One Login local government discovery

Key findings

Horizonal service integration: One Login is primarily designed for central government’s vertical service model, where each department offers a small number of services. In contrast, local authorities typically deliver hundreds of services across diverse domains. It is not feasible to onboard each service individually. The discovery explored how One Login could support a “My Account” model, enabling residents to be onboarded once to the council as a whole – reflecting the ambition of local authorities in identity verification.

Unlocking value through verified data

Councils see significant potential in One Login if it can support access to verified customer data – particularly circumstances and awards from other parts of the public sector. This could automate eligibility checks for local services, reducing the need for residents to repeatedly provide the same information. While GDS has stated that eligibility is outside the scope of the legal data-sharing gateway, this remains a key area where One Login could add value to local government digital transformation efforts.

NHS barriers and multi-agency partnerships

The current data-sharing gateway excludes NHS and adult social care data, limiting One Login’s usefulness for councils delivering integrated health and social care services. This risks further entrenching fragmentation. The discovery highlighted the need to explore how One Login and the NHS App could work together to support multi-agency service delivery.

Supplier ecosystem and interoperability

Market concentration and limited interoperability between supplier systems remain significant barriers. Much of local government data is held in proprietary systems, complicating integration with One Login. Councils’ ambitions for a single view of the customer or unified CRM systems are constrained by these challenges.

Trust and local branding

Digital identity systems raise public concerns around surveillance and government overreach. Councils, given their close relationship with communities, must be able to maintain trust. This includes preserving local branding and identity, rather than being subsumed under GOV.UK branding.

Inclusion and local identity assurance

Some residents – particularly vulnerable individuals – may lack the digital footprint required to pass standard identity checks. Local authorities are well-placed to support these users, including through face-to-face verification. Councils could act as trusted providers of identity attributes for those without a sufficient digital footprint, helping to ensure equitable access to services and supporting wider inclusion efforts of councils.

Key recommendations for MHCLG/GDS discovery

Support whole-council onboarding

Investigate onboarding models that reflect how residents interact with local government – via a single council-wide account – rather than requiring service-by-service integration.

Enhance value proposition

Explore how One Login can support councils’ digital transformation goals, particularly by enabling access to verified data that can streamline eligibility assessments and reduce duplication for residents.

Clarify NHS and DHSC integration

Engage with the NHS App team to understand how One Login and NHS identity systems can work together. Clarify whether One Login can be used to access health and social care services, and if not, how the two platforms can coexist to support integrated local delivery.

Address supplier interoperability

Consider how One Login implementation can account for the fragmented supplier landscape in local government, and support efforts to improve data portability and system interoperability.

Respect local identity and trust

Work with councils to ensure that local branding and trust are preserved in the One Login experience. Consider flexible branding options that reflect the trusted relationship between councils and their communities.

Inclusion and local identity assurance

Explore the role of councils in identity verification, particularly for vulnerable populations that may not have a digital footprint, given council’s role in communities and in fostering digital inclusion.

---

Introduction

This paper explores the efforts taken from late 2021 until now, when considering the integration of local government into central government’s One Login solution. This discovery was a collaborative effort between the LGA, Socitm, Solace and iStandUK. Following substantial engagement with local government and sector, a number of challenges and opportunities associated with One Login and extending its scope to local government were identified.

The effort to extend One Login, GDS’ single sign-on and identity verification solution aimed at replacing over 190 central government accounts and succeeding the closed Verify platform, has echoed past failures to fully consider local government from the outset. Key concerns identified include: architectural differences between Whitehall and the wider public sector, that are challenging and costly to consider retrospectively; and the opportunity to create much needed routes for joined-up delivery between central and local government that would improve service delivery and interactions with the state for citizens.

Engagement & discovery

• In December 2021, the LGA, Socitm and Solace sent a letter to the Government Digital Service (GDS) urging them to include local government in the One Login programme from an early stage. This letter emphasised the need for a unified approach to digital identity across local and central government, given that both serve many of the same citizens. It also stressed the importance of designing the system around user needs, learning from the failures of GOV.UK Verify and ensuring value for money by avoiding fragmented solutions. GDS responded to state that their Spending Review only included phased approach with central government, and they would consider local government integration at a later date.
• These organisations have since participated in a discovery phase with GDS, conducting deep-dive sessions on specific local government services (e.g. My Accounts and blue badge services). These sessions aimed to explore the practical application of One Login within the local government context and to identify specific requirements and challenges.
• The LGA, Socitm and Solace submitted a joint response to the government’s consultation on draft legislation related to data sharing for identity verification. This response detailed the sector’s position. The response reiterated the need for local government to be central to the design process from the outset, advocating for an interoperable and adaptable system built on open standards that aligns with other Whitehall initiatives. It is also clear that this must also happen alongside significant investment to enable local authorities to build their own compatible capabilities, messages that are central to One Login.
• Local government officers participated in roundtables to explore the challenges and opportunities related to digital identities and single sign on solutions. These discussions aimed to provide a deeper understanding of how digital identity solutions fit into councils’ broader digital transformation plans and what the barriers to local government integration would be.
• There were key challenges with the commitment of GDS’ consistent engagement with the discovery, and we were never a formal part of One Login engagement plans. The engagement lead changed over the two years, and there were no technical members of staff available for the second Blue Badge session which was a fundamental omission.

Key findings

Lack of early local government integration

Verify: The failures of GOV.UK Verify highlight the risks of late onboarding of local government and the importance of co-design. The Verify programme’s difficulties in integrating local government services demonstrated the need for early and meaningful involvement of the sector in One Login adoption.

Need for a common approach: Local and central government will serve the same users, allowing a joined-up digital identity system. This is foundational to properly realising government ambitions for modern, digital government across the public sector. Ensuring a seamless user experience across different public services is key for facilitating effective collaboration between government bodies. This is particularly true in services that require local and central government collaboration and data sharing.

Design and onboarding: The One Login onboarding process has been designed primarily for central government services, which are best considered as ‘vertical’, which does not align well with the complex and ‘horizontal’ nature of local service delivery. Local government delivers 800+ services, often in complex, multi-agency partnerships, requiring a flexible and adaptable approach to integration.

Value for money: Fragmented delivery of digital identity solutions raises concerns over cost and efficiency, emphasising the need for a unified approach. A single, national approach can reduce duplication of effort, lower development costs and improve the overall efficiency of public service delivery. However, implementing One Login will have cost implications for local authorities, particularly in terms of technology upgrades. Councils will need to invest in new systems, infrastructure and training to ensure seamless integration with One Login.

Considering One Login (ID verification and Single Sign On) as part of local government’s broader digital transformation ambitions

Digital transformation ambitions: Local authorities face pressures to reduce the complexity of online transactions, with significant budget constraints demanding increased efficiencies and improvements to service delivery to provide joined-up customer experiences and a single view of the customer. This reflects a desire to streamline citizen interactions, enhance service personalisation and improve data management practices. One Login needs to be considered as part of council ambitions for My Account and single/fewer CRM system(s).

Barriers: There are significant challenges within local government that require addressing to allow effective integration of national solutions, such as One Login. The sector is characterised by legacy systems, supplier issues, costs, resource constraints, capability gaps and legislative complexities. These obstacles hinder the adoption of new digital solutions and require a broader effort to overcome.

User-focused design: A successful system must be built around user needs, including those who are digitally excluded or unable to act on their own behalf. This requires a shift away from a “one-size-fits-all” approach and towards a system that is flexible and accessible to all citizens, regardless of their digital skills or experience of exclusion.

