The Australian government will roll out additional biometric security measures for key online government services in 2024 to curb a surge of online scam activities.
It comes after the federal government revealed it had to deal with thousands of scam attempts at myGov accounts each month.
myGov is an online application (app) that allows Australian users to access a wide range of government services, including seeing their tax records, Medicare, and social welfare.
In an interview with ABC Radio, Government Services Minister Bill Shorten said the government had proposed introducing “passkeys” to the myGov app in the first six months of 2024.
With “passkeys” enabled, users can then log in to their myGov accounts using face or fingerprint recognition instead of usernames and passwords.
The minister said the new measure would offer greater protection for myGov users.
“That’s a good system of security because that can’t be phished.”
To address concerns about biometric security, Mr. Shorten assured the public that the government did not collect that data.
“When I say biometric—that facial feature of your thumbprint—the government doesn’t get it,” he said.
“We don’t want it, and we don’t get it. What it does is … we’re using the technology of people’s phones to increase the protection of their government data.”
While the minister said Australians can access essential government services without using the online app, he noted that its security was much higher than what private institutions offered.
He hoped Australians could trust the system.
“I do stress there‘ll be people perhaps of a particular generation or circumstance who will say, ’I don’t want to go online, I just want to go down to my local Services Australia office, or I want to ring up,'” Mr. Shorten said.
Surge in Scam Activities Targeting myGov
According to Mr. Shorten, between January and October, his department intercepted around 6,000 instances where individuals tried to get access to the myGov accounts of other people.The minister said those accounts were not hacked but rather subject to some forms of phishing where criminals sent official-looking myGov emails asking users to put forward their financial details.
While the criminals eventually failed to access the myGov accounts due to multifactor identification, Mr. Shorten said it was still a serious attempt to impersonate someone.
At the same time, he warned criminals were selling tools that enabled bad actors to steal myGov data from users.
“Criminals, malicious actors are making it easy for other criminals to generate and recreate myGov phishing sites,” Mr. Shorten said.
“They’re selling the technology of how to try and impersonate a person on myGov.”
Concerns About Biometric Security
While the government is pushing for more biometric security measures to protect Australians’ privacy, there have been growing concerns among the public about the increasing use of surveillance by government and private institutes.Some believed that the companies overstepped their boundaries and invaded customers’ privacy.
While some venues stated that they did not collect or monetise facial recognition data, experts pointed out that most venues did not explicitly ask patrons for consent to collect their data nor inform them about the use of facial surveillance at the point of sale on ticketing websites.
