New Zealand’s Digital Identity Services Trust Framework goes live on November 8, focusing on regulating digital IDs. It operates on an opt-in basis, with no central data storage, requiring consent from users for each transaction. Accreditation for identity service providers is not mandatory but grants a trust mark, fostering safety and privacy in digital interactions. The authentication framework includes four assurance levels, emphasizing the role of biometric verification.
New Zealand’s Digital Identity Services Trust Framework (DISTF) is set to launch on November 8, marking a significant step in regulating digital identities in the country. This framework will establish rules and an accreditation system for digital identity services, promoting secure and user-consented interactions online and offline. The introduction of the Trust Framework aims to enhance accessibility to digital IDs, requiring a variety of identity service providers to effectively serve the community.
A dedicated webpage by the Department of Internal Affairs outlines the benefits of digital identity, usage scenarios, and a complaints process. It also displays the accreditation mark for trusted service providers, along with key principles guiding the framework. The legal groundwork for the DISTF was laid in legislation passed last March, with specific provisions taking effect as of July 1.
Minister Judith Collins highlighted that the Trust Framework paves the way for potential innovations, such as mobile driver’s licenses and bank IDs. In the framework, digital identity services operate on an opt-in basis, requiring user consent and avoiding central data storage by utilizing a decentralized approach. This allows users to initiate data transactions through access requests, ensuring privacy and control over personal information.
Applications for digital identity service accreditation are expected by year-end, submitted to the Trust Framework Authority. The accreditation assessment evaluates operational capabilities, adherence to identification standards, and privacy-security measures. Accredited providers will receive a trust mark valid for three years, which helps clients identify reliable services, although accreditation is not mandatory to operate in New Zealand.
The authentication assurance standard divided into four levels provides a structured approach, where levels one and two feature minimal requirements. Level three mandates multifactor authentication, while level four necessitates the incorporation of biometric factors. Furthermore, a security protocol involves triggering an account block after 30 consecutive authentication failures, ensuring additional scrutiny against potential security breaches.
Biometric authentication is equipped with liveness detection systems to meet the ISO/IEC 30107-3 standards and must effectively counteract 90% of attacks. Biometric systems should also maintain a false positive rate of less than 0.01%. Guidance templates for identity service providers will soon be published by the DIA, further supporting the framework’s implementation.
The Digital Identity Services Trust Framework represents New Zealand’s effort to regulate digital identities comprehensively, ensuring user safety, privacy, and security across various platforms. With a decentralized model, these services allow individuals to maintain control of their own data rather than relying on central repositories. This framework lays the groundwork for upcoming technological advancements in digital authentication, striving for higher standards in user identity verification and protection.
The implementation of New Zealand’s Digital Identity Services Trust Framework signifies a commitment to secure and user-centric digital identities. By mandating user consent and decentralizing data management, the framework aims to enhance trust in digital services. As the system rolls out, the anticipated innovations, including mobile IDs and bank certifications, reflect a forward-thinking approach to identity verification in a digital age.
Original Source: www.biometricupdate.com
