[avastmick]

I led the technical design team for RealMe, New Zealand’s digital identity service. Sadly, the service is woefully undervalued and poorly used. The technology is now out dated.

It was built to directly mitigate events like the Latitude breach whereby the service gives an answer to an identity question rather than spraying PII across the economy. Answers were formed by pulling data from disparate authoritative sources in real time, a set of tokens were created and an audit record created and shared with PII owner consent. No personal information was ever intended to be shared or stored. It was an elegant solution for New Zealand, though we were mindful of a potential scaling issues in larger jurisdictions.

The financial sector was the initial target to help with AML/KYC flows. The banks in particular lobbied for access to the PII rather than an answer to the question so the service was devalued from the get go. If we’d won that answer I believe that digital identity and personal information sharing would be very different today.

[kiwidrew]

I miss the days when NZ was truly innovative. RealMe was very promising when first introduced.

Of course it was never going to be adopted en masse by the private sector since part of the "get approval to use RealMe on your website" was "get Parliament to pass an Order in Council adding you to the authorized users schedule".

[karateka]

I must say I always liked being able to use RealMe as kind of a single sign on for multiple sites, it’s a shame it never got more widespread

[jcz_nz]

It was never approved for broader use outside of govt, and the DIA insists on stupid-high "cost recovery", making it uneconomical.

Forest and trees, and lack of actual political leadership.