With the UK Government’s plans for a digital identity scheme on everyone’s mind, it was perfect timing for Think Digital Identity and Cybersecurity for Government, hosted in London.
“Last week’s announcement around the Government’s digital identity plans set a fascinating backdrop for today’s digital identity and cybersecurity conference,” explained Matt Stanley, founder of Think Digital Partners.
“From the Government’s ID update through to panel sessions on borders, AI, trust, the cyber profession, secure by design, resilience and risk, hearing from a series of expert speakers sharing some significant insight and learnings. It’s a time of change and some exciting opportunities, and this event showcased many aspects of this.
While digital government leaders said they couldn’t go into detail on the announcement, they still revealed information that points to the direction of travel for digital identity and cybersecurity within the public sector.
With the BritCard being built on the government’s GOV.UK One Login infrastructure, director of digital identity at the Government Digital Service (GDS), Natalie Jones OBE (pictured), shared some stats around One Login’s growth and impact. More than 11 million people have now verified their identity using One Login, with 82 government services onboarded and more joining.
And while inclusivity and accessibility are key concerns raised around the new digital ID plans, Jones said One Login has prioritised making digital identity accessible to all, including those without standard forms of ID or digital access, through multiple verification routes – app, web, face-to-face, and non-photo ID options.
The next step for One Login is launching the GOV.UK Wallet, which will allow people to store and use government-issued documents digitally, starting with the Armed Forces veterans card and digital driving licence.
A sweet spot between security and useability
Elsewhere, Stephen Mowll, area VP of solution engineering EMEA at SailPoint drove home the importance of embedding security from the start when it comes to gen AI. This means creating frameworks and structures that support secure modernisation and responsible AI use.
If you liked this content…
Government under fire over security of identity verification system
Public sector must be resilient by design to counter cyber threats – KPMG
11 emerging technologies the public sector needs – Forrester
Think Digital Identity and Cybersecurity for Government Round-up
Employee and non-employees: breaking down the siloes
“We need frameworks, structures that give us context, give us the ability to modernise, but in a trusted way,” he said. “I think ultimately, if we keep that foundation, if we build secure from the start, then we’re going to be far more successful on the rate of change.”
With the introduction of the European Union’s Entry/Exit System (EES) around the corner, the conversation pivoted to how digital identity offers major efficiency and security gains – but its success depends on careful governance of trust, interoperability across borders and sectors, and finding the right balance between convenience and security.
James Crawshaw, fraud and ID solutions consultant at TransUnion noted: “Friction is not something we should be afraid of… You want it to be easy, but that doesn’t mean it should be frictionless. Friction brings in the level of trust… There’s a level of security; there’s a level of usability that you need to find that sweet spot on.”
As momentum behind agentic AI increases, attendees heard how AI is already transforming identity management – and how managing it responsibly is critical to security and trust.
“It’s not only just how I verify identities, but also how am I continuously verified, continuously securing these digital identities?” said Jonathan Neal, Field CTO at Saviynt. “Anyone that’s thinking this is tomorrow’s problem, it’s not. It’s now… If you don’t have a human identity or AI agent strategy, then the best time is today.”
The future of digital identity
So what is the future of digital identity in government? Experts agreed it is now an essential enabler for both citizens and businesses, but its future hinges on three things:
- Trust and ethical use – especially around biometrics and risk management.
- Utility and adoption – identity must provide clear value to the user, not just the issuing authority.
- Balance of security and usability – too much friction undermines adoption, but too little exposes systems to fraud and cyber threats.
“Trust really is around the safe and ethical deployment of these types of technologies like biometrics, and yes, they have to be inclusive, widespread trust,” said Tom Ankers, director, UK Identity & Biometrics at Deloitte Digital.
“The only difference between now and 20 years ago when I started working in the biometric field is the rate of evolution in the technology, policies and standards all at the same time.”
