A Short History of Welcomer Framework - Jan 2015

At the time of writing the Welcomer Framework is experimental and has not been proven with real users and real applications.  It has minimal functionality.  A history of its evolution and why we found it necessary to create it may be useful to others considering using it or something similar. We were urged by Doc Searls to make the Framework Open Source as soon as practical and I agreed with that idea. The Framework will evolve and have increased functionality as we and others use and develop it.

The Company Welcomer (alias White Label Personal Clouds) evolved from my experience in founding and developing Edentiti to a viable company.  Edentiti is now the number one provider of electronic verification of identity in Australia/New Zealand and was built (unknowingly) from VRM principles.  It was built on the premise that it is easier for a person to supply verification of identity information than it was for an organisation to see if the person existed.  It is pretty obvious that this is the case now but in 2004 when we first started it wasn't obvious.

To sell the idea in a product we had to create a system where the person verified themselves but was unable to keep a copy for themselves for later reuse.  This happened because our customers (large organisations) paid for the verification and they did not want other organisations benefiting from their payment.  This approach has proven commercially successful but it was not what I wanted.  I wanted the individual to be in control of their own data.

I was unable to convince Edentiti to move in the direction of user control so I left Edentiti and formed a new Company (Welcomer) that would build applications that left the individual with control over their own data. We still retain connections to Edentiti but Edentiti does not intend, at this time, to move to the user retaining control of data.

To build applications you have to have domain expertise so I started trying to find people who had a domain and would like to try the VRM approach.  I found InFactDecisions.  InFactDecision's Lisa Schutz has extensive domain expertise in credit checking and wrote a thesis in 2005 that had within it (unknowingly) VRM principles. We are building, with Lisa, a Proof of Income product called Verifier.

In the meantime we have been building our Framework and trying to find other entrepreneurs with domain expertise and willing to use the Framework. When it came to the crunch they all seem to want to build everything themselves.  Finding application developers has proven difficult and so we decided in November to build an application where we had some domain expertise.  We are a small employer and it costs time to get new people to fill out two mandatory forms in Australia and then to process them. (One estimate is $20 per form mainly in admin staff salaries).  One form is a Tax File Declaration form to give the employer the right to take tax out of a person's wages and send to the Tax Office. The other is a Superannuation Choice form so that the employer knows where to send compulsory superannuation contributions. It turns out that employers also have to get new employees to be aware of other regulations, such as health and safety and to get employees to sign they have read information about such things.

WelcomeAboard is a product that asks individuals to fill out standard forms for small employers and to save a copy for the individual that the employer can access, prove they have got permission, and extract data for use in sending funds elsewhere.

It turns out that Xero from New Zealand has become the dominant small business cloud based accounting package in Australia and by becoming a development partner of Xero we can get API access to small business accounts.

The sell for WelcomeAboard is that it is easy for a business to sign up to ask employees to fill out forms. It is easy for an individual to fill out forms many of which have the same information and where the individual can reuse form information from other forms and other employers. As a side benefit it gives individuals access to their payroll information and that can be used in Proof of Income and later Proof of Employment.

An employer buys WelcomeAboard by logging in to their Xero account. To connect an employee they enter their email address.  The employee clicks on a link in the email and they have a personal cloud with a single connection to the employer.  They fill out the forms and get more links in their personal cloud.

The Welcomer Framework provides the connections to the API of businesses and connections to the personal cloud where the individual stores their information.  In the case of WelcomeAboard we use the Framework to connect to Xero and we use the Framework to connect to the person's original form.

Welcomer defines a personal cloud as the set of personal data that a person can access with a single identification.  It builds personal clouds one connection at a time.  It does this using the CloudOS idea of a pico for each connection.  With WelcomeAboard we have a pico to connect to the employer and a pico to connect to each of the forms. We  use the email address as the identifier and we use Oauth for the connections. If a person can prove they have access to their email they are the person they say they are - for this application.

