Government says ‘lack of mandate’ contributed to muted Verify uptake
Official response to select committee agrees with finding that ‘GDS’s inability to get buy-in from departments ultimately led to Verify’s failure’
The government has said that “the lack of a mandate” for organisations to use GOV.UK Verify contributed to the service falling massively short of its targets for adoption.
Earlier this year, MPs on the Public Accounts Committee published a scathing report on the Government Digital Service project to deliver the identity assurance tool. The committee reached six conclusions, each of which came with a related recommendation.
The first conclusion was that “GDS has failed to meet any of its original performance targets for Verify and vastly overestimated the benefits it could achieve”. MPs recommended that government respond to address “the lessons it has learned from the failure of the Verify programme”.
In its newly published response, the government has said that it believed that “the Verify programme has delivered on three of its four original objectives”. These are the development of “world-leading standards” and a “secure technical platform”, as well as a “procurement framework for identity services”.
However, the response acknowledged that “there are lessons to learn on the performance targets”. GDS set a target of attracting 25 million users for the service. As it stands, just five million are registered, who can use Verify to access 21 government services.
- MPs call on Cabinet Office and DCMS to up the ante on improving Whitehall data use
- GDS chief on why digital agency should be ‘cajoling’ departments towards new tech
- New Verify chief stresses importance of market engagement
“The lack of a government mandate may have contributed to Verify not having achieved the scale promised,” the response said. “The reliance on, and pace of, the digital transformation of government services – as a prerequisite for using digital identity – could have been made explicit and called out as a risk.”
MPs also concluded that “people using Verify have been badly served by an onerous system that is not fit for purpose”, and asked that GDS put in writing the changes it is making to improve how the service works for Universal Credit claimants. Work has begun on improving Verify, the government said.
“The improvements undertaken to date have focused on an overall review of the service to identify where Universal Credit claimants have most difficulty, that analysis has been utilised to make changes to the design and content to make the customer journey clearer,” it said. “Additional data sets have also been integrated to increase the success rate and a number of tests are ongoing with the identity providers to further improve the customer experience and gain a positive outcome.”
The government disagreed with a supplementary recommendation that it should set specific targets for how many people use Verify to apply for Universal Credit.
As the digital identity platform heads for private sector ownership, the DWP “needs to understand the future commercial framework including costs and operating model in order to make sensible decisions”, the response said.
The committee found that “GDS’s inability to get buy-in from departments ultimately led to Verify’s failure”. It recommended that, for similar Cabinet Office-run programmes in the future, it the initial business case “should outline how it will get buy-in from departments and other key stakeholders, and what action [it] will take should departments go back on their commitment”.
The government response said: “The Cabinet Office accepts that departmental commitment is essential when implementing cross-government programmes, and that this should be built into business cases and plans from the outset.”
The government agreed with the committee’s recommendation that, for any other programmes of work at risk of failing, it “should ensure accounting Officer assessments are conducted at the proper time”.
The Cabinet Office accepts that departmental commitment is essential when implementing cross-government programmes, and that this should be built into business cases and plans from the outset
It also agreed to set out a “ detailed plan for how Verify’s services will be maintained after 2020” as well as taking “urgent action to clarify the value of Verify’s intellectual property”.
In the first case, it said: “The creation of a new Digital Identity Unit, which is a collaboration between DCMS and Cabinet Office, will help bring the public and private sector together to ensure the adoption of interoperable standards, specification and schemes, and deliver on the outcome of the consultation. Additionally, the start of engagement on a commercial framework for the government to consume digital identities from the private sector from April 2020 will ensure the continued delivery of public services. This commercial engagement is underway with government services to ensure the new framework meets services’ needs.”
In relation to the value of the intellectual property of Verify: “The identity providers own the intellectual property for the systems they have developed in order to create and verify identities. In line with government’s Service Standard, the technical components which have been developed for Verify are largely published as open-source code."
Share this page
CONTRIBUTIONS FROM READERS
Please login to post a comment or register for a free account.
Role comes with a remit to work with current and former military personnel, as well as officials and commercial suppliers
In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...
The question is not whether a diversity of talent exists, but how do we enable all to move forward in industry, according to Leah Thompson from the University of Oxford
Alex Chisholm reveals more than 2,000 DDaT professionals joined the civil service during a six-month period last year
Related Sponsored Articles
The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...