Embracing the need for change
We live in a world where technology has become as ubiquitous as the air we breathe. Yet when it comes to something as fundamental as proving our identity, many of us still rely on physical documents such as a passport or a physical certificate.
Paper-based credentials present major challenges around ease of access, accuracy and data security. They also put people at greater risk of identity theft as physical documents are more susceptible to being stolen, forged, lost or altered.
Our client has long been an advocate for digitizing identity credentials and documents. This journey to develop a nationwide digital identity certificate marks a significant step in fast-tracking the nation’s digital future.
Partnering to deliver better services for citizens
Primary forms of identification are used for many of life’s major events such as enrolling a child in school, opening a bank account, applying for a driver’s license, or getting a marriage certificate. They are also one of the main forms of identification for people who for some reason cannot, or choose not to, obtain a driver’s license.
After a competitive tender and procurement process, Thoughtworks was selected to build the digital identity certificate based on our deep expertise in Agile software delivery on native iOS and Android platforms, our innovative approach to human-centered design, and a shared commitment to deliver better outcomes for citizens.
We brought together a cross-disciplinary team made up of civil servants, designers, technologists, analysts, and product managers to build the digital identity certificate, providing members of the public with the ability to positively establish their identity while maintaining security and control over their personal information.
Building a secure and scalable platform
Thoughtworks built native iOS and Android apps where users can store, view and share digital identity certificates for themselves and their families. The app was developed with a focus on trust and user experience, as well as inclusion and accessibility to accommodate the needs of special-needs and vulnerable users. Key features of the app include:
Self-sovereign identity to empower individuals with enhanced security, flexibility and ownership of their personal information. We built security into every aspect of the product, from features and architecture, to technical design and development practices. Additionally, we implemented modern security practices, like multi-factor authentication and biometric verification, bolstered by robust encryption and validation mechanisms to prevent certificate tampering.
A consistent experience for everyone regardless of their ability. Our approach to design and development was guided by a strong focus on accessibility, and we adopted inclusive design best practices. We regularly tested and gathered feedback from a diverse set of participants who use screen readers, have low vision, or are neurodiverse. The app is Web Content Accessibility Guidelines (WCAG) compliant with a Level AA rating.
A digital identity app that is trustworthy. We partnered with an independent advisory practice to create a future product roadmap, including a set of governing rules and policies to make the digital identity certificates verifiable.
We adopted a thorough risk-based approach to systematically identify product risks, quantify their significance, and prioritize preventative and detective controls to safeguard the confidentiality, integrity, and availability of the system and its data. This helped assure citizen privacy protection and data security, from the system of record through to the certificate in the mobile device.
Building a modern, native mobile delivery platform also required secure, scalable and decoupled integration to the client’s backend systems. To support the certificate deployment, the mobile app was developed with backend infrastructure from Amazon Web Services (AWS). This provided a foundation for a cloud-based national platform that connects other certificate providers across different states, while ensuring personal information and data is securely handled from design to release.
The beginning of a new era for digital identity
A pilot program for the digital identity certificate launched for over 18,000 people in early 2024. In addition, one hundred clients from a leading national provider of services for people with blindness and low vision will be invited to the pilot program to test the accessibility features of the digital certificates.
This journey continues the era of digital identity. The digital identity certificate is expected to be widely accepted as personal identification by government authorities, businesses, schools and sporting organizations.
Our client’s vision is for the digital identity certificate to become the foundational platform for the digitization of other life event products (such as marriage and death certificates) to be rolled out across all states and territory registries across the nation.