When a person goes to another employer who uses WelcomeAboard then the person can explicitly connect to their other picos created for the first employer.  If other applications used the Framework (or any other personal cloud system) then the person would be able to connect to those personal cloud components and so build up a personal cloud.

We expect people to have many personal clouds and to only connect ones where there is a use and need. The sum of a person's picos and their connections now becomes the electronic identity of the person.  With this approach a person's online identities evolves as they use them.

The system is distributed, user controlled and users create their own electronic identities. Each organisation asks an individual to prove who they are each time according to the rules set by the organisation.

To move personal information from one organisation to another the individual must establish reliable connections to the satisfaction of each organisation independently. Having established independent connections they move the data from one data store to another and may or may not keep a copy for themselves.

Welcomer Framework

Welcomer applications and services use the open source Welcomer Framework. The Framework supports microservices to flexibly automate personal online tasks, putting control of a persons data in their hands.

The web is plagued by a series of data silos, each holding their own slice of a person's data but not giving them the freedom to access, use and share it as they desire. This trend has been slowly changing for the better in recent year with many services now providing API's to access their data, allowing new applications  to thrive. Unfortunately most of these applications are designed in a rigid way to support a narrowly predefined use. People are different and their needs and desires for what an application should do vary. A solution is to provide a flexible, open framework that makes it easy for a person to securely and privately use their data as they see fit.

Why is Welcomer, the Company, supporting the framework?

For a person to take control of their data they need tools to assist them, a safe place in the cloud to store their data and the cooperation of organisations who hold that personal data. To achieve these objectives, applications built using the Welcomer Framework (or other compatible frameworks) must provide value to organisations who hold data about an individual. User centric systems tend to be lower cost, easier to use and friendlier, providing added value to the organisations that utilise them.  With the Welcomer framework organisations can put restrictions on the re-distribution of data they generate.  This is important to some organisations as they wish to control the distribution of data concerning them and their activities.

Welcomer is building applications with the framework and wishes to cooperate with other developers and organisations who have similar objectives. Together we can develop the safe, user centric application ecosystem we all deserve!

Welcome Aboard

The WelcomeAboard application illustrates the ease with which organisations can connect and interact with individuals and how individuals benefit from being able to access data about themselves that they have previously entered.

The first implementation of WelcomeAboard integrates with the Xero cloud based payroll accounting system. Xero provides an API to access the payroll information.  Welcomer Framework provides a way for employees to directly enter information about themselves into the Xero payroll.  In Australia these are typically a form to state where to pay the salary,  a form of contact information, a form to notify the Tax Office, and a form to select a compulsory Superannuation product.

Typically it costs an organisation $50 to $100 to ensure all these forms are filled out, signed, stored and processed. WelcomeAboard charges $5 a year for each active employee using the system.

For the employee they only need fill out any information once.  If they move to a different employer who uses the Welcomer (or compatible) framework any data entered previously is available so reducing the time spent filling out forms.  This enables new employees to become productive more quickly and reduces the frustration level of employees.

Welcomer Framework, Personal Data and Identity

A personal cloud is defined as personal data stored in the cloud.

Whenever an application uses the Welcomer Framework they either create a new personal cloud for a person or they add a component to a personal cloud.  In WelcomeAboard the email address is the identifier that distinguishes whether it is a new personal cloud or an addition.  The individual will be able to have the ability to combine personal clouds with different identifiers, if they so wish.

Conceptually there is no difference between a person and an organisation and there is no difference where the data is stored.

A person's identities are their personal clouds.  There is no token or central registry that identifies a person.  The person is conceptually identified by their online presence.

When personal information is moved from one data store to another it is always done with the person present or under their explicit instruction.

Without an application there can be no personal cloud and without a personal cloud there is no online identity.

In the future there will be many ways a person can identify themselves. email address, device used, phone number, voice print, face, fingerprint, location will be possible ways for a person to identify themselves to an application.


