Government Digital Service (GDS)
Printable version |
The Document Checking Service: trialling online passport validity checks
Blog posted by: Benjamin Mortimer and Alex Wilson, 16 November 2020 – Categories: Digital engagement, Identity Assurance.
We’re running a project to see whether organisations outside government can use real-time passport validity checks to build useful digital services.
We’re doing this by making the Document Checking Service (DCS) available to a group of companies until summer 2021.
This project aims to reduce barriers to users being able to do things online - in particular, being able to prove their identity easily and safely.
The DCS helps users prove their identity online
When a user creates a digital identity account with GOV.UK Verify, they can use their passport or driving licence to help prove who they are.
If someone provides these details, they’re checked against government records to see whether they match a valid document. These checks are performed using the imaginatively named Document Checking Service (DCS).
The DCS compares the document details with records held by government agencies, and responds with whether or not a valid record for the document exists. The response is only ‘yes’ or ‘no’ - no other information is returned or shared.
A DCS check is useful because it lets you check whether a document is valid in real-time without needing to examine its physical security features, such as watermarks or holograms.
It’s hard to check these kinds of security features over the internet. For example, a photo of a passport hologram taken on a mobile phone camera may not be high enough quality to tell whether the hologram is genuine or a forgery.
Document checks are useful combined with other information
A DCS check on its own doesn’t prove someone is who they say they are. Identity checking services (known as ‘identity providers’, or ‘IDPs’) perform some other checks to establish this. For example, they might ask a user to take a short video of themselves on their phone and match the image against the photo on their passport. There’s more information about how to prove a user’s identity online in the publication ‘Good Practice Guide 45 (GPG45)’.
However, knowing that there is a valid record of the user’s passport or driving licence helps the IDP be more confident that the user is indeed the user. For example, if a passport gets stolen, a DCS check will stop someone else being able to use it to create an identity account.
The DCS also limits the amount of data that gets shared about the user’s document. The user provides the document details to the IDP, which forwards them to DCS. DCS returns only a ‘yes’ or ‘no’ answer in response.
There’s more information about how the DCS works, including the encryption and signing it uses to help keep data secure, in the DCS technical documentation.
Organisations outside of government check against passport data for the first time
Until now access to the DCS has been limited to the GOV.UK Verify IDPs. They’ve also only been able to use it to help users create digital identity accounts.
This is changing with the DCS ‘pilot’ project.
The pilot is a cross-government collaborative project run by teams from Government Digital Service (GDS), the Department for Digital, Culture, Media and Sport (DCMS) and Her Majesty's Passport Office (HMPO), who all form the DCS team.
Under the pilot, companies are able to use DCS checks as part of their own digital services.
Some of these services will allow users to create digital identity accounts they can use elsewhere on the internet, while others will use the DCS check to speed up processes that involve checking whether a passport is valid, such as pre-employment checks.
The companies taking part in the pilot are only able to use the DCS to check passport details that users have given them - they can’t access any other data about the passport or find out about other passports in the database. If a user chooses not to give their consent, these companies will have other ways to verify their identity (as mentioned above). All companies taking part had to prove they meet security and privacy standards.
You can find out which companies are taking part in the pilot on GOV.UK.
We want to learn how we might improve this service
The DCS pilot will test the current technological infrastructure needed to provide document checks. We’d like to learn from organisations taking part in the pilot about how we might improve the DCS application programming interface (API), without compromising the security necessary for handling passport details.
We also want to estimate how much market demand there is for DCS checks, see what services are built to use the checks, and find out about how users feel about using their documents in this way.
We received the first live DCS checks from organisations participating in the pilot in October. More will be building working technical connections over the autumn.
You can find out more about the DCS pilot on GOV.UK.
New approaches to GOV.UK content
Original article link: https://gds.blog.gov.uk/2020/11/16/the-document-checking-service-trialling-online-passport-validity-checks/