Skip to main content

Digital identity system

Creating a secure and sustainable digital identity system will make it easier to access a wider range of digital identity services in a consented, trusted way.

In 2018, the New Zealand government committed to a 2-year programme to investigate the requirements for a new and improved approach to digital identity. Read more about its background and research undertaken.

Understanding the digital identity system

Digital identity allows people and organisations to use their  information, such as income, date of birth or proof of eligibility, to access services online. These pieces of personal or organisational information are also known as attributes.

Digital identity services rely on relationships between individuals or users and service providers, as part of a ‘digital identity system’.

The digital identity system is the collection of all the participants, the roles they play and the actions they undertake to allow users to share information in a trusted and secure way.

Read more about digital identity and permission to share attributes — What is digital identity?

Modernising the digital identity system

The digital identity environment has changed significantly over the years. Globally and in New Zealand digital identity services have emerged, offering new ways for people to access and share their information.

The proposed Digital Identity Services Trust Framework will provide people with greater choice and innovation in the provision of trusted and secure digital identity services.

For those benefits to be realised the existing digital identity system needs to change, to reflect current digital identity expectations. In June 2021, Cabinet directed the Department of Internal Affairs (DIA) to complete a detailed business case for investment options to modernise digital identity infrastructure.

Investing in infrastructure for the digital identity system (PDF 4.9MB) — DIA

Proposed digital identity system

The Digital Identity Programme aims to create a trusted, coherent and sustainable digital identity system.

This proposed system uses rules to define how the participants in any transaction work together to consent to share or validate a user’s information.

Defined rules and a governing trust framework mean that:

  • people can access the services they need
  • people can have greater trust and confidence in how their personal and organisational information is used online
  • service providers know the information they get is correct and belongs to the right entity
  • all participants can operate in a trusted, sustainable and coherent digital identity system in New Zealand.

System interactions

The following typical transaction steps 1 to 4 and Diagram 1 outline how a typical transaction flow might occur in a future digital identity system.

Typical transaction steps 

Note: These steps can happen in a different order, or might not involve all the parties. It depends on what is authorised, what information is needed, and which providers are involved.

A user wants to initiate a transaction or gain access to a service from a relying party such as a bank, government, age restricted services, travel or transport.

  1. A service provider, known as a relying party, requires certain information to offer their service. This interaction goes back and forth.
    • The requirements are communicated to users.
    • The user gives permission for their information to be shared in a secure way.
  2. An information provider that holds the user’s information, such as government, a bank, an individual or utility company, supplies the user’s information.
  3. The credential provider works with other infrastructure providers to validate the information is being packaged safely and securely, through binding and authentication processes. The outcome may be a reusable package of information called a credential.
  4. A facilitation provider helps the user to share their credential, and access the service or complete the transaction with the relying party.

Diagram 1 shows how a typical transaction flow might occur in a future digital identity system.

Diagram 1. Proposed digital identity system in NZ
Detailed description of diagram

This diagram outlines:

  • the proposed digital identity system
  • the typical transaction steps 1 to 4
  • the relationship between the participants: users, relying parties, information providers and infrastructure providers
  • the overarching Digital Identity Services Trust Framework.

A list of participants in the typical transcation steps including defintions and examples:

  • Users are subjects or agents that initiate transactions within the system.
  • Relying parties consume trusted personal and organisational information to provide services. They could be:
    • banks
    • government
    • iwi
    • age restricted services
    • travel
    • whānau services
    • health
    • international jurisdictions
    • transport.
  • Information providers supply personal and organisational information they hold. They could be:
    • government
    • private sector
    • individuals
    • iwi.
  • Infrastructure providers enable people to claim their information and consent to share it.
    • Authentication providers: give people the keys to access, manage and use their information across a range of services in a secure way.
    • Binding providers: connect the right person with the right information.
    • Credential providers: establish and maintain reusable credentials.
    • Facilitation providers: digital wallets, information hubs and brokers.
The participants request and share personal and organisational information, and this can happen in a range of different ways. 
View larger image (PNG 46KB)

More information

Digital Identity Services Trust Framework

Utility links and page information

Was this page helpful?
Thanks, do you want to tell us more?

Do not enter personal information. All fields are optional.

Last updated