Submission on Federal Government Data Retention

5th January 2015Committee Secretary, Parliamentary Joint Committee on Intelligence and Security Parliament House, CANBERRA ACT 2600

Dear Secretary,

Inquiry into Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014

Thank you for the opportunity to make a submission to this inquiry. This submission proposes an approach to Data Retention that is low cost and high value. It will provide law enforcement with access to any data it requires for law enforcement; not just Telecommunications Metadata.  It will provide protection to Australians from the inappropriate use of data retained and accessed by Government.  In particular it prevents widespread unnecessary and costly electronic surveillance.

The proposal does this by addressing the mechanics of how Data is retained and who has access to it.

The method can be used for the retention of any data the government requires for law enforcement or administrative reasons. It does this by designing Privacy into the Data Retention systems. The method gives individuals the option of retaining their own data through the use of trusted third parties.

Privacy is achieved by retaining data in a place where it is visible and usable by the individual concerned and where Law Enforcement can gain access through an appropriate judicial process.  Cost reductions are achieved by allowing the persons associated with the data to use the data for other purposes. These other purposes can offset the cost of retention.  A simple illustration is the use of Data for Billing purposes. Currently communications metadata is held by Telcos and/or ISPs for billing purposes.  Instead of this data being stored by the Third Party Telco or ISP the data could be stored in storage controlled by the persons concerned with the Telcos having access to the data as and when required. The Telcos and ISP would pay for this storage as they need to have it for billing purposes. If all the data from all the Telcos and ISP are stored by the person then all the records for a particular individual will be stored in the same place and it will be possible for Telcos to access the data as needed for their purposes and it will be possible for an individual to access the data for their own purposes.  An example of why a person might access their own consolidated billing data is for the person to reduce their telecommunications costs by using the information to better negotiate plans and billing.  The person would pay for this service and the income could be used to offset the storage cost.

If law enforcement requires access then they can also pay for the access.  This is particularly relevant to non criminal access to data such as data Piracy.

Data Retention by the Person of their own personal data applies to more than Telecommunications MetaData. It can be applied to other data which will assist the government, reduce costs and provide greater Privacy to Australians.  That is, the same system used for Telecommunications MetaData can be applied to health data, taxation data, social security data, education data etc. All of this data can use the same type of system as Telecommunications MetaData with the same benefits.

The fundamental change in this proposal is that instead of organisations being the only place where personal data is kept the individual is able to keep their own copy of their own personal data - if they so wish.  Organisations, if they have a need, can access the data to which they are permitted by the individual. For Commercial in Confidence reasons organisations can have control over who is allowed to access personal information if that access also identifies the organisation.

The cost of this change will be low and can be achieved incrementally one application at a time.  The software systems required to implement these systems are well known and will require little or no change to existing systems.

Other examples of the use of the approach can be found in the following submissions to the Murray Finance Inquiry

Government Support for a user centric Identity System

Privacy and Cross Border Transfer of Information

The system can be paid for with the use of Tradeable Claims for Infrastructure where the future uses of the data pay for the development costs. This approach will not require government appropriations or an increase in debt by the government to fund the implementation and will not put a compliance burden on private industry.

The approach advocated here does not require any changes to legislation nor does it require the Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014. It requires a change in approach from requiring third party organisations to retain personal data and make it available to law enforcement, to allowing individuals to look after their own personal data through third parties.

Kevin Cox

CEO White Label Personal Clouds

Welcomer and Privacy by Design

Privacy by Design means that by building information systems using certain design principles means the system is private if the principles are followed.  Privacy will only be compromised if an entity deliberately sets out to break privacy laws and regulations. The design principles embodied in Welcomer are:

  1. Each entity has a unique id and credential for each entity with which it interacts.
  2. Credentials are changed with each interaction.
  3. Each entity has access to the information held about them by any entity with whom they interact.
  • The first principle makes it difficult for entities to share information about a third entity without deliberately breaking privacy laws.
  • The first principle means credentials are distributed and there is no single credential that identifies an entity.
  • The second principle means it is difficult for an identity thief to capture all the credentials of a person.
  • The third principle means that entities are likely to hold accurate and correct information about each other.

