Third party software: migrating from Government Gateway to ID Assurance

I wanted to give you a short update following our fourth workshop with third party software developers on 13 September.

We took a steer from the third workshop that developers now wanted to see these design principles being applied to real services. Developers were also keen to understand our migration plans from Government Gateway to the ID Assurance model.

At the fourth workshop, we floated the idea of piloting an early migration from the Government Gateway Transaction Engine to a replicated service on the HMRC Digital Tax Platform. This proposal would retain Government Gateway authentication at the front-end, but would switch the third-party software URL to an end-point on HMRC’s estate allowing us to control transactions. This would give us an opportunity to deliver additional benefits to third party software developers sooner than waiting to implement them together with the wider changes under ID Assurance migration. One feature we are keen to provide through this is the ability to receive synchronous business responses from HMRC instead of third party software needing to poll repeatedly. There was a positive appetite for this, so now we’ll write some success criteria to help identify an appropriate pilot service and work with developers to flesh out our proposal.

We have been gauging early thoughts on the question of delegation management in IDA. I think there’s broad recognition that ID-assured users should be able to delegate their responsibilities to others. A lot of third party software already enables this kind of authority management within businesses, and HMRC are keen to explore how authorised delegates can access and consume services on the Digital Tax Platform too. Software developers gave us their views on how any IDA delegation management might need to operate and the level of interaction with third party software. The early feeling is that it would need to run in parallel to third party software rather than be a unified approach. We’ll take away the views shared and develop our thinking further around this. Any other thoughts around this are welcome.

Next month we’ll be developing all of the above as well as demonstrating elements of it with an existing HMRC application, PAYE Desktop Viewer. We are looking at using this application as a potential proof of concept for ID Assurance in a downloadable product for businesses and agents. Software developers were keen to see some of the design principles built into a working product, so we’ll start with showing how it currently works, and think about what user stories we’d need to develop as part of its IDA journey.

I’ll leave it there for now, but thanks for your contributions and please get in touch if you wish to share your thoughts.

Share this page