Benefits for local government: Councils are focused on an improved customer experience and journey, and a more integrated experience for council staff and back-office support systems. The benefits of identity verification support these ambitions, as well as reducing fraud, error and duplication, and improving take up of services by residents.

Implications for local government’s integration into One Login

Current situation: Many councils lack a single sign-on solution and a whole-council approach to identity verification. This fragmented landscape creates inefficiencies, increases costs and can lead to inconsistent user experiences.

Levels of assurance: The proportionality of identity verification must be considered in user access to different services across local government. Councils often consider identity verification according to levels of assurance such as:

• Anonymous: Register for username/password at an individual council or use a social media credential. Get a personalised view. Undertake report/book/pay type transactions that do not involve sharing personal information.
• Low level: Provide further known facts that you have a right to see account level information, such as ‘provide council tax reference’. This approach only works when a person already has a footprint at the council.
• An assured identity: A one-off identity check is applied, either by the council or an ‘identity provider’, and a credential is issued, which may be multi-factor. The council is then able to match an assured set of biographic data to its own source of customer data.

Local authority requirements: A digital identity solution must be secure, privacy-protecting, flexible, accessible, consistent and integrated, and support user consent and delegated authority. These requirements are essential for building trust, ensuring inclusivity, and enabling effective service delivery. Issues related to data privacy, security, liability and compliance need to be carefully addressed. Councils handle sensitive citizen data and protecting this is a priority. Local government integration to One Login must ensure that any data sharing arrangements comply with legal requirements and best practices.

Digital exclusion: There are concerns about how citizens who do not currently hold photographic ID or another digital footprint will be identified. It is essential to ensure that One Login does not disadvantage vulnerable or marginalised groups who may lack the necessary documentation or digital skills. It is also crucial that identity verification is proportionate to the service requested – passport or driving licences should only be required in those services requiring the highest levels of assurance.

Capacity and resources: There is a range of necessary resources and expertise to implement and integrate One Login effectively. Councils will be challenged by a shortage of staff with the required technical skills, as well as limited funding for digital transformation projects. However, we also know that councils currently verify identities manually at a time of reducing capacity and rising demands on council staff.

Onboarding: One Login is currently set up for national government services, which tend to be vertical in their design and delivery, whereas local government services are generally shifting to an integrated and horizontal model. The key question is how councils could be onboarded as whole organisations rather than by individual services (over 800+), which would not be feasible or helpful for local government and those it serves. Our discovery therefore explored the use of My Accounts, in order to understand how councils are implementing service integration and where ID verification fits within broader digital transformation ambitions.

Exclusion of health and social care: The exclusion of health and social care bodies from the scope of One Login is a major concern for local authorities. Integrated health and social care services are crucial for many citizens, and the lack of integration with One Login would hinder effective local service delivery. It is also vital to consider how One Login would work with the NHS App which already boasts high levels of resident engagement.

---

Timeline of One Login discovery

When	What
November 2021	Socitm publishes a Digital Identity research report
December 2021	Letter to GDS signed by LGA, Socitm and Solace on importance of incorporating Local Government into One Login given challenges with Verify asking for a common approach, a digital identity system build around user needs, learning past lessons from Verify where LG was excluded and ensuring value for money from a whole public sector wide approach. (Appendix 1)
February 2022	LGA and Socitm met with GDS to agree to explore the possibility of running deep-dives to identify use cases that align with relevant and high transaction services to become test pilots for platform. LGA and Socitm meet with GDS every 2 months – personnel shifts.
April 2022	LGA sets up user group to establish use cases and circulated exploratory survey to broaden out options for deep-dives.
June 2022	GDS announce migrating services onto One Login in 3 clusters in parallel over two years: complex services (20-30 services including tax, universal credit, pensions), which will require bespoke support and dedicated teams; long list of simple services which will focus on self-adoption and easy to integrate; and medium list cluster which will hone in on high transaction services with high volumes of customers with majority of local government services, such as Blue Badges. Notes from research results into surveys and working group reflections are in Appendix 2.
	LGA propose to GDS that local government is involved in research and engagement sessions and presented a range of service areas that could interact with central government data sources, enable self-service applications or claims from a user; and involve digital ID checks. The service areas presented were as follows: benefits, payments and claims; citizenship; education; housing; disability; asylum and immigration; BDM and care; licensing. LGA and Socitm presented to GDS more detailed examples below with estimates of transaction volumes and types of evidence needed to authorise a person’s application or claim: Service area: Benefits, payments and claims Application/claim for: Housing benefit (outside of Universal Credit) Local council tax support (as determined by Universal Credit) Discretionary housing payments Carers’ allowance Examples of CG interaction: LCTS example: DWP share UC data with councils to determine Local Council Tax Support; DHP example: UC award letter or local authority Housing Benefit award). Plus, tenancy agreement or proof of rent GDS were receptive but not forthcoming in engaging local government in onboarding schedule. Local Government areas were not considered a priority area. LGA and Soctim propose to find a council already moving ahead with a digital identity solution in the absence of support from One Login.
October 2022-?	LGA find Bracknell Forest running a project to transform Blue Badge service with supplier called Netcall – using a low code platform (Liberty Create) replacing a central government process that users and councils find difficult.
7 December 2022	Deep-dive held with Bracknell Forest, GDS, LGA and Socitm focused on: challenges, issues, and considerations from council and user; evidence needed for authentication; how process moves along and interactions required; using different third party suppliers; how council learning could facilitate better understandings of what may be involved in rolling out One Login to councils. LGA engaged with Sheldon from MHCLG as an escalation point given GDS resistance to a deep-dive session with a range of councils. Bracknell Forest presentation focused on My Account development and move towards single sign on across services (including specialised service accounts such as benefits, council tax, planning or school admissions). (Appendix 3)
January – March 2023	LGA, Socitm and Solace responded to the Cabinet Office consultation ‘Data Sharing: Identity Verification Services’ – secondary legislation to the Digital Economy Act designed to introduce new data sharing gateways to support the delivery of key services as the need arises. This was the legal data sharing gateway for One Login. Briefing attached to email and consultation response available here. 17 February: held roundtable with CDT Policy Group to inform local government response (presentation attached in email) February: sought legal guidance on legislation through LGA legal team (legal response attached in email) For additional context, read the government’s response to the consultation.
March 2023	Agreed next steps with GDS and LG Partners in One Login discovery: • Overview of the service at the council level • Level of identity verification required and how it is currently done. • Challenges to onboarding onto the One Login system • Opportunities for onboarding onto the One Login system 1. Council service delivery: revenues and benefits 2. Council service delivery: blue badges 3. Council service delivery: licencing 4. Council service delivery: social care 5. Council as data holder onboarded onto One Login 6. Council using identity verification but not single sign-on interface/own branding. Delegation of local government relationship to engagement lead.
June 2023	Next deep-dive on blue badges: including two councils, Bracknell Forest and Somerset, and Department for Transport. Presentations from iStandUK, GDS, Bracknell Forest, briefing from Somerset, and presentation from DFT. Recording of session available here and full note of meeting are attached to email. Discussion focused on: • What would onboarding look like for councils? • How would One Login support case management systems/CRM systems and end-to-end workflow? Key sectoral ambition to reduce the number of case management systems into fewer or a single CRM that would underpin council’s My Account. • Eligibility vs identity verification: if both were facilitated by the same process, through data subject consent, this could be a gamechanger for seamless service flow in local government. Importance of a user centred approach. Next steps: • From GDS: understand more about the One Login onboarding process and possibilities for a whole council approach: through My Account and without My Account. • From councils: Levels of assurance required for different services and how could On Login support councils; how multi-agency working across LG would impact One Login; and on Blue Badges – a consideration of how One Login could facilitate or create barriers to inclusion and support fraud preventions. (Appendix 4)
July – September 2023	To understand how this fit into council ambitions for seamless resident account, LGA conducted research into My Accounts and Digital Strategy references to citizen portals (research attached to email) Of 165 lower tier councils, 75 have a My Account = 45.5% Of 152 Upper Tier Councils, 106 have a My Account = 69.7% Only 8.5% of Lower Tier Councils have a Digital Strategy that is available online. (Appendix 6)
October 2023	LGA, Socitm, Solace and iStandUK held problem framing session with councils to respond and build knowledge base of barriers and where One Login could realistically support. Reduced engagement from GDS team – so parked engagement until problem framing had occurred. Objectives were to understand where digital identities fit into council broader digital transformation plans, how councils were approaching digital identities and single sign on solutions, and what the barriers, challenges and opportunities were to a national solution. (Appendix 6).
February 2024	LGA, Socitm, Solace and iStandUK met to discuss next steps for discovery and how to move forward. More use cases and international cases of use in local government required. The group met with techUK to understand the supplier perspective. The group also agreed to meet with the Improvement Directorate in Scotland to understand their approach to My Account. The group planned to engage more closely with the NHS App team to understand how they overcame similar barriers to those identified in One Login.
March 2024	Met with Andrew Campbell, Head of Digital Public Services, in the Improvement Directorate in Scotland to understand their approach to My Account. Presentation attached to email.
April 2024	LGDC decision made to deprioritise and not a priority for the LGA. Reducing engagement from GDS over two years, and MHCLG considering how to take it forward with GDS in spending review.