Welcomer implements these principles by

  • Entities not sharing ids with any other entity other than the entity referenced
  • Creating a graph of interactions where each link in the graph is maintained by a mutual credential formed by a PKI pair.
  • Each time a link is activated the mutual credential pair is replaced where-ever possible
  • By each entity having access to the information stored by the other entity
  • By entities communicating with devices that can hold a credential



WelcomerID - How it works

The presentation can be viewed at

The presentation shows how a person creates a WelcomerID by establishing a connection between their devices and the WelcomerID. Some basic information is collected from the person and this is verified by referencing external sources directly.

First the devices of the person are checked.  At this time only email and SMS are available for checking but these will be expanded to include biometrics and other devices.

After these are checked, by sending codes and verifying that the codes were sent, the name, date of birth and physical home address of the person are entered.

These are verified against other records with other organisations.  In this example the phone book has been checked automatically. The other items require input from the person.

If the driver's licence is chosen the licence number, date of birth and name are all checked.

Once there is enough information checked the person is returned and asked if they wish to register with WelcomerID.  If they register their information will be retained for later use so that next time they need to identify themselves to another organisation they will not have to go through the same process.

The next section describes what happens "in the cloud".  When a person establishes a connection with their phone or email two persistent Welcomer objects are created in the cloud.  One is a connection to the organisation requesting verification and authentication and the other to the person's personal cloud WelcomerID.  If the person does not have one then one is created for them. The results of the checks with other organisations are stored - not the details.

If a person goes to another Welcomer enabled organisation then another persistent Welcomer object is created and there is another link to the person's own personal cloud. Information from the personal cloud can be supplied directly to the new organisation.

The Welcomer objects contain links and the rules associated with the data which is held in the databases to which the Welcomer objects connect.

The totality of Welcomer objects and the data about the person in the different databases define a person's personal cloud.

ACT Digital Canberra Challenge - ID Submission

Submission by Kevin Cox of Welcomer.

Sent to

This is in response to the second challenge.

Challenge Statement

The ability to provide your own smartcard-style chip that could be used to access ACTION buses, library services, possibly expanding to national level for Medicare and Centrelink cards. The system could be based on the use of a single ID card in accessing services provided by the ACT Government (health – doctor appointments, medication etc.; education – enrolment in schools etc.; transport – car registration, ACTION buses card, parking etc.; cultural & entertainment – library, events ticketing / booking etc.)

Desired outcomes:

Simplified, potentially single ID card to access services in Canberra.

Challenge Summary - in our own words

The challenge involves linking various services to a single electronic ID. This electronic ID can be attached to a smartcard-style chip, an ID card or any of a number of other technologies. The challenge has several components:

i) Provide a service to give individuals their own electronic ID that can be used to access ACTION buses, library services, possibly expanding to national level for Medicare and Centrelink cards. This system could allow the use of a single ID card, chosen by individuals, to access services provided by the ACT Government (health – doctor appointments, medication etc.; education – enrolment in schools etc.; transport – car registration, ACTION buses card, parking etc.; cultural & entertainment – library, events ticketing / booking etc.)

iii) Provide a service to give individuals their own smartcard-style chip that can be attached to their electronic ID and be used to access services as agreed by different organisations.

iv) Provide a service to allow individuals to use existing cards issued by different organisations to attach to their electronic ID and be used to access services as agreed by different organisations.


Simplified private personal ID system that integrates existing cards, future cards, usernames/passwords for the individual.  The individual has a standard way of identifying themselves no matter what device they use and with whom they use it.

Addressing the Challenge

MVP Trial

The prototype will provide ways for an individual to create their electronic ID and connect it to a Community Group. A demonstration of WelcomerID can be viewed at In summary WelcomerID allows an individual to verify and authenticate their identity to an organisation.  WelcomerID is not an ID in and of itself, but is a standard way for an individual to verify who they are to an organisation.

