The potential for identity in the public sector is huge – but it has yet to be realised.
Following a successful Think Digital Identity and Cybersecurity for Government event in London, digital identity leaders have shared their thoughts on the future of identity.
Justin Woolen, UK public sector director at Okta, said the initial step to enabling online government services is robust identity verification.
“Online experiences begin with verifying our identity,” he said. “Citizens must be able to interact with and access multiple online accounts simply and securely.”
However, he noted that this process is often hindered by fragmentation in identity management systems, complicating the user experience.
Woolen identified three prominent challenges facing the UK public sector:
- Digital Skills Gap: “There are never enough developers,” he explained. This shortage is exacerbated by difficulties in attracting public sector talent from the private sector. According to Woolen, 82 percent of respondents in a recent report cited insufficient internal resources for managing Identity and Access Management (IAM) as a significant pain point.
- Account Security: Woolen pointed out that stolen credentials are responsible for most web application breaches. Alarmingly, 86 percent of citizens still rely on traditional username and password methods for authentication, leaving them vulnerable.
- Legacy Systems Migration: With 75 percent of public sector organisations aiming to expand their digital services in the next two years, Woolen believes identity can bridge the gap between modern and legacy systems, ensuring that upgrades do not disrupt access to critical services.
“Identity is crucial to solving these challenges,” he said. “We’re at a key moment in time where strategies can meet the concerns of the UK public sector by employing seamless solutions that ensure security while enhancing digital transformation. For the public sector, utilising third-party identity solutions from the private sector has become fundamental to addressing these challenges. Not only will this deliver direct access to specialists in identity – thereby freeing overworked government IT teams and managing the digital skills gap – but also, their expertise in the field is unparalleled in ensuring a good balance of security and user experience.
“Furthermore, third-party solutions remove the burden on the Government to keep up with the constantly evolving standards and tech innovations.”
If you liked this content…
Managing relationships between human and non-human entities
Elsewhere, Adam Preis, director at Ping Identity, said that as the UK digital identity market matures, the role of identity providers (IDPs) is set to expand far beyond traditional human-centric identity management.
“Historically, digital identity solutions focused on securing workforce, customer, and partner identities, but the future demands a far broader scope. As digital identity becomes more pervasive across the UK digital economy, the inclusion of non-human identities—such as service accounts, IoT devices, and AI agents—will become essential, requiring new solutions for authenticating, authorising, and verifying users and entities.”
Simultaneously, the paradigm of trust is shifting, with decentralised identities and verifiable credentials set to play a central role in the near future. As digital providers embrace these models, the UK market is expected to see a more privacy-focused, decentralised approach to digital identity, in line with developments around eIDAS 2.0 in Europe.
Looking ahead, Preis believes that AI-driven automation will revolutionise IAM processes, streamlining operations and enhancing efficiency. “The UK’s digital identity landscape will be shaped by cutting-edge solutions that manage the relationships between human and non-human entities,” he stated.
Interoperability is key
Paula Sussex, CEO of OneID, underscored the importance of simplicity in digital identity governance. “Digital identity verification is a solved problem in many countries,” she said, citing the EU’s eIDAS framework as an example.
However, Sussex pointed out that the UK is challenged by a lack of alignment among government, regulators, and industry. “Without simplicity, we are making the task harder for ourselves,” she said.
“Interoperability is the key to providing services that UK citizens and organisations can use effectively across public and private sectors to a single UK framework and open standards. So understanding DSIT’s pan-market vision and in particular, how the public and private sector services will complement each other over the coming months will be key,” she added.
“Creating more use cases for digital identity – such as right to work, right to rent – will help create the ubiquity of use that has benefitted so many of our European peers.”
