Australia’s Digital Identity: MARCH 2025

March 31, 2025

The Latest In Emerging Digital Identities and Mobile Driver’s Licences

This month, we see several exciting ‘digital identity’ developments underway which are revolutionising the way Australians engage online, and at the customer service desk with public and private services, alike. Here’s a quick update on progress, and what it means for Aussie businesses and consumers.

Setting the Standards: The Trusted Digital Identity Framework (TDIF)

The Trusted Digital Identity Framework (TDIF) was launched by Australian Government in 2018. TDIF is a set of security, privacy, and interoperability standards developed to ensure digital identity providers meet strict requirements for identity verification, fraud prevention, and user privacy.

These standards impact public service platforms and such as myGovID, as well as private organisations, like tech companies that issue credentials for logins or verify a customer’s identity for access to services.

The TDIF itself aligns with several international privacy and security frameworks, incorporating principles from global standards such as:

ISO 27001 (Information Security Management): Ensuring organisations follow best practices for securing digital identities.
ISO 29115 (Entity Authentication Assurance Framework): Providing guidelines for establishing confidence in digital identity verification.
ISO 27701 (Privacy Information Management): Addressing data privacy concerns and compliance with global privacy regulations.

By following these international best practices, TDIF ensures that Australia’s Digital Identity ecosystem is globally recognised, secure, and privacy-centric. This alignment also helps facilitate interoperability with other digital identity systems deployed across the globe.

Verifying Identities Online: Australia’s Digital Identity Explained

Meanwhile, the Digital Identity system is a government-led initiative designed to provide Australians with a secure and convenient way to verify their identity online when accessing public and private services. The objective is to replace multiple logins and passwords, with a single Digital Identity to authenticate themselves across different platforms.

A key component of this system is myGovID, a digital credential that allows users to access government services, including the Australian Taxation Office (ATO), Centrelink, and Medicare. Australia’s Digital Identity also extends beyond government services, to businesses like banks, telecommunications providers, and online platforms, who may want to integrate Digital Identity solutions with their workflows to streamline customer onboarding, enhance security, and tackle fraud.

Verifying Identities by Mobile Driver’s Licence (mDLs): The Digital Trust Service

In October 2024, Austroads announced the Digital Trust Service at the International Identity and Verifiable Credentials Summit (IVC24) in Sydney.

Where the Digital Identity system focuses on online verification, the Digital Trust Service will harmonise all digital drivers’ licences across Australia, ensuring that they can be verified regardless of the jurisdiction or location within Australia or New Zealand and even verified in North America and the European Union.

Several states – including Queensland, New South Wales, South Australia, and Victoria – have already introduced a digital driver’s licence, but their formats and functionality vary. The goal of Austroads’ harmonisation project is to align these mDLs with the global ISO 18013-5 standard, ensuring they are:

Interoperable across all Australian states
Privacy-centric, secure and resistant to fraud
Recognised internationally

Currently, only Queensland’s mDL is ISO 18013-5-compliant.

How do mobile driver’s licences interact with other digital identities?
While mDLs are not the same as a Digital Identity, they could eventually be linked to provide a more comprehensive identity verification system.

Recent Developments and Future Outlook: March 2025

Key updates on progress on Australia’s Digital Identity Systems as of March include:

Expansion of myGovID:
- As of 2025, myGovID supports access to 76 government services, making it a central tool for Digital Identity verification.
- Increased security measures: The system now includes stronger biometric authentication and fraud prevention mechanisms.
- Private sector integration: The government is working on allowing banks and businesses to accept myGovID as a verified identity.
Harmonisation of Mobile Driver’s Licences (mDLs)
- NSW, QLD, SA, and VIC have implemented digital licences that allow users to prove their identity without a physical card. However, only QLD’s mDL is currently aligned with ISO 18013-5 standards.
- Efforts are underway to standardise mDLs across states, ensuring seamless recognition nationwide.
- ISO 18013-5 compliance will make Australian mDLs internationally compatible.

How Do Australia’s Digital Identity Initiatives Work Together?

The Digital Identity system (e.g., myGovID) is an online authentication tool for accessing government and private services.
The TDIF is the set of security and privacy standards governing Digital Identity providers and development of identity verification platforms.
The harmonisation of mDLs ensures that mobile driver’s licences are compatible across all Australian jurisdictions, as well as internationally.
While mDLs are not Digital Identities, they could be linked to a Digital Identity in the future to provide a more seamless and secure identity verification system.

What Do Australia’s Digital Identities Mean for Australians?

For Australian Customers:

Stronger Privacy Protections:
- TDIF ensures that Digital Identity Providers cannot share personal data without user consent.
- Meanwhile, individuals who use their ISO-certified mDL to verify their identity have more control over personally identifiable information that is shared with service providers, and know if and why a service provider has accessed their data.
Secure Online Access:
- Users can access government and private services using TDIF-certified Digital Identities, reducing the need to repeatedly verify their identity.
- It’s expected that Australian mDLs will also facilitate online verification of identity according to ISO18013-7 standards.
Fraud Prevention:
- The framework includes measures to detect and prevent identity theft, ensuring that digital identities are secure.
- ISO-certified mDLs are tamper-proof, protecting individuals from fraud and identity theft.

For Businesses:

Standardised Identity Verification:
- Firms can use ISO-compliant mDLs to verify customers, improving the accessibility of services, workflow efficiencies and data privacy standards for their customers.
- Businesses can integrate TDIF-compliant and ISO-compliant identity verification into their services, ensuring a secure and reliable authentication process.
Reduced Fraud Risks:
- By using a trusted identity verification process, businesses can reduce fraudulent transactions.
- ISO-compatible mDL verification platforms like Veryfyd perform real-time checks against digital certificates to guarantee authenticity of identity and credentials.
Data Privacy and KYC Compliance:
- TDIF and ISO-aligned mDLs helps businesses meet legal and security requirements when handling customer data.

For more on how to improve data breach, fraud and data privacy protections for your firm using mDLs, visit contact Veryfyd, asking for a demo.

Using Mobile Drivers Licences (mDL) for Customer Verification

Accurately verifying a customer and their credentials is crucial for a wide range of Australian businesses – not just those

KYC Meets Privacy: How ISO-Certified mDLs Solve the Compliance Puzzle

As of late 2024, amendments to Anti Money Laundering and Counter-Terrorism Financing (AML/CTF) regime will expand to impact new industries,