As the Inland Revenue Department gears up for a five-year plan to move services online, user authentication is a key issue.The IRD’s general manager of business development and systems, Colin MacDonald (pictured), says a review is under way of the department’s approach to authentication and identification. It currently uses Novell’s eDirectory to manage authentication of web users.
“We are taking a relook at our ongoing authentication and ID needs. We are also talking to government agencies in the UK and Australia about their approach. The basic debate is around whether to use digital certificates and/or user ID and passwords,” says MacDonald.
Digital certificates were abandoned when the IRD launched its ir-File service for payment of PAYE tax by employers in 1999 but MacDonald says they haven’t been ruled out.
“The key thing is to strike a balance between having an appropriate level of security and being accessible and acceptable to the general public.
“The UK found that the public didn’t want to use them because they were too expensive and difficult to use. They voted on a user ID and password system. We’re still reviewing that.”
MacDonald says that the options of paper documents and phone access will always be available but the IRD will be able to add extra services through the internet such as online calculators for student loans, or editing and checking to ensure that forms are filled out correctly before submission.
Current online services include ir-File, which handles PAYE income and deduction details for 1.4 million taxpayers each month, and e-File, a proprietary Pacnet-based system which allows tax agents to file tax returns. MacDonald says e-File will be turned into to an internet, browser-based system.
Another initiative is to allow taxpayers to view their tax account online by October next year.
MacDonald says the IRD’s key technology challenge is to shift the emphasis from mainframe operations being at the core to being a much smaller piece of a layered information structure incorporating technology such as web services.
“It’s a very immature market. As a department we have to strike a balance between making progress in this space and ensuring that services are secure.
“Up until now organisations have had very black lines around themselves with staff on the inside and customers on the outside. The lines are becoming blurred. Services we provide to staff might be the same as to those outside but with different authorisation and access.”
Much further down the five-year time line are initiatives such as allowing the public to use video or audio-chat capabilities on the IRD’s website.