When an individual connects with the Community Group they will be registered with the Group and receive a Community Group ID. The registration becomes part of an individual's personal cloud or total electronic ID. The community group will suggest members connect to another ACT government service and check their postal address with Medicare and the ACT Electoral Office. Individual Members will be asked to nominate and send emails to others who might be interested in connecting with the Community Group.

The trial will demonstrate that people can create IDs via a Community Group, that the electronic IDs created can be used to connect to a government service and to acquire information from that government service.

A Community group or club who is already producing ID Cards will be approached to use the ACT ID information to produce their ID Card.

The MyCard organisation will be approached to allow their existing cards to be attached to a person's electronic id so that the person can readily access their MyWay information.

View this YouTube presentation to see an outline of ACT ID.  The text of the presentation is supplied at the end of this document.

Acquiring Users: Creating an acceptable single ID card via community groups

The solution proposed is built on the idea of a person having control over their own electronic identity. An electronic identity (or personal cloud) consists of all the personal information, where-ever held, that can be linked (by the user) to an individual's physical presence and the physical objects they possess, such as an ACT ID card.

Individuals are able to provide their own ID Cards by first creating their own verified and trusted electronic ID.  Once an electronic id, under the control of an individual, is established it is possible for the individual to provide information to create a card and to instruct a trusted organisation to produce the card.  The person will also have ways to attach existing cards and devices to their electronic id. These could include MyWay Cards, Driver's Licences, Medicare Cards, Student IDs, and Mobile Phones. The individual drives this process, and can add services if and when they are comfortable doing so.

Getting individuals to take the first step towards simplified identification is one of the key risks that the trial will address. Rather than require the ACT government to drive adoption, we will look towards established community groups who have a proven record of engaging with citizens. The Community Groups will benefit via the sale of branded ID cards and from the simplified connection with individuals,  Individuals will benefit by reducing the number of cards they hold and passwords they have to remember, while providing them with a way to contribute to Community Groups and Charities they choose to support.

Demonstrating the Technology - Connecting identities via WelcomerID

A key technical requirement is that a person can link multiple identities to themselves in a secure and private manner.

WelcomerID allows an individual to create their own electronic ID and to track its use with any organisation that adopts WelcomerID. Any device can be attached to WelcomerID and used by a person and a cooperating organisation as a way of identifying the individual.

WelcomeID is a development of ideas tested and marketed by Edentiti through the successful GreenID product over the past decade. The WelcomerID team will draw on their successful experience with the Edentiti technology.  Welcomer will make WelcomerID available to be used by any other group participating in the Challenge.

The WelcomerID team is experienced in Lean Startup Technologies and building Minimum Viable Products that can be extended. To that end it is proposed that an ID system based around WelcomerID technology be introduced incrementally via trusted Community organisations.  This proof of concept proposal is to take WelcomerID and introduce it via a Community Organisation.  One suggestion is the Gungahlin Community Council (GCC).  The GCC was chosen because the team leader has been an executive member of the GCC for the past decade and the Council is proactive in engaging with the community.  The government application suggested is Canberra Connect's FixMyStreet as it is a direct connection to the community.

Any member of the Gungahlin Community who agrees will be given an electronic GCC ID by connecting to the GCC.  To prove that they are a member of the Gungahlin Community people nominate themselves and use government sources to verify themselves. Their medicare card is checked and they will asked if their address at Medicare is up to date. If they have an ACT driver's licence it will be checked against the ACT government drivers licence database. If they are enrolled to vote they can show they are registered.  If their address is changed they will ask to update their electoral address.  They will also ask another member of the Community to vouch for them.

A local Gungahlin Community Organisation or club who issues ID Cards could accept information directly from a person's electronic GCC ID and produce a card

Gaining uptake by government  

The other major obstacle in introducing any identity technology is to get government bodies to accept, use and deploy the technology.  Government systems are large and complex and any innovation has to be simple, self contained, and easy to deploy.  To that end the proof of concept suggested will prove itself with a government system that currently engages with the community.