---

Appendix 1: Letter from LGA, Socitm and Solace to GDS

Tom Read, Chief Executive Officer
Government Digital Service, The White Chapel Building, 10 Whitechapel High St, London, E1 8QS

13 December 2021

Re: Digital Identity

Dear Tom,

We – the Local Government Association (LGA), the Society for Innovation, Technology and Modernisation (Socitm) and the Society of Local Authority of Chief Executives (Solace) – have come together to urge you to reconsider how you plan to deliver a new digital identity solution over the next three years. Our organisations represent the voice of local government and we collectively champion digital innovation across our sector.

We agree that the public sector needs a national digital identity solution and that this is long overdue as a foundation for modern public services. We support your team’s work in developing a government-wide single login and digital identity assurance solution. We are pleased that significant money has been earmarked for this work and that it will align with the DCMS trust framework. However, to be successful, any national system must consider local government requirements from the outset. We believe there are four reasons why you need to bring local government into the centre of your plans immediately:

• First, we need a common approach. Our sectors regularly support the same service users, and this calls for a joined-up digital identity system that responds to a diverse range of citizen needs. Councils have a long history of delivering in-person and online services for the benefit of their localities. Their statutory duties and responsibilities are vast. A clear understanding of what councils must do to support their communities and citizens, and how authentication supports these duties, is essential to developing a common approach to digital identity. This means involvement in the design of policies, systems, architectures and principles right from the outset, not just consulting on a design or prototype solution. We urge much stronger dialogue between your team and those in our sector who administer local services in a diverse range of circumstances, with diverse users and non-users to consider.

• Second, we need a digital identity system built around user needs. For councils, enabling citizens to carry out transactions online – to ‘self-serve’ – is an important part of meeting the financial challenges of the future. But the real benefit of improving citizens’ ability to transact online is to create a more responsive, personalised service and easier access to essential services. This means avoiding the ‘developing first for Whitehall and then generalising’ approach, which does not reflect diverse citizen needs. In particular, it doesn’t pay enough attention to those currently excluded from digital services and/or unable to act on their own behalf. We urge you to put our shared users at the centre of the digital identity programme to prevent misaligned solutions in the future.

• Third, we must learn past lessons. We understand that the new GDS-generated solution may be extended to councils in 2025. But, using the example of GOV.UK Verify, we know the late onboarding of councils is prone to failure (Public Accounts Committee, 2019). A centralised approach designed around high-transaction parts of central government ignores the complexity of citizens’ interactions with local services and those who are excluded from them. We urge you to expand the scope of your programme to help fix old centralising habits. Failure to codesign a system will inevitably lead to unacceptable retrofitting difficulties and costs.

• Fourth, we must ensure value for money. Your programme aims to deliver better value for money from a few shared solutions. The late onboarding of local government is a false economy. Indeed, in the face of growing demands, parts of local government have given up waiting for a national system. Locally based, digital authentication solutions are already being developed. These initiatives cost councils money. Failure to include local government will mean more money is needed to ensure that local public services are interoperable with any national solution. It is imperative for the public purse that we avoid fragmented digital identity solutions that are unnecessarily costly, duplicative and frustrating to use.

We do not underestimate the complexities of bringing our sector into scope. Delivering local public services can be complex because it involves helping those most at risk. But we need to maximise the opportunities of a solution that works for everyone and protects value for money. A single digital identity provides the opportunity to join-up services across communities and places in a way that enables local agencies to work together to address complex issues. To facilitate this, we offer to work with you to collectively represent the requirements of local public services and tackle the challenge of producing a more inclusive system. We are confident that working together with us and our local government colleagues will help to create a successful digital identity that is trusted for use across the full spectrum of public services.

We stand ready to support you in any way we can.

Yours sincerely,

[Signed by]
Sarah Pickup, Deputy Chief Executive, LGA
Samantha Smith, President of Socitm
Alison Mckenzie-Folan, Spokesperson on the Digital Agenda for Solace

cc: Joanna Davinson, Executive Director, Central Digital and Data Office; Susannah Storey, Director General, Digital and Media Policy, Department for Digital, Culture, Media and Sport; Catherine Frances, Director General, Local Government and Public Services, Department for Levelling Up, Housing and Communities

---

Appendix 2: Local government use case pathways and service mapping

Digital identities – Local government use case pathways

This document presents a summary of the Local Government Association’s research and approach to collaborate with the Government Digital Service (GDS) sign on for government programme. The following is a list of life events or service families where central and local government services interact and require authentication, are online ‘self-serving’ transactions, require registration, identity assurance and are managed and administered by councils.

1. Benefits, payments, and claims

• Benefit/UC advice and assessment
• Council tax benefit/UC claims
• Debt enforcement
• Housing benefit new claim
• Housing legal advice
• Welfare rights advice
• Universal credit (determination of Local Council Tax Support)
• Discretionary Housing Payments

2. Education services

• 16 to 19 years bursary fund
• Education – grants – education maintenance award
• Education – grants – student awards
• Education – loans – student loan
• Free school meals
• Local school applications
• Nursery and primary school places
• School admission appeals
• School transport

3. Economic services

• Business plans advice
• Business awards and grants
• Business centres
• Business rates accounts and annual notifications
• Business security advice and grants
• Full planning applications
• Registering business premises

4. Disability services

• Bus passes applications
• Blue badge
• Care needs assessments
• Disabled facilities grant
• Disabled parking bays and permits
• Home adaptations and aids
• Disabled taxi card
• Motability schemes
• Specialist equipment and support for disabled

5. Births, deaths, marriages and care

• Registering a birth
• Registering a marriage/civil partnership
• Adoption
• Fostering
• Registration of responsibilities for children
• Divorce
• Bereavement support
• Death registration + funeral expenses payment
• Repatriation of bodies abroad to England and Wales

