor, the widely-criticised Verify system, IT experts have warned. Their comments come after the Cabinet Office announced that 1.5 million users had signed up to the service, which aims to provide a single log-in which can be used by citizens across all government websites.
The Cabinet Office says it aims to have over 100 services running on GOV.UK One Login by 2025, though as of this month only eight are using the app for authentication. These include the Disclosure and Barring Service (DBS) and the Department for Education for “one-off” tasks such as requesting a basic DBS check or registering as an Ofqual advisor.
Verify was launched in 2013 and billed as a single system to prove identity across government departments, but take up of the system was patchy, and a 2019 investigation by the National Audit Office found that Government Digital Services (GDS) had consistently missed its targets and gone over budget on developing the platform.
It was being used by 19 different service when it was decommissioned before Christmas, and questions have been raised why only eight of these 19 services have transferred directly to One Login. What’s more, only four of the services on the new platform actually require identity verification.
Is GOV.UK One Login more versatile than Verify?
Verify was criticised for not being user-centric enough, and Rob Anderson, public sector research director at Global Data, told Tech Monitor that it seems like GDS is making the same mistakes with the new platform.
“[Verify] wasn’t meeting the needs of the users, which were the government departments who needed to come board,” Anderson says. “I think now [with One Login] they started too simply. They thought ‘if individuals had one login they can go across to any service in government without thinking’.”
But Anderson says that GDS doesn’t appear to considered whether this will work in practical terms, given that different departments need to be different levels of authentication. “Rob Anderson to HMRC won’t be the same as Rob Anderson to DWP,” he says
Indeed, in this respect One Login does not yet appear to be living up to its name. One of the first services using the app for authentication is the DBS, which is utilising One Login for basic checks requiring an individual to prove who they are. However, when Tech Monitor pressed the Cabinet Office about why DBS standard and enhanced checks weren’t able to use One Login, they said that it was due to the checks being done on “different systems” and that the latter checks must be applied for via third-party registered bodies.
IT consultant David Moss, who tracks GDS projects and is a long-time opponent of ID cards, concurs with Anderson: “One of the problems with Verify was you couldn’t issue an ID to a company, which meant it was useless to HMRC,” he says. “Can One Login issue an ID to a company? It doesn’t look like it at the moment.”
Citizens do not want greater data sharing between departments
A lack of user-centricity is evident from the government’s consultation over draft legalisation for One Login, says Moss. The government published its response in May 2023, alongside public responses to the consultation. As part of it, 73% of “in-scope” answers disagreed or strongly disagreed that the data sharing across departments would improve or target service to individuals or would provide them with a benefit.
“The main reasons for this were concerns around erosion of data privacy and protection, data security against cyber attacks and a general mistrust in government use of personal data for wider policy issues,” the consultancy paper says. “For the majority of respondents, these concerns outweighed any improvements in public service delivery.”
A further 89% disagreed or strongly disagreed that the Cabinet Office, Department for Transport, Department for Environment, Food and Rural Affairs or the DBS should be able to “share data to improve or target public services under specified objectives”.
Moss says pressing ahead with GOV.UK One Login shows a disregard for the views of those who were consulted. He argues this stems from a belief within the Cabinet Office that government could share citizens’ personal information to create a “perfect public administration”.
“That’s the theory; it’s never happened,” Moss says. “All we’ve got is a sort of an instinctive desire to ‘give me more and more data, and let me share it with less and less controls’. They don’t actually have the least idea how to improve public administration.”
Will GOV.UK One Login face more delays?
There is also a question mark about whether GDS will meet its deadline for 2025 for onboarding 100 services. Anderson believes that it could take another five years for a fully functioning service to emerge.
“I would be surprised if it was truly running fully before the end of the next government,” he says.
Moss is less optimistic. “We’re just waiting for it to be cancelled,” he says, adding that though there might be a “follow-on project” afterwards, he believes there is “no chance whatsoever” of One Login meeting its stated aims.
“This has been so slow, there’s no progress,” he says “They’ve never come up with an imaginative, new transformed public service. All they do is copy what’s gone before and put a new website in front of it.”
The Cabinet Office says GOV.UK One Login will replace the current 191 different ways people have to set up accounts with government departments, which come with 44 different sign-in methods. Slimming this down into a single platform will save over £700 million of taxpayer’s money, it believes.
Announcing the launch of the service last month, Cabinet Office minister Alex Burghart said: “For millions of people, GOV.UK and online public services are their main daily interaction with the government. The public rightly expect government services to be fast, simple and easy to use.
“That’s why I am pleased that the GOV.UK One Login programme will deliver on that promise, cutting down duplication and providing a single way for people to access public services. This saves taxpayer time and money, while helping us reduce fraud and provide more efficient and effective services.”