This April, the new system for paying benefits, Universal Credit, will go live for people in Tameside, Oldham, Wigan & Warrington. The rest of the country will be moved onto it by October. This is the flagship policy of Ian Duncan Smith’s Department for Work and Pensions. Many people like me will be involved in this trial, guinea pigs in a much criticised system.
Having worked in IT for 18 years as a Systems Architect, Analyst and Manager I have been involved in many projects like this; although none so large and complex. To understand how complex this project is we need to, first of all deal with what Universal Credit is and what it’s replacing. The majority of people seem to be under the impression that this is the replacement for Job Seekers Allowance; it’s not.
Universal Credit is intended to replace ALL Government issued benefits, including:
• Housing Benefit
• Income Support (IS)
• Jobseekers’ Allowance (JSA)
• Employment and Support Allowance (ESA)
• Child Tax Credit and Working Tax Credit Budgeting loans and crisis loans.
So, in effect, it will affect a much larger pool of people than previously expected, i.e. every person in the country who earns less than £60,000. A large number of these people have no idea that they will be included. That is a convergence of systems from the DWP, HMRC & Local Councils. Each of these systems has to somehow talk to each other, which when one remembers that back in the ’90′s when they started planning to link the then Inland Revenue with the then DSS they found that the DSS had somewhere in the region of 3 million more NI numbers than the IR. I cannot begin to describe just how complex this project is so I won’t try. Perhaps that’s for another article. So let’s focus else.
In order to provide access to this system the Government has come up with the “Identity Assurance Scheme”. In the past you would’ve turned up at the Job Centre along with your Passport and Utility Bills and that would be taken as proof of ID. You could be asked to provide these again at some point but generally these were considered safe. With a purely online system, and after April this will be 100% online, the Government have decided to use third party systems to authenticate and identify you. Several providers have been awarded contracts including The Post Office, Experian, Verizon and Paypal.
The difference between online authentication and physical authentication are fairly obvious. To produce fake documents that will stand scrutiny requires a certain level of sophistication. We’ve all heard about Identity Theft and may even know somebody who’s been affected but in order to receive someone’s benefits one needs to produce the correct documentation and convince someone in person that you are that person. These documents don’t come cheap. In order to impersonate someone online all that is required is to hack their email account. This invariably gives access to their Paypal, Facebook, Twitter, eBay, LinkedIn etc. Pretty much they’re entire digital life.
Most ordinary people don’t fully understand the principals of secure passwords or two factor authentication. They will generally have one password for everything, one they’ll consider secure. But that is far from the biggest flaw in this system; the biggest risk to them is that online fraudsters, especially from China and Russia, will see this as the biggest opportunity in the history of internet fraud. This same system will eventually be used for issuing driving licenses and passports. So we have a system that will use various companies who never meet you to issue passports and driving licences and manage benefits, pensions and taxation. Far too good an opportunity to resist.
So what can be done to make this more secure? Well perhaps they could provide people with special software to protect their computers but therein lies the problem and it’s the problem with this entire approach to “Digital by Default”. The majority of people on benefits can’t afford a broadband connection. They will have to go to libraries or friends and relatives houses, places where they will have no control over the computer they’re using. They won’t know if they’re neighbour’s PC has a virus on it that causes every website visited along with every key typed to be transmitted to an organised crime syndicate in Russia or China.
They would most likely be having to check their email while they’re there and perhaps log into Facebook. Of course then they’ll go about their business as usual having no idea that someone is accessing their benefit records and changing the bank account details, hacking into their Facebook account to send messages to their friends which contain links that will cause their friends to be hacked too. It’s quite possible that until they next visit the cash machine, they might not even know what’s happened to them. They will have been digitally burgled, their email account taken over, no way of getting back their Facebook account, their bank account emptied, their benefits being sent to China or Russia and their identity stolen.
One of the biggest issues is going to be demand on the libraries who’ve managed to survive the Spending Review. They will have queues of people wanting to use their computers to access the internet, people who have no internet, indeed people who don’t own a computer at all and possibly never have. They won’t know how to use a computer much less have a quick look around the back for a key logging device. It’s quite likely more local gangs will realise very quickly the opportunity that these places present. In one week they could very quickly gain access to hundreds of bank accounts. In essence we could be looking at a new organised crime network of American Prohibition proportions especially when you consider that according to ONS figures 20% of households in the UK do not have internet access and that rises to 36% for households where one of the occupants is over 65.
Many of these households have never needed nor wanted internet access, particularly the over 50′s. Now they are going to have to learn how to use the internet, acquire an email address and learn how to navigate a website. They won’t know what’s suspicious and what isn’t.
I know from the experience of own Mother when she was tricked into paying £29.95 for the free Adobe Reader. She searched Google, the first link that came up was a scam but she knew no better. She paid her money and got sent a link to Adobe’s website. Of course as soon as she told me what she’d done we managed to stop the payment and get the card stopped but had she not done so, her credit card would’ve been used to the credit limit and she would’ve been liable.
So what we have is a flawed system that has been ill thought through which will put the most vulnerable people in our society at risk of fraud and destitution without the support required to ensure that these people are protected. There aren’t enough facilities available for them to use to access it and they don’t have the money to provide their own. The DWP most certainly doesn’t have the trained staff available to help them and considering the budgeting choices councils have to make, they don’t either.
Source; Joe Halewood