It is suggested that Canberra Connect's "Fix my street" install Welcomer so that they can recognise that a person is a member of the Gungahlin Community but not the actual person - unless the person wishes to identify themselves.  If a Fix my street request comes in and is acted on, then the ACT government will pay $10 to an approved Charity or Community Body nominated by the person making the first request.  The ACT government will also pay Welcomer the standard fees for connecting to both the GCC and to Canberra Connect.  This is $1 per year per person connecting.

When a person connects to a Community Organisation they will be asked to check their Medicare address.  If this is different they will be asked to update their address. If a Community Organisation member changes their Medicare address to the ACT then the Community organisation of choice will get $50 from the ACT government.

If a person requests a change to their electoral address then the ACT Electoral office will give $10 to the Community Organisation of choice.

All the prize money funds from the Challenge will go towards purchasing Welcomer Balances which will be used pay the Welcomer fees and which will earn Discounts while unused.

While we have suggested Fix my Street for the proof of concept, this could be changed to any of the systems shown below.  An important point is to show that the system can be implemented incrementally and does not require a critical mass to be successful.  It is important to show it is useful on the small scale as well as the large scale, that it can coexist with existing ID systems, and that it can easily integrate with existing systems.

Milestones for Minimum Viable Product

  1. Work with GCC and Fix my Street to specify the overall system structure and objectives.
  2. Design the interface to the GCC
  3. Set up WelcomerID for the GCC including verification via MyWay, Medicare, and ACT driver's licences.
  4. Design the interface to Fix my Street.
  5. Design the Medicare Change of Address request
  6. Deploy to the Gungahlin Community Council website
  7. Deploy to Fix my Street pages on Canberra Connect
  8. Deploy to existing ID card producing organisation.

Likely Costs and Benefits

The ACT government would own the implementation and could promote its adoption in other jurisdictions and obtain direct benefits from the system adoption.  Welcomer would provide the service and would retain ownership of the IP so it can be used elsewhere.

The Welcomer business model is to provide the connection and personal cloud platform but to get others to develop the applications using the platform. Welcomer is a tenant of Entry29 coworking space.  If extra resources are needed for any projects other members of Entry29 will be the first ones approached to assist. Welcomer will make its technology available to other entrants in this Challenge.

The cost to operate the system is $1 per connect per year per organisation.  This is paid by the ACT government to Welcomer.  The system can be used by commercial organisations and they will pay to access personal data, with the individual's permission, possessed by the government.  Charging can be arranged so the system is either revenue neutral or will generate a surplus for the ACT government.

It is estimated that individuals would pay $10 for a physical IDCard and $20 for a photoID card. These charges would cover the production and issuing of cards. Individuals pay nothing for their electronic ID.

The funds that go to the GCC and other community organisations may be able to be budgeted as assistance from the government to Community Organisations.

Turning the Challenge into a full scale implementation

Full Scale Implementation will be an incremental deployment of the MVP Challenge trial across ACT government agencies and ACT Community and Charity Organisations.  Funding for the Challenge can come from prepayments for future services through Welcomer Balances.  This could make the budgeting for deployment simpler to achieve. The rate of deployment will be determined by the amount of prepayments provided by the government and commercial enterprises. The minimum time for a whole of Canberra deployment is estimated at twelve months but in practice it is expected to take several years.

The costs of issuing and controlling smart cards will be low because the cards are of no use until activated by the user and that can only happen through the person's electronic id which is controlled by the individual themselves. This is a very important practical consideration for a distributed ID card system.