6. Citizenship and living in the UK

• Registering to vote
• British citizenship

7. Housing

• Being a landlord
• Household energy
• Tenant rights
• Buying a house (local authority searches)

8. Asylum and immigration

9. Licensing

Digital identity deep-dive survey results

Service area: Benefits, payments and claims

Any application for a local benefit that could be more efficiently and accurately processed by verification against existing central government benefits

Application/claim for	Central government interaction
Housing benefit (outside of Universal Credit)
Local council tax support (as determined by Universal Credit)	DWP share UC data with councils to determine local council tax support
Discretionary Housing Payments	DWP (UC award letter or local authority Housing Benefit award). Plus, tenancy agreement or proof of rent
Carers’ allowance

Service area: Education

Application/claim for	Central government interaction
Free school meals	Register with school/council > councils verify against a government-owned eligibility checker > draws on HMRC and DWP data > verification of household income
School admissions
Free school transport

Service area: Disability

Application/claim for	Central government interaction
Blue badge (example of one council using two full time advisers to support customers because the application form is complex and repetitive)	Council manage eligibility for the scheme > data exchanged with DFT > GOV.UK and API links to council’s case management system > DWP produces the letter of eligibility
Health and social care assessment
Disabled facilities grants

Service area: Births, deaths, marriages and care

Application/claim for	Central government interaction
Register a birth, marriage, civil partnership or death	Death of a single mother > HMRC, DHSC, DfE, Local Registrar, Social Services, Housing, Benefits
Child adoption and fostering
Repatriation of bodies

Service area: Citizenship

Application/claim for	Central government interaction
Registering to vote
Postal voting
British citizenship

Service area: Housing

Application/claim for	Central government interaction
Buying a house (local authority searches)	‘My account’ personal attributes (name, address, gender, date of birth, first language preferences, etc.) > Land Registry, Revenues and Benefits, Local Authority Search, Resident’s Parking Permits, Waste Collection Services
Affordable warmth	DWP’s Searchlight system
Moving house	Multiple central government services (depending on change of circumstances). Includes DWP and HMRC
Threats of homelessness	Eligibility of public funds (council tax, UC, benefits) Housing EHP compliance Statutory/legal checks around, addresses Financial (arrears) Landlords’ legality
Planning applications	Viewing applications MHCLG, Planning Inspectorate

Service area: Asylum and immigration

Application/claim for	Central government interaction
Temporary accommodation

Service area: Licensing

Application/claim for	Central government interaction
Persons required to be registered with local authority
Civil wedding venues
Businesses	Companies House DBS HMRC License may be part of a bigger user journey to set up a new business.

Service area: Other: where councils administer financial or similar assistance

Application/claim for	Central government interaction
Council Tax Rebate and associated Discretionary Fund for households	Causing significant issues – councils need the infrastructure to support future
Household Support Fund
Covid-19 grants

Not included:

• Council tax (payment)
• Universal credit (eligibility and payment)
• Tell Us Once

Comments

“Happy to host deep-dive sessions on these items.”
Alex Shiell (Rushmoor Borough Council)

“Where the intersections are and how best to use tech to make the customer journey more efficient and at the same time council/central government more efficient.”
Sharon Pinnock (Enfield Borough Council)

“Might be helpful to involve officers that undertake the process as they’re usually the expert on the kind of problems the current paper-shuffling processes give. Might also be important to consider the likely take-up rate of people using a government digital ID when selecting tasks; so for example, I’m really enthusiastic about looking at homeless process, but I’m mindful that many homeless customers aren’t using the internet in a regular way so take up might be limited.”
Greg Arends (Stevenage Borough Council)

“We are not considering a customer account until we have a more robust SSO and identity assurance tool.”
Toni Kershaw (Calderdale Council)

“DWP are notoriously challenging regarding data usage. We are never allowed to receive a list that says persons X, Y and Z all receive this central benefit, so contact them and give them your local benefit… We have to try and do detective work to work out who X, Y and Z are, and rather like making our accusation in Cluedo, only then may we individually check on Searchlight if we’re right. Which might not be so bad if there really were only X, Y and Z (three of them), but in reality, we’ll usually talking at least hundreds and often thousands of people. If we’re never going to be allowed a list, then at least having a self-service form for customers that connects with DWP and verifies at that point whether they are indeed recipients of any applicable benefits would not only save a lot of work, but would minimise unnecessary data-sharing, as local council staff wouldn’t have to be gathering all the data to try and establish if someone qualifies – the data subject would input some of their personal details themselves and what would be returned to local council staff would simply be a green or red for whether they’d passed that criteria – rather like Searchlight. Or we could even automate that the reds got a polite ‘no’ upfront back to the customer, to minimise back-office work even further.”
Emma Warwick (Hull City Council)

“It might be useful to get some idea of under-claiming or over-claiming as part of this work. By which I mean, there are some customers who will sign-up/apply for anything they think is going, whether they are realistically eligible or not; and others who will never apply – they will just wait to be given it or not. If there could be some centralised digital ID checking, we could get insight into which demographics commonly fail to access things they could and should benefit from (my guess is older people are in this category). We could then make attempts to reach them in other ways. We might also get a better idea of what is at worst attempted fraud but may simply be scattergun attempts to claim anything on offer.”
Emma Warwick (Hull City Council)

Deep-dive cohort

Name	Council
Alex Shiell	Rushmoor Borough Council
Sharon Pinnock	Enfield Borough Council
Greg Arends	Stevenage Council
David Durant	Hackney Council
Toni Kershaw	Calderdale Council
Emma Warwick	Hull City Council

---

Appendix 3: Bracknell Forest initial deep-dive minutes

Digital identities/One Login for government
Meeting on 7-Dec-22, 11:30-12:00

Aim: To discuss the details of setting up a knowledge sharing session between GDS, Bracknell Forest Council and LGA on Bracknell’s Blue Badge project

Attendees

• Ash Smith, Deputy Director, Digital Identity, GDS
• Liz Ridler, Head of Strategy, Policy and Engagement, GDS
• Reena Davies, Strategy, Policy & Engagement Advisor, GDS
• Colin Stenning, Head of Digital, Bracknell Forest
• Emma Shenton, Business Change Project Manager, Bracknell Forest
• Bobby Mulheir, Assistant Director: Customer Experience, Digital and ICT, Bracknell Forest
• Mark Gannon, Director Client Solutions – Public Sector, Netcall (Bracknell’s supplier)
• Jenny McEneaney, LGA
• Owen Pritchard, LGA
• Katie Owen, LGA
• Martin Ferguson or Dave Sanderson, Socitm

Optional

• Sheldon Ferguson, DLUHC
• Chris Roberts, Netcall
• Lynley Meyers, Netcall

Background

• Rebekah and Tom have been meeting Ash and Reena from GDS approximately every two/three months since January to discuss how to get local government more closely involved with One Login for Government. Socitm has joined each meeting, largely observing. Liz Ridler from GDS (who worked for IDeA many years ago) has joined the last two meetings.
• GDS’ delivery plan works in a series of sprints. The first involved deploying the new authentication system to the Disclosure and Barring Service (a limited beta version is now operating). They are continuing to conduct research and engagement sessions with other areas of government to onboard more transactional services. The latest roadmap is shown below.

