Winfrasoft News: How GOV.UK Verify Has Stopped Short Of Delivering the Perfect Citizen Experience

3 September 2015

How GOV.UK Verify Has Stopped Short Of Delivering the Perfect Citizen Experience

Make it easy for people to self-serve online and that is what the vast majority of people will elect to do. Public sector organisations have invested millions in putting key services online and have also spent a significant amount of money making us aware of them. For these organisations it means that they can reduce costs associated with delivering ‘manned’ service and for the citizen it means they can get access to the information and resources they need 24/7.

If you have used any of these services you will know that it is something of a mixed bag when it comes to the user experience. Renewing car tax for example is a relatively straight-forward process that saves a visit to the Post Office, but dealing with certain elements of the HMRC website offers an altogether different experience. Then, if you have to pick up the phone and choose the wrong time of day to do so you can expect an excruciatingly long wait. A quick search on Twitter and you will see what people have to say.

One of the problems people have when dealing with public sector organisations is the fact that we do not need to engage with them very often, but when we do it is inevitably for something important. As a result of this infrequent usage I for one without fail will fall at the first hurdle - passing through the Gateway.

The Government Gateway account is something you must sign-up for to access HMRC online services and it is essentially a username and password. However, it isn’t a username of my choosing and it consists of 12 randomly generated numbers. So, when I need to file my tax return it isn’t getting my accounts in order that creates the stress, but trying to remember where I jotted down the username and password when my account was first activated (which was some years ago). It is frustrating and can be more than a little concerning, especially if filing a return at the eleventh hour to avoid a penalty!

As a citizen I have no choice. Yet, as a customer shopping online I know the power of the pound in my pocket and if I am not getting the service experience I expect then I can vote with my feet. These commercial organisations know this and there is a groundswell of activity at the moment to improve how customers can login and authenticate themselves. But just because government organisations do not have to change it doesn’t mean that they should not evolve their identity verification and authentication processes.

Step forward the much debated and anticipated replacement to the Government Gateway. The GOV.UK Verify initiative is being closely observed by governments around the world, as a new way to improve the verification of a citizen’s identity (replacing archaic face-to-face and postal methods used currently). In many respects GOV.UK Verify is a great idea. It gives the user a choice of which specialist third-party organisation they can use to initially validate their identity (it should take around 15 minutes) and after this one-time-only process the user then simply logs in. But for me it is here at the authentication stage that this fantastic innovative project falls down, as it reverts to the standard username and password, which is my bugbear with the current Gateway.

I had hoped that such a trailblazing and forward-looking project would have looked beyond passwords, especially given the raft of compelling one and two factor authentication alternatives that are being adopted in private sector (and indeed some public sector) organisations right now.

I of course appreciate and value the prospect that GOV.UK Verify will hopefully improve the protection of my data from the increasingly resourceful professional cybercriminals or opportunists. And, I also look favourably on the new front-end interface (it could not have been much worse!). However, from a user experience perspective (and I am taking as a citizen/customer rather than an authentication expert) it does not satisfy my expectation for a fast and secure authentication experience.

I cannot help but feel that they have stopped just one step too short, and if they had taken this single step they could have made an exciting project a truly ground-breaking initiative that would set the standard for not only other public sector organisations but private sector businesses to follow. My hope is that as the service is rolled-out and bugs are ironed out there will be a planned phasing out of the password in favour of something that will enhance and does not inhibit the customer experience.

Author: Fred Astfeldt