Make it easy for people to self-serve online and that is
what the vast majority of people will elect to do. Public sector organisations
have invested millions in putting key services online and have also spent a
significant amount of money making us aware of them. For these organisations it
means that they can reduce costs associated with delivering ‘manned’ service
and for the citizen it means they can get access to the information and
resources they need 24/7.
If you have used any of these services you will know that it
is something of a mixed bag when it comes to the user experience. Renewing car
tax for example is a relatively straight-forward process that saves a visit to
the Post Office, but dealing with certain elements of the HMRC website offers
an altogether different experience. Then, if you have to pick up the phone and
choose the wrong time of day to do so you can expect an excruciatingly long
wait. A quick search on Twitter and you will see what people have to say.
One of the problems people have when dealing with public
sector organisations is the fact that we do not need to engage with them very
often, but when we do it is inevitably for something important. As a result of
this infrequent usage I for one without fail will fall at the first hurdle - passing
through the Gateway.
The Government Gateway account is something you must sign-up
for to access HMRC online services and it is essentially a username and
password. However, it isn’t a username of my choosing and it consists of 12
randomly generated numbers. So, when I need to file my tax return it isn’t
getting my accounts in order that creates the stress, but trying to remember
where I jotted down the username and password when my account was first
activated (which was some years ago). It is frustrating and can be more than a
little concerning, especially if filing a return at the eleventh hour to avoid
a penalty!
As a citizen I have no choice. Yet, as a customer shopping
online I know the power of the pound in my pocket and if I am not getting the
service experience I expect then I can vote with my feet. These commercial
organisations know this and there is a groundswell of activity at the moment to
improve how customers can login and authenticate themselves. But just because
government organisations do not have to change it doesn’t mean that they should
not evolve their identity verification and authentication processes.
Step forward the much debated and anticipated replacement to
the Government Gateway. The GOV.UK
Verify initiative is being closely observed by governments around the world,
as a new way to improve the verification of a citizen’s identity (replacing
archaic face-to-face and postal methods used currently). In many respects GOV.UK Verify is a great
idea. It gives the user a choice of
which specialist third-party organisation they can use to initially validate
their identity (it should take around 15 minutes) and after this one-time-only
process the user then simply logs in. But for me it is here at the
authentication stage that this fantastic innovative project falls down, as it
reverts to the standard username and password, which is my bugbear with the current
Gateway.
I had hoped that such a trailblazing and forward-looking
project would have looked beyond passwords, especially given the raft of
compelling one and two factor authentication alternatives that are being
adopted in private sector (and indeed some public sector) organisations right
now.
I of course appreciate and value the prospect that GOV.UK
Verify will hopefully improve the protection of my data from the increasingly
resourceful professional cybercriminals or opportunists. And, I also look favourably
on the new front-end interface (it could not have been much worse!). However,
from a user experience perspective (and I am taking as a citizen/customer
rather than an authentication expert) it does not satisfy my expectation for a fast
and secure authentication experience.
I cannot help but feel that they have stopped just one step
too short, and if they had taken this single step they could have made an
exciting project a truly ground-breaking initiative that would set the standard
for not only other public sector organisations but private sector businesses to
follow. My hope is that as the service
is rolled-out and bugs are ironed out there will be a planned phasing out of
the password in favour of something that will enhance and does not inhibit the
customer experience.
Author: Fred Astfeldt