We are consulting on draft Digital ID legislation. For more information or to provide your feedback, visit our consultation page.

Privacy and security

Mature man looking at phone

Private and protected

Your personal information is valuable and worth protecting.

When you send your personal information online, it is important to know who you are sharing it with, and how your privacy is protected.

Having a Digital ID through the Australian Government's Digital ID system means you can be confident your personal information is: 

  • securely encrypted 
  • shared with providers and services only with your consent*
  • not collected, profiled, used or sold for other purposes, such as direct marketing
  • protected by strict security protocols set by the Australian Government
  • information about what services you access is also protected and only used to:
    • manage your Digital ID
    • manage possible fraud 

*Unless required by law or to investigate instances of fraud.

What information is shared? 

Your personal information is only shared with your consent and is usually limited to your: 

  • name 
  • date of birth 
  • contact details. 

If the service you are accessing requires more information, they must justify this request in writing and seek express consent from you.  

  • They also need to demonstrate that:
    • they have appropriate security, privacy and fraud control processes
    • they have completed a risk assessment before they receive more information.

Protecting your biometric information

Using biometrics, like your face, to prove who you are online is safe, secure, and reliable. Matching a scan of your face to your ID documents is an important security feature which helps reduce the risk of identity crime and fraud.

Biometric matching can be used for many purposes. With a Digital ID, it is only used to help verify that an individual is a true and live person. It is a secure, convenient and reliable way to check a person is who they claim to be.

Your biometric information is protected by a range of safeguards. Identity services in the Australian Government's Digital ID system:

  • will only use your biometric information to verify your ID 
  • will delete your biometric information after your ID is verified
  • need your consent each time they use biometric matching
  • use strong security and encryption to protect your ID. 

A secure Digital ID system

The Australian Government's Digital ID system has been designed with your security in mind. 

The system includes security features which undergo rigorous assessment and testing.

Providers within the system must be accredited under the Trusted Digital Identity Framework and meet strict requirements to protect users’ privacy and security, and control against fraud.

These requirements include the need for system participants to have:

  • demonstrated compliance with the Australian Privacy Principles and the Privacy Code.
  • an independent privacy impact assessment
  • independent information security assessments
  • ICT penetration tests

 

Set it up once, and then reuse it whenever you are asked to prove who you are.

How to create your Digital ID
Icon of a phone with tick

© Commonwealth of Australia. With the exception of the Commonwealth Coat of Arms and where otherwise noted, this work is licensed under the CC BY 4.0 license.

Back to top