Credit: Pixabay

The Government Digital Service has floated a multimillion-pound contract for a supplier to support the creation of a mobile app through which citizens can verify their identity in order to access government services.

The digital agency is currently working on the One Login programme, the aim of which is to replace a patchwork of more than 100 different accounts currently in use across online government services with a single, unified process. As part of this project, GDS is also to create a GOV.UK app which will allow users to access a comprehensive range of services across departments.

Integrated with the login platform, which will also allow citizens to access services via web browsers, will be a specially created native mobile app to check and validate users’ identity. To support the development of this app, GDS is looking to appoint a supplier partner to a two-year contract worth up to £4.8m.

The chosen partner will be tasked with delivering an application that works on both Apple and Android devices and incorporates near-field communication – the technology behind biometric passports and contactless payment systems.

“An important feature of many identity checking systems is the ability to scan documents using the NFC capability of modern smartphones,” the contract notice said. “In order to offer a best-in-class identity check to users, GDS will need to incorporate this functionality.”

It added: “GOV.UK is optimised to work well on mobile; in 2020 at least 75% of GOV.UK traffic came via mobile. We must now determine the evolution of this experience, ensuring that GOV.UK continues to offer solutions that are relevant and efficient for all users, including those whose interactions would benefit from being app-based.”

Related content

• GDS floats two £2m contracts to progress single sign-on plans
• Government says ‘lack of mandate’ contributed to muted Verify uptake
• GDS boosts developer ranks

Work will take place according to individual outcome-based statements of work (SoW) which will be issued throughout the course of the contract – which includes a break clause halfway through its 24-month term. Once an SoW has been issued, the supplier will be expected to “rapidly onboard resources to meet outcome deliverables for each SoW within 5-10 days”.

“We envisage this work to be done by multidisciplinary teams comprised of roles such as: engineering lead; software engineer; technology architect; delivery manager; product manager; service designer; interaction designer; content designer; user researcher; [and] business analyst,” the contract notice said. “The teams will be decided by the supplier based on the deliverables agreed for each SoW.”

In addition to supporting the creation of the identity check app, the chosen provider will also be asked to “support discovery research to test the needs and value that could be met through app-based government information and service delivery”.

The engagement will also require the firm in question to help the government agency “in growing its permanent engineering capability in native-app development.” The development of the GOV.UK app marks a departure from GDS's founding philosophy of "no apps" by default; the agency has previously encouraged government digital teams to instead focus on delivering high-quality and mobile responsive web services.

But, according to the contract notice, GDS now "has a strategic desire to develop its in-house app development capability by onboarding and training permanent civil servants to support these products over the long term".

Bids for the project are open until midnight on 2 November, with work scheduled to start on 3 January. At time of writing, 15 suppliers – including 11 SMEs and four large firms – have started making an application via the government’s Digital Marketplace procurement platform.

Mistaken identity
The new identity-checking tool will replace the outgoing and little-loved Verify platform. Having launched four years behind schedule in 2016, the identity assurance technology has seen tepid adoption from the outset both citizens and government departments, and has fallen a long way short of delivering the projected financial benefits.

A scathing report from the Public Accounts Committee in 2019 claimed that the £200m-plus spent on developing the technology – on which £11m is still being spent each year – had delivered a tool “that is not fit for purpose”.

“Verify was characterised by poor decision making by the Cabinet Office and GDS, compounded now by their failure to take proper accountability,” MPs said.

Appearing before the same committee last month, Tom Read, who was appointed as GDS chief executive earlier this year, said that the project to build the new government-wide login is taking care to avoid replicating the mistakes made during the development of Verify.

“With the Verify programme, the technology approach and the overall design was baked in right at the beginning,” he said. “The founding principle was ‘we will use external providers to prove somebody’s identity, [who will] then just say “yes” or “no” back to the service… which is very good for protecting citizens’ data. But what wasn’t done is proper, iterative testing with real users to see if that worked – and we now know that that doesn’t work for around half of the users who use it.

“What we are doing instead [with One Login] is working with departments across government  – with the frontline of departments – to say: ‘let’s learn more about how your users work, and we will build a solution for that works for that set of those users’. Then we will go to the next set of users to see if that works and, if not, we will need to pivot and will need a slightly different solution.”

He added: “What we are seeing already is, if we had made technology decisions right at the beginning, we would be dead wrong already. We have already seen that there are people who… have a passport, a driving licence and a mobile phone. Then there are other users that do not have any of those things, and they have very messy, chaotic lives. And our agile iterative approach has proved that we need completely different solutions for those different types of users, and we are going to be iteratively building them and rolling them out, and we will be able to stop or change at any point on the way through.”