• We have been pushing for GDS to involve local government in its research and engagement sessions. To facilitate this, we presented a range of service areas run by local government that do the following:
  • Interact with central government data sources.
  • Enable self-service applications or claims from a user.
  • Involve digital ID checks.
• The services areas we presented are: benefits, payments and claims; citizenship; education; housing; disability; asylum and immigration; BDM and care; licensing.
• We presented to GDS more detailed examples (below). We also gave estimates for transaction volumes and the types of evidence needed to authorise a person’s application or claim (both analogue and digital).

Service area	Application/claim for	Example of
Benefits, payments and claims	Housing benefit (outside of Universal Credit) Local council tax support (as determined by Universal Credit) Discretionary housing payments Carers’ allowance	LCTS example: DWP share UC data with councils to determine Local Council Tax Support DHP example: UC award letter or local authority Housing Benefit award). Plus, tenancy agreement or proof of rent

• We tested the service areas with a group of officers and requested other examples to support our discussions with GDS – we received some useful feedback (albeit small in number).
• GDS has been receptive to our suggestions but, by the end of the summer, we had not moved any closer to being offered a slot on its onboarding schedule. The reasoning seems to be because GDS is working on ‘priority areas’ that aren’t necessarily best suited to what we are trying to explore in the deep-dives.

Scope change

• To move us forward and get GDS in a room with a council this year, we offered to find them a council already moving ahead with a digital identity solution in the absence of support from the One Login programme – as we predicted would happen in our original letter.
• Bracknell Forest Council is running a project to transform its Blue Badge service, with a supplier called Netcall. They are using a low-code platform (Liberty Create) and plan to make the process available to other councils as part of Netcall’s Appshare library. Therefore, replacing, as far as possible, a central government process that users and councils find difficult.
• GDS and Bracknell Forest have agreed to meet to discuss a knowledge sharing session. Suggestions for the discussion include
  • Challenges, issues, considerations from a council and user point of view.
  • The evidence needed for authentication.
  • How the process moves along, and the interactions required.
  • Using different third-party suppliers.
  • How the council’s learning could facilitate better understandings of what may be involved in rolling out One Login to councils.

Meeting outcome

• Commitment from GDS that it will meet with Bracknell Forest (and an LG rep) to discuss the Blue Badge scheme – preferably set a date at the meeting.
  • Discuss and confirm the format of the session – and general lines of enquiry.
• Discuss and confirm how learning will be shared with the sector.
  • Discuss and confirm how we can build on the Bracknell Forest session to progress GDS’ engagement with councils going forwards.

AOB

Sheldon Ferguson from DLUHC may attend the session. He is aware that GDS has so far not met its commitment to run a deep-dive session with a set of councils. Rebekah has briefed him on the issues, and he was due to mention his concerns to Ben Cheetham and Lawrence Hopper at DLUHC.

---

Appendix 4: Blue badges session notes

One Login Discovery Phase
Blue badges – Thursday 15th June 2023

Context

The Government Digital Service (GDS) is currently onboarding central government services onto One Login. Working towards 2025 and the next Spending Review, The Local Government Association (LGA), Socitm, and Solace are working closely with GDS on a discovery phase to:

• Explore the opportunities for involvement and existing barriers to local services being onboarded onto One Login.
• Build an understanding of the complexity of local service delivery with GDS and the differences that exist between local and central government.
• Consider different options for local government engagement with One Login, recognising the sovereignty of councils and differing levels of digital maturity.

The first service focus area was Blue Badges (agenda included in the appendix). This session was attended by colleagues from the GDS, Department for Transport (DfT), Somerset Council, Bracknell Forest Council, iStandUk, Socitm and the LGA. The meeting was chaired by Jenny McEneaney, Senior Improvement Policy Advisor – Cyber Digital and Technology (LGA).

Presentations

Abby Peel, GDS presentation

Abby Peel, Senior Strategy Policy and Engagement Officer in GDS, gave an introduction to the One Login programme.

There are currently more than 400 services on GOV.UK, with around 200 accounts accessed via c50 sign-in routes. The aim of the GOV.UK One Login programme is to deliver a single sign-on and identity-checking solution for Government. There will be multiple routes, including standard passport and driving license checks for those that have them, and other routes for those who do not.

Across all government services, the identity verification required is to a medium level of confidence, in accordance with Good Practice Guide 45.

Abby also shared information about their current roadmap for onboarding government services over the next two years. A significant milestone will be when HMRC is onboarded onto GOV.UK.

Slides will be shared with these meeting notes.

Paul Davidson, Somerset Council and iStandUK

Paul Davidson gave a presentation on digital identity for local public services. Paul was speaking in his position as iStandUK Programme Director.

Paul gave an overview of the local government context. This demonstrated the considerable number of organisations that form part of the local government sector, which includes 383 principal councils in the UK. Local authorities are responsible for the delivery of c1,500 different services. An initial analysis of these suggests that approximately 200 require confirmation of the user’s identity and somewhere between 50 and 100 require additional personal information. Identity assurance and attribute provision paves the way for these to be delivered as a self-service digital service.

In local government, there are usually various levels of assurance needed to access services:

• Anonymous – allows access to basic information.
• Low level – requires the provision of further ‘known facts’ to give a reasonable probability that a person has the right to see account level information e.g., provide national insurance number or council tax reference.
• An assured identity – a one-off identity check is applied by either a council or by an ‘identity provider’, and a credential is issued.

According to Paul, there are numerous opportunities for local government being in scope of One Login:

• Improved customer experience/journey – quicker and easier and lower dropout rate in applying for services.
• More efficient process – self-service; access to verified information; consent management; automation. This could result in resource and capacity savings for local government.
• Reduce fraud/error/duplication.
• Improve take up of services.
• Integration with council My Account.
• Other eligible services – signposting/passporting.
• Channel swapping.
• Two-way conversation – alerts, changes.
• Equalities – personalisation, disabilities.
• Privacy, security, data minimisation.

Finally, Paul gave an overview of some of the features of blue badge service that need to be considered in the context of this discovery. The Blue Badge service is not just a single service: there are various triggers including new application, renewal of an application, the appeal of a decision, cancellation of a service, and reporting a lost and stolen badge. The application can be made by an applicant, carer, appointed person, professional, family member, or friend.

A variety of evidence is required which can be categorised as proof of identity, proof of address, and proof of eligibility. Currently, if further information is required the DWP provide tailor-made access to their Searchlight Portal which enables councils to identify. In Somerset, there are approximately 16,000 applications/renewals per annum, with 89% starting the process online, 8% by phone and 3% by post.

Toby Staton-Bevan, Department for Transport, Blue Badge Digital Service

Toby gave an overview of the Blue Badge Digital Service (BBDS) run by the Department for Transport (DfT). Starting with a brief history, the Chronically Sick and Disabled Persons Act 1970 enabled local authorities to run their own blue badge schemes. In the mid-2000s, the Blue Badge Improvement Service started a programme with the aim of improving the blue badge service. From this, the Blue Badge Digital Service (BBDS) started in 2019.

The BBDS is provided to local authorities by DfT to help them run their Blue Badge scheme. To do this they provide a GOV.UK service which is free to use for local authorities. This service enables citizens to apply for a blue badge and councils to manage the service. It is optional for councils to use this service, and many do. From the LGA’s research, we estimate that 79% of councils use the GOV.UK service.

The ‘apply’ service is citizen-facing and it collects all the information needed for an assessor at a local authority to decide whether to award a badge or not. The ‘manage’ part of the service is for local authorities only. It allows officers to review applications, approve or reject, order and re-order badges and run analyses on badges awarded. Manage-side features can be accessed via API.

