1 week Ago By Varun Godinho
The Commonwealth Bank is set to help the government trial a new way of checking a customer’s identity to help avoid damaging data breaches. The rollout of “verifiable credentials” stored on digital wallets could end the need for companies to store massive amounts of personal data, Government Services Minister Bill Shorten told the Tech Council’s national summit this week. “To have it integrated into Australia’s cybersecurity environment would be something akin to a shop that puts up a sign that says ‘no cash kept on these premises’,” said Shorten.
“It would send a signal to scammers and cyber crims that Australia is not an easy touch.” Shorten’s agency, Services Australia, is conducting proof-of-concept testing for verifiable credentials. Rather than a customer handing over, for example, their Medicare card, for an identity check, the Trust Exchange process will instead allow a business to check directly with the government that the Medicare card is legitimate, reported the Australian Financial Review.
“All that is exchanged is a digital token – what amounts to a digital thumbs up by the Australian government,” said Shorten. “This means businesses and services get only the information they need and carrying physical cards and documents becomes a thing of the past. That’s a win for the customer.
“But it’s also a win for the business because it no longer needs to store personal ID documents and data on its systems. “This not only minimises data management costs but also enhances data security and compliance with privacy regulations. No stored data.
Nothing for cyber criminals to target.” In 2023-24, Services Australia reportedly observed, analysed and responded to 10,060 unique scams impersonating the agency. Of that, 86 per cent referenced in some way the myGov service, which is used by millions of Australians for engaging with the Tax Office, Medicare and Centrelink.
The government’s push to overhaul the digital identity verification process follows Optus and then Medibank being subjected to major data breaches back in 2022. The September 2022 cyberattack on Optus threatened the personal information of more than 9 million customers. Medibank is expecting to have completed “the vast majority” of its cyber security strengthening procedures following a 2022 data breach by mid-2025, with the total cost of the incident now expected to be more than $126 million.
.
