OTTAWA – Toronto-based SecureKey Technologies Inc. has announced during the GTEC technology conference here a plan that will see Canadians using their online banking credentials to log on to federal government services. More than a dozen government departments, including the Canada Revenue Agency and Service Canada, are already using SecureKey Concierge, and three of Canada’s five major banks are participating.
On participating government departments’ websites, Canadians are offered the option of logging in using a government-provided, government-managed ID or using one provided by a participating bank. Those who choose the bank option enter their online banking user ID and password. BMO Financial Group MasterCard users tap their cards on an electronic token provided by SecureKey to provide further proof of identity, said Andre Boysen, executive vice-president of digital identity and authentication services for SecureKey.
Related Story: Good news; bad news scenario for Government VARs
The first time a person uses a bank user ID for access to government services, the government asks a number of questions to verify the person’s identity, said Boysen.
Boysen said the system does not turn over individuals’ banking data to the government or tell the banks what government services their customers use. When a person uses banking identification information to sign on to a government site, the bank will pass an anonymized security token to SecureKey, which will further anonymize it and pass it to the government department, he said.
He acknowledged, though, that SecureKey may have some work to do to explain this to consumers and allay possible privacy concerns about, say, using their online banking ID to log on to a taxation-related site.
People are overwhelmed by the number of digital user names and passwords they must remember, Boysen said, and allowing them to use bank IDs for access to government services will make their lives easier.
“You are very likely to know your password for your bank,” he said. “It’s very unlikely you’re going to forget it, and if it’s compromised chances are you’re going to know it right away.”
The system will let government departments take advantage of the banks’ very good security systems, he said. And for the banks, the advantage lies in providing their customers with better service and leveraging their position of trust. Presumably, the more ways a bank customer uses a bank-provided identity, the less likely the customer is to change banks.
In a keynote address at the annual GTEC government technology conference in Ottawa Tuesday, Kevin Lynch, vice-chair of BMO Financial Group, mentioned the initiative as he talked about the importance of collaboration in the public and private sectors. “BMO Financial Group is very proud to be part of this,” he said.
In time, Boysen said, customers will actually use their bank cards as part of the authentication process. SecureKey already provides a stand-alone device that works with cards, he said, but the technology is now being incorporated in all new computers based on Intel Corp. technology, so it will become ubiquitous. “That is where it’s going,” said Boysen.
Currently BMO, Toronto-Dominion Bank and Scotiabank have signed on for the service. Boysen said a number of other financial institutions, including RBC Financial and CIBC, are evaluating it and he hopes to have them join, but he could not provide any dates.More federal government departments will also be signing on, he said, and in time SecureKey hopes to extend the service to provincial and municipal agencies. The same concept could also be extended to other businesses, such as major retailers, he said.