There are some current challenges with the service, including re-applications. In addition, identity verification is currently done by local authorities which slows down the processing. One Login provides an opportunity for tackling some of these challenges.

Sarah Moore and James Wyatt – Somerset Council

Somerset is a new council created through the process of unitarization: four district councils and the county council have become one organisation. This has brought with it challenges and opportunities, notably around harmonising systems including ‘My Accounts’ across the organisations. Somerset Council is also in an integrated care system (ICS) which means that the NHS and the local authority are working in partnership to deliver health and care services.

Customers have an identity with the NHS, and they have an identity with the council. The need to reconcile and harmonise those identities to deliver integrated services is also a key challenge.

To fulfil a service request, Somerset also works across all of their strategic partnerships, which include the voluntary and community sector and the Citizens Advice Bureau. This is a complex picture that requires data sharing consent across different sectors. Therefore, identity and account functionality are much broader than simple single interactions.

Post-unitarisation, there is a desire to transform the blue badge process. As part of this, they have been looking at what is possible and what is more difficult to achieve. Somerset delivers their blue badge service using their own scheme. They had looked into using the BBDS process, however, as their supplier (Northgate) does not provide an API they are unable to make use of this option. This may present as a barrier to One Login that needs to be considered.

There are many challenges with the Blue Badge service as it currently stands, including:

• A customer must reapply even when they do not require reassessment. Somerset council has introduced a flagging system so the same evidence is not required for renewals with no reassessment.
• The lack of integration with PIP benefit when the blue badge is an automatic entitlement.
• There are challenges with the central application form, and customers are unclear about what evidence is required for which stage. This requires a lot of staff capacity to follow up with customers on payment, evidence requirements, and to check the ID.

Lisa Jewell – Bracknell Forest

Bracknell Forest is currently running a blue badge improvement project.

The first phase focused on the decision-making process. The second phase is looking at the application process, including the website, customer journey, a multi-purpose online form, seamless digital process, administrative burden and in-person support. The desire is to move away from the BBDS which is currently used.

Currently, Bracknell Forest receives 2177 applications, 69% are received via GOV.UK and 31% are received via post/email. Information received via the BBDS is downloaded by the administrative team into their case system, which is currently a manual process. Assessments are completed within the council’s system and badges are ordered via DfT.

The new process will be run through Bracknell Forest’s My Account. Applications will be completed via an online form, and there will still be an option to download a form and complete via email.

Application data and attachments will be automatically saved to the liberty blue badge system. The service delivers automated badge ordering, response letters, refunds, and appeals. Assessments are dealt with within the new systems. Customer services will assist with applications over the phone and library services will assist with the creation of My Accounts. There will be a process for automatic renewals.

Discussion

What would onboarding look like for councils?

The group discussed the nature of local government systems when compared with central government systems. Currently, GDS’ One Login process onboard services individually, which indicates that there is a vertical view of services. However, in councils, services are more horizontal. This is particularly the case where ‘My Accounts’ exist, and councils have already been through the service of bringing services together and facilitating a simpler customer journey. It is important to note that councils do things in diverse ways and onboarding needs to take this into account.

Case management systems and end-to-end workflow

Councils need a system where the front-end feeds into case management systems. As highlighted in Bracknell Forest’s presentation, the BBDS currently requires manual processing to input data into council’s case management systems. There are wider challenges around the local government supply chain and suppliers not providing or charging large fees for APIs. The affordability of APIs is currently a huge constraint for councils across multiple improvement processes. There is a need to consider how the local government supply chain practices would hinder or support this process. There is also a need to consider how this aligns with broader sectoral ambitions to reduce the number of case management systems into fewer systems or a single CRM that would underpin their My Account.

Eligibility vs identity verification

During the discussion, councils felt that if eligibility and identity verification were facilitated by the same process that would be assistive to not only the council but also the user, who would need to provide less information and not need to provide the same information twice.

Currently, One Login only facilitates identity verification and does not support the use of data for eligibility purposes and there is not a legal gateway to do this. However, councils felt that if One Login enabled citizens to provide consent for data sharing between councils and government departments, e.g., DWP confirming if a blue badge applicant receives Personal Independence Payments, this would be a significant benefit. DfT have previously explored an API between BBDS and DWP’s searchlight system to support data sharing, however this is not a current priority for DWP.

One Login has the potential to provide a trust framework that could unlock real-time data sharing, as different authorities will know that citizens’ identities have been verified to the same standards.

Importance of a user-centred approach

The group agreed that, as a core principle, councils’ involvement in One Login should be considered from the users’ perspective. Therefore, a proposed solution needs to work for residents as well as local authorities.

Next steps

At the end of the session the group considered future topics for discussion as part of this discovery, suggestions included:

• A deep-dive into what the One Login onboarding process currently looks like
• Considering what One Login onboarding would mean for councils with and without My Accounts.
• What levels of assurance are required for different services and how could One Login support councils to provide services that do not require identity verification.
• How multi-agency working across local government would impact One Login
• Blue badge specific: a consideration of how One Login could facilitate or create barriers to inclusion and support fraud prevention.

Appendix: Agenda

Time	Agenda item
11:30-11:40	Welcome and introductions	Jenny McEneaney (Chair)
11:40-11:55	GDS: Intro to One Login and onboarding process	GDS
11:55-12:05	Department for Transport PPT	Toby Staton-Bevan
12:05-12:15	Context: identity verification in blue badge service delivery	Paul Davidson (Somerset/iStand)
12:15-12:25	Somerset blue badge process	Sarah Moore
12:25-12:35	Bracknell forest blue badge process	Lisa Jewell
12:35-13:25	Discussion questions: reflections, opportunities and challenges for councils and customers, how could it work?	All

---

Appendix 5: My Account and Digital Strategy Analysis

Of 165 lower tier councils, 75 of these have a ‘My Account’ = 45.5% Of 152 upper tier councils, 106 of these have a ‘My Account’ = 69.7%Only 28.5% of lower tier councils have a Digital Strategy that is available online.

Digital strategies: References to Citizen Portals

Upper tier

Birmingham – Vague

Bristol – Reference to portal: “in collaboration with our partner organisations, continue to develop citizen web forms and portals including improvements to waste services, and improving end-to- end service of those who need housing.”

“We will work to migrate more online services to a single citizen account where this is proportionate and cost-effective, providing unified access to as many online council services as practicable”.

Measures of success – “Increase in services using Single Citizen Account & Increase in enrolment for Single Citizen Account”.

“Where beneficial, migrate online services to a single citizen account providing citizen centric unification of access to online council services.”

Coventry – “Enabling customers to get the information they need and to access our services through online self-service.

This means making sure Council services can be accessed via the internet and are user-friendly. This could be for information or advice, to signpost to other services not provided by the Council, to make a payment or to request, apply or report something. It also means making internet access available for people who may not have this at home and building digital skills working with partners.”

Durham – “Expand our online services to ensure that they are quick, simple and secure; ensuring they become our customers’ channel of choice.”

“Make it easier for citizens and customers to self-serve online for themselves and on behalf of friends and family with more available online.”

Essex – Lots of reference to resident access, connectivity and inclusion, but limited reference to online account, citizen portal. Vague detail on how.

Gateshead – “offer “My Account” functionality that will allow residents to easily and securely sign in and track the progress with all of their service requests”.

“The Digital Inclusion workstream (working alongside Digital Customer, Digital Place and Digital Business) will address all of these challenges and consider how we can motivate as many of our residents and service users as possible to use the online and digital services so that they become “their channel of choice”.”

