GDS chief on how new government login is avoiding the mistakes of Verify

Written by Sam Trendall on 30 September 2021 in News

Tom Read tells MPs that work to develop new platform is taking a much more iterative approach than its troubled predecessor

Credit: Crown Copyright/Open Government Licence v3.0

The chief executive of the Government Digital Service has outlined some of the key mistakes made in the delivery of the Verify identity assurance tool – and how the work on the new government-wide platform will avoid replicating them.

Appearing last week before MPs on the Public Accounts Committee, Tom Read was asked to provide examples of where and why an agile approach to the development of services works well. Agile methodologies espouse flexibility and short-term goals – rather than setting out a grand plan and ultimate objective at the beginning of a project.

Read cited “what didn’t work with Verify, and what is working with One Login” as an example of the benefits of adopting an agile approach.

Verify allows citizens to prove their identity in order to gain to access some government services; the service through which applications can be made for Universal Credit is the biggest user of the security platform.

Related content

The verification process is conducted by external providers – the ranks of which have shrunk in the last couple of years from seven to just two: Digidentity and the Post Office. 

Read told MPs that the model of “a complete separation” between the service and the verification process had been decided upon too early in the process, without sufficient testing of its efficacy.

“With the Verify programme, the technology approach and the overall design was baked in right at the beginning,” he said. “The founding principle was ‘we will use external providers to prove somebody’s identity, [who will] then just say “yes” or “no” back to the service… which is very good for protecting citizens’ data. But what wasn’t done is proper, iterative testing with real users to see if that worked - and we now know that that doesn’t work for around half of the users who use it.”

The One Login programme aims to replace not only Verify, but scores of other existing sign-in processes currently used across departments to allow access to services. 

In developing the new platform, GDS aims to work closely with the rest of government and shape the system to their needs and those of the citizens they serve – rather than setting out and handing down a pre-defined approach.

Read said: “What we are doing instead is working with departments across government  – with the frontline of departments – to say: ‘let’s learn more about how your users work, and we will build a solution for that works for that set of those users’. Then we will go to the next set of users to see if that works and, if not, we will need to pivot and will need a slightly different solution.”

He added: “What we are seeing already is, if we had made technology decisions right at the beginning, we would be dead wrong already. We have already seen that there are people who… have a passport, a driving licence and a mobile phone. Then there are other users that do not have any of those things, and they have very messy, chaotic lives. And our agile iterative approach has proved that we need completely different solutions for those different types of users, and we are going to be iteratively building them and rolling them out, and we will be able to stop or change at any point on the way through.”

Problem solving
The creation of the One Login platform – also known as GOV.UK Accounts – was announced a year ago.

Funding for Verify has been extended to April 2023 while work continues on the incoming system, which is due to launch next year.

Read said that One Login aims to address “three main problems”.

“The first is that interaction between citizens and government is quite confusing – you need to understand the structure of government and what individual departments offer to find the right services,” he added. “So, that is confusing, and quite disenfranchising for citizens.”

The second issue the length of time it can take to validate information provided by citizens. Currently, this can take months,

“There is a growing dissatisfaction from users; in the consumer world, you are not going to wait 14 weeks for a credit card decision,” Read said.

The third problem the login system aims to address is the “need to make things cheaper and more efficient for government”.

“[We can also] show people what data we hold on them and what connections we have between different government departments,” the GDS chief added. “And – where it works for users, where users are happy to make their user journey more efficient – we want to start using the data we hold on people, rather than pretending we don’t know anything about them when they come in, and asking them to post in passports or proof of residence.”


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

DfT declines review of undigitised DVLA processes for citizens with health conditions
2 June 2023

MPs found that ‘inefficient’ manual processes contributed to a pandemic backlog of driving licence applications from those with notifiable medical needs

Consultation reveals widespread opposition to proposed data-sharing laws for government login system
26 May 2023

Overwhelming majority of respondents voice disapproval but government will press on with plans to bring forward legislation

Interview: CDDO chief Lee Devlin on the ‘move from being disruptive to collaborative’
23 May 2023

In the first of a series of exclusive interviews, the head of government’s ‘Digital HQ’ talks to PublicTechnology about the Central Digital and Data Office’s work to unlock £8bn...

HMRC finds strong support for online Child Benefit claims – but ‘digital by default’ would cause problems for one in five users
17 May 2023

Department publishes findings of study conducted ahead of planned digitisation initiative

Related Sponsored Articles

Proactive defence: A new take on cyber security
16 May 2023

The traditional reactive approach to cybersecurity, which involves responding to attacks after they have occurred, is no longer sufficient. Murielle Gonzalez reports on a webinar looking at...