The ATO is slowly phasing out AUSkey

The Australian Taxation Office does not see a "long term future" for the AUSkey single authenticator businesses use when dealing with the government online, according to its chief digital officer.

The ATO introduced the AUSkey online security credential seven years ago as part of its standard business reporting (SBR) program, as a replacement for agency-specific digital certificates.

The public key infrastructure was developed with the help of Verizon Business, and was intended to improve security and reduce the administrative burden for businesses by offering a single credential that could be used across various government services.

An AUSkey can be used for things like changing an ABN and lodging a business activity statement, alongside myriad other government services from the likes of the ATO, ASIC, APRA, Human Services, the Australian Business Register, Austrade, and state revenue offices.

However, it appears little work has been done on the platform since August 2015, when the ATO added SMS and email notification functionality for when new administrator AUSkeys are registered for a business.

Additionally, late last year the ATO introduced the ability for businesses to authenticate and authorise through SBR-enabled online cloud software, negating the need for an AUSkey for this particular service.

Twenty-nine software developers are now enabled on that platform, ATO chief digital officer John Dardo said today.

He revealed other authentication solutions would likely take AUSkey's place over the coming years.

"We're doing some remedial work on AUSkey, although that is not the long-term future," Dardo told the Technology in Gov summit in Canberra today.

Businesses can now use their myGov account to log in to certain ABN services, Dardo noted, and the ATO is currently building a new relationship and authorisation feature that will allow an individual to represent themselves, their spouse, or their business through one interface.

This feature is in development and will likely enter production around October, he said.

"And we're working with other agencies and across the government on what authentication will look like in the future," Dardo said.

Authentication is a key consideration for the agency given it handles more than 745,000 new tax file number enrollments and 700,000 new Australian business numbers (ABNs) each year, for a total pool of around 20 million active TFNs and 7 million active ABNs.

There are two related initiatives already underway in government that the ATO might look to for its future authentication solution.

Australia Post recently released its Digital iD service on Apple's App Store.

The identity verification technology will allow users of government and private sector services to easily verify themselves.

Digital iD does not appear to support any services yet; in May Australia Post said it was creating a proof-of-concept with the  Digital Transformation Agency (DTA) for the use of Digital iD with government services.

The Australia Post platform taps into the DTA's Govpass digital identity framework, which the DTA is building to provide a whole-of-government approach to verifying identity for online services.

The framework involves a set of standards, an underlying technical exchange, and partnerships between agencies. It is in private beta and is expected to move to public beta early next year.