Hampshire – “The Customer Access Policy details the significant amount of work undertaken by the shared Insight Team in understanding our customers and the likelihood of them accessing services online. As a result, six different online personas have been identified. These range from Techy Terry and Confident Kate – those customers who will happily conduct all their business online – through to Offline Olive, who would really struggle under a wholly digitised service approach.”

“Enabling Customer Digital Access — Services will be designed around delivering what the customer needs when they need it. Shifting services away from office hours, face-to-face contact and telephone-based services toward automation will allow customers to use our services 24/7.”

Herefordshire – Key principle of “Customer access – to enable users to access council services with ease by maximising digital technology.”

“Deliver next phase of the council website including integrated account functions.”

Isle of Wight – Potential Activities “The development of ‘My Account’ functionality, that allows a single area of access for all customers to record their information once and interact with the council many times if needed.”

“Ensuring that all council processes are recorded based on one customer, one account approach to maintain a single view of our customers. This will enable the customer to have a better access to their council information and historic processes as well as enable the council to better understand its customer’s needs.”

“There will be a radically better experience when accessing the council’s digital services and information.”

Kent – “To create successful digital services, we must focus on; Multichannel Delivery – User Centric, Personalised and Proactive; Digital Platforms – Platforms, Partnerships and Ecosystems; Data Centricity – Insight Driven, Innovative and Predictive.” No other reference to account, My Accounts or portal.

Lancashire – ‘To embed a digital culture across the organisation’.

“Develop effective IT portals which allow customers and suppliers to access many services in a single place.”

Leeds – “It is important that people can access services, whether this is through new digital processes or the freeing up of traditional access capacity as a result of more people using digital methods, for example, the automation of some back-office functions can help free up staff enabling them to be more focussed on care.”

“Through investment in world class connectivity and infrastructure platforms, service delivery can be transformed to enable more people to access services digitally, where and when they want them.”

“We take a ‘digital first but not digital only’ approach, meaning that others complimentary means of accessing services will always be available, such as, face-to-face and by telephone.”

No other reference to account, My Accounts or portal.

Liverpool – “We will demonstrate innovation in service transformation and delivery, utilising technology and new channels to ensure our services can be accessed by all.”

“Use digital to empower our citizens to take control of their information and the services they access.”

Manchester – Broad remit of strategy, but little to no detail about My Account, portals, citizen access to services.

Newcastle – Digital Strategy lacking in detail, no visible reference to My Account, accounts or portals.

North Somerset – “Residents will have a better experience when accessing the council’s services and information, with an easy-to-use website that works on any device, digital services so good and convenient that people prefer to use them when they can, and digital communications which inform and consult them on the issues they care about”.

No other reference to ‘my account’ – do have this already.

Northumberland – “Key to this digital shift is establishing a “single view of the customer”. Often referred to as “the Amazon mentality”; allowing a range of services to be available to the customer through an online, secure and personal account.”

Salford – “We want all our customers to access services digitally where possible and for all telephone queries about day-to-day issues to come through to a single number so we can have an overall view of all your needs. Specialised queries, for example those relating to adult and children’s social care, will still be dealt with”

“Around 110,000 people already have Salford customer accounts. This is a single place you can go online to access a whole range of services. Having an account means we can answer your queries more easily and anticipate your needs to ensure you get an excellent level of customer service. The range of information you can access and services you can request through this account will increase over time”.

Comprehensive action plan to progress made with My Account service and improvements that will be made.

Lower tier

Welwyn Hatfield – “To provide customers with a single point of access to services and data, and our staff with a single view of the customer, we will purchase a single digital platform which will interface with our service specific back-office systems”.

Chorley & South Ribble – “Investigate options to improve the information that is available to residents including creating a single view of the customer, providing real time data about council services, and personalising information to individual residents”.

“Whilst around 37% of access to council services is currently online, both Chorley and South Ribble could work further to make digital options the channel of choice for all customers.”

“Council services and information can be accessed through a range of digital channels, allowing customers to access services at any time, with any device”.

Limited explicit reference to ‘myaccount, portal, account’ but all well considered throughout.

Gloucester – “Increase self-service options; Provide information to customers that is consistent, accessible and up-to-date; Recognise the ways users expect to communicate and continually develop our offer; Enable Omni-Channel Access; Harness mobile technology, ensuring that customers can get the same easy experience from their mobile phones as from a desktop, laptop or tablet PC

Limited direct reference to accounts, portals, myaccount.

Gravesham – Very limited direct reference to my account, single service, portal, citizen account.

Folkestone & Hythe – The default channel for communications and engagement will be digital; Customers will be able to use an online account for the majority of their service requests and information should they so wish. They will have the ability to manage their own data (e.g. change of address, telephone numbers) and their relationship with the council (the services they choose to take).

“Embracing the Digital Revolution will help the council run more efficiently. Empowering our customers with direct, digital access to our systems eliminates multiple handling of the same query, cutting the opportunity for error”

Frequent reference to a principle of access, but not in words of account, my account or portal.

Epping Forest – Seemingly in progress or vague strategy, little to no reference to citizen account.

Dacorum – “We will use the MyDacorum portal to make our online services more directly relevant for our residents; We will increase emphasis on straight-through-processes, enabling customers to book services directly through the website”.

Cheltenham – Very little reference or mention of accounts, citizen services, portals.

Ashfield – “We have a big opportunity to meet customer demand by utilising our website, allowing customers to self-serve and access our services online means we can free up capacity to spend time with those customers who require more support or who are not able to access the internet.

Customers should be able to easily connect with the council at a time and place convenient for them, confident that we will get it right first time. Over the length of this strategy, Ashfield District Council will be undertaking a period of rapid change, implementing new and leveraging existing technology to deliver more end-to-end services and transactions online”.

“Making services easier to access 24/7 through improvements to our website, enabling greater opportunity for our customers to self-serve, manage queries, requests, report an issue or find information, no longer tied to contacting the council during working hours at our offices or over the telephone”.

References very early stages of developing my account functionality.

Cambridge – Limited direct reference, but clear understanding of the need – “We know that good design of digital services encourages take-up, so we need to incorporate gamification, socialisation and loyalty into our online services. We need to make self-service so easy that is the most attractive option, thereby managing demand for more expensive forms of interaction.”

---

Appendix 6: Problem framing session report

Digital identities
Problem framing roundtable report

Background

The Local Government Association, Socitm, iStandUK and Solace have been engaging with the UK Government on the importance of a national digital identity solution for the UK public sector for several years.

In 2021, the failed GOV.UK Verify solution was replaced by the GOV.UK One Login programme within the Government Digital Service (GDS). However, from the outset local government was out of scope of its development. This prompted the LGA, Socitm and Solace to write to GDS urging them to reconsider. This letter outlined four reasons why local government should be onboarded from the start:

1. The need for a common approach, given local and central government regularly support the same service users.
2. The need for an identity verification system built around user needs, supporting more responsive, personalised, and easier to access services.
3. The importance of learning from the lessons of the failed GOV.UK Verify solution, which failed to recognise the complexity of citizen interactions with local services and those who are excluded from them.
4. The importance of ensuring value for money by avoiding fragmented digital identity solutions that are unnecessarily costly, duplicative, and frustrating to use.

Despite not bringing local government into scope within this current spending period, earlier this year GDS agreed to work with the sector on a discovery phase to explore the future potential use of GOV.UK One Login by local government services. We agreed to start this by looking at My Accounts and blue badge service delivery in deep-dive sessions held in January and June. The LGA, Socitm, and Solace also submitted a consultation response informed through engagement with the sector on the proposals for a legal gateway to facilitate One Login.

These sessions have highlighted some early challenges, including how the One Login onboarding process has been designed for onboarding individual government services at one time, which does not reflect the complex and more horizontal nature of local service delivery.

Through a problem-framing roundtable attended by local government officers, we have explored some of these issues further.

Objectives

The aim of this session was to build a better understanding of where digital identities fit into councils’ digital transformation plans, how councils are approaching digital identities and single sign on solutions, what the challenges are in this area, and what the benefits and barriers to national/shared approaches to digital identities and single sign on.

Local government digital transformation ambitions

Roundtable participants shared common ambitions to reduce the number of online portals that residents interface with. Many councils want to provide a joined-up experience to the customer, especially across overlapping services such as benefits, welfare, and housing.

Participants also spoke about the ‘back-office’ benefits of, and in many cases their desire to, build a single view of a customer. This was seen as a key enabler for joined-up service delivery. For example, a joined-up view of data within the council (and with partner agencies) would help councils to build a better understanding of resident’s eligibility for services, and it would enable councils to coordinate life events (e.g. if a resident’s name changed, they would only need to tell their council once).

There was some discussion about the standardisation of processes across services. One participant spoke about how their council would like to introduce a consistent approach (and digital solution) across services facilitates the ability to ‘speak on behalf of a resident’ (e.g. carer, guardian or nominated person). However, currently different services have different ways of managing this process. Similarly, if a resident dies, there are different legal requirements and processes that need to be followed that prevent a resident from being able to simply tell a council once through a single digital process.

Finally, though not discussed explicitly in this workshop, from wider engagement with the sector there are ambitions for digital solutions to support increased and improved self-service access to information and services, and to reduce the need for residents to present hard-copy evidence of identity and eligibility.

The current situation

The roundtable included participants from councils at different stages on their digital transformation journeys. The majority of councils on the call did not have a single sign on solution, and, although many have ‘My Account’ solutions, there are still multiple customer portals that exist across the council.

One London Borough council is at the early stages of joining up data to build a single view of a customer. This project has secured £2 million investment and is set to take 18 months to deliver.

In terms of identity verification, no council stated that they had a whole-council digital approach to identity verification. Some councils require hard copies of documents that are stored on file.

Blockers to identity verification and single sign-on

Councils identified a range of challenges they have experienced, or blockers they anticipate, when exploring digital identity and single sign-on solutions.

Many councils have experienced significant challenges bringing systems together including issues with suppliers and legacy systems. In many services there are a small number of providers who supply specialist systems. This dominance does not incentivise improvements and can mean suppliers charge significant fees for additional services (e.g. providing an API to enable systems to join up). These supply chain dynamics can be a significant barrier to modernisation.

The cost and resources required for projects of this nature was highlighted. Councils are facing immense budgetary pressures which means that savings are often the key driver for transformation projects. However, councils are experiencing challenges demonstrating potential savings and making the case for investment in this area.

There are also capacity and capability gaps in the sector. In the LGA’s workforce survey 2022, 57% of responding councils reported capability gaps in the skills of managers and management teams when it comes to supporting digitalisation and the use of technology, and 48% reported capacity gaps in this area. We also know that recruiting and retaining skilled professionals in specialist, technical roles is also a challenge. 43% of councils have reported experiencing difficulties recruiting ICT professionals, which was the third highest area of concern. 29% of councils were experiencing difficulties retaining ICT professionals, which was the second highest area of concern.

Legislative complexities can also make joined-up service delivery across a council challenging. Different government departments can place different and conflicting requirements on councils (which was highlighted through the permission to speak on behalf of a resident example referenced earlier). Councils also face considerable barriers in developing resident insights needed to enable the targeting of services to those most in need. Contributing to this complexity is the fragmented approach of central government when working with the sector. Specifically, data sharing between central and local government is often restricted to very specific services preventing targeted service delivery.

Local authority requirements for an identity solution

Through the discussion requirements for an identity solution have started to be identified. A solution:

• Must be secure and protect the privacy of users’ data.
• Must be designed with public trust in mind. This means considering public perceptions around digital identities.
• Must be flexible enough to support different levels of assurance, depending on the needs of the service.
• Must be accessible for all users, including the council workforce and those with low digital skills or limited access to technology.
• Should support consistency in user experiences across different government/public sector services.
• Should be integrated with government data sharing initiatives to enable better information sharing and more targeted services.
• Should support the capability for customers to manage consent for their data to be shared and re-used for another purpose, and for others to represent them.
• Would need to cater for how councils interact with customers, including individual residents, households, and businesses.
• Would need to cater for the various channels councils use to interact with customers. Councils receive a large volume of calls from residents.

Glossary of terms

Authentication	Authentication is an ongoing process of confirming a previously established identity, usually to logon/reuse a service, by presenting a credential such as username and password. This demonstrates the person is in control of the digital identity recognised by the service provider. Commonly used authenticators include: Something the user knows (such as a password or security question), Something the user has (like an ID badge key), Something the user is (such as facial recognition or biometric data).
Authorisation	The process of determining, by evaluating applicable access control information, whether a user is allowed to have the specified types of access to a particular resource. Usually, authorisation is in the context of authentication. Once a user is authenticated, they may be authorised to perform different types of access. A user is most commonly an individual but can be a business entity or device.
Eligibility	The state of having the right to do something through satisfaction of the appropriate conditions. In a local government context there are different criteria that a resident needs to meet to qualify to receive different services.
Level of Assurance	The strength of the process/evidence required to ensure trust in an identity as part of an authentication process.
Log in (v)	The process by which an individual gains access to a system by identifying and authenticating themselves. The user presents credentials which are typically some form of “username” and a matching “password”. For higher levels of assurance another factor such as a one-time-password or biometric.
Logon (n)	A user account, typically comprised of a user identifier and a password, that an individual uses to authenticate themselves, typically to an online service. A logon can optionally have additional authentication factors (a PIN, one-time-password, SMS message or biometric) for higher levels of assurance.
Non-repudiation	Non-repudiation is a procedural, legal concept that proves the legitimacy of a message or data transfer by providing undeniable evidence of both authenticity and integrity. Because non-repudiation only determines the validity of the inbound message (not altered or modified), it’s important to maintain authenticity to protect against tampering. Digital signatures and certificates provide non-repudiation because they guarantee the authenticity of a document or message.
Registration ‘Who are you?’	The process by which a user gains a credential such as a username or digital certificate for subsequent authentication. Registration can be associated with a real- world identity, or can be anonymous or pseudonymous.
Revocation	If a user is revoked, then the user cannot pass the identity authentication. Revocation occurs when credentials have not reached the pre-established reliability threshold of verification and authentication. Revocation can also be requested by the user in the instance of lost, stolen or compromised mediums and their credentials.
Verification ‘Are you really who you claim to be?’	Verification is a one-time process, verifying that this user is the person they are claiming to be. The user might be verified as genuine by the collection of separate verification-specific credentials, which are then validated against a reliable source to confirm their authenticity. This might be by checking possession of a credential presented by the user either through a face to face check, via video, via an electronic token or via biometric cross match (e.g. selfie to passport photo).

• Authentication vs. authorization (auth0)
• Digital identity glossary (Service Innovation Lab)
• Authenticity vs. non-repudiation (UpGuard)
• Authentication vs verification: Know the difference (InstaSafe Blog)
• A credential reliability and revocation model for federated identities [PDF] (NIST)