The ID system can be introduced incrementally for all government functions where identity is required. The introduction of the ID system will reduce the effort required of citizens and will increase the efficiency of government functions.  Some of the functions are:

  • The Registration of Births, Deaths and Marriages
  • The issuing of driver's licenses
  • Use of the ID to assist the introduction of ehealth
  • Asking people moving to Canberra to change their Medicare address and so increase the GST received by the ACT government
  • The issuing of building approvals
  • The change of property titles
  • The issuing of government licenses
  • Issuing identity cards in ACT Clubs
  • Issuing access cards for Community facilities such as swimming pools
  • Keeping Electoral Roll up to date with address changes
  • Electronic Voting
  • Obtaining feedback from the population and governments being able to engage more easily and in an ordered way with citizens
  • Use for transport and integration with MyWay
  • Use in public libraries
  • Use in schools
  • Use in events such as sporting events and theatre performances.
  • Use in tertiary institutions
  • Use by Actew and other government owned institutions

Extension of the Personal ID Card to the Federal Government and Private Business

The Commonwealth Government has had limited success in introducing a multiuse IDCard. Current efforts on ID systems with the eHealthID card, myGov and with the Document Verification System are not getting the takeup desired. The Commonwealth Government is open to new privacy friendly solutions, particularly with the introduction of the new Privacy Legislation.

Other jurisdictions throughout Australia and the world are searching for better ID systems. At the IDNext Conference in The Hague in November 2013 a mobile based ID system for Barcelona won the prize for best ID innovation for 2013.  Edentiti won the prize in 2011 and it is expected that if this Challenge is accepted the ACT ID system will be a strong contender for Innovation of the year in November 2014.

If this application for the Challenge is accepted it will increase the chances of other jurisdictions adopting this ID system. If this occurs the benefits to the ACT will be considerable as a new ID regime brings many opportunities for other ACT businesses to build on the foundation. This is because Welcomer Technology is a platform on which other applications can be produced by any organisation and Welcomer will look first to Canberra organisations to build those applications.

The ACT government could make the ID system available for use in private industry.  Industry will pay for simpler, more reliable IDs. It is recommended that funds obtained from such sales be distributed to the Community and Charity organisations of choice.

Eligibility for Selection

Welcomer is an ACT based SME with 6 FTE. Five team members for the Challenge are ACT residents and one is a Queanbeyan resident. Two individuals are student interns from University of Canberra.

Welcomer is currently being implemented commercially with development based in Canberra.  The Challenge will be a user of the technology.

Welcomer is a member of Entry29 coworking space.

Text of YouTube Presentation


This presentation shows how a person creates their own ACT Electronic ID. A person only has to do this once and they could do it on any participating Website. Once they have connected to one Website they will be able to reuse what they have entered on other websites.  Different websites may have extra criteria and require extra information but the information is added incrementally.  The system will  allow a person to change their information.

Gone will be the days of a username and password for every different organisation.  A person will be able to connect to another organisation with one or two clicks plus confirmation of their identity with a biometric from a trusted device.  

At the top of this screen for the Gungahlin Community Council the person viewing is unknown and they are invited to connect to the GCC website.  If they were known their name would be shown along with an invitation to be forgotten. 

They click on Connect and are taken to the one time enrolment screen.

Here they enter their name, date of birth and address.  This combination identifies them uniquely.

They are then taken to the next screen where they will provide ways to connect to their ACT ID.  Initially these will be email and/or mobile phone.

They will confirm they control their email address and/or mobile phone by entering codes as shown on this screen. After confirmation they are taken to the next screen where they will show they have a record with different ACT or Federal Government Organisations.

Let us say they choose the ACT drivers licence and let us assume their entered address details are different from the those recorded at the Motor regisitry.  If this is the case they will be asked if they wish to change their address.  If they wish to do this then they will be taken through a process defined by the Motor Registry on changing their address.

This process of choosing existing connections or establishing new ones continues until the organisation from which the connection was made is satisfied that the person is identified.

This process will be a once only process for any ACT ID connected organisation.

Once a person has an electronic ACT ID they can link  it to other existing identifiers they might have such as a My Card.  They will be able to request that the ACT government supply them with an ACT ID card to be used with all participating organisations.

Gone will be the day of a wallet full of cards.


A National Identity System - with optional ID Cards

This post sketches the approach to a National Identity System in NZ, Great Britain and Australia.  All countries have an aversion to an ID Number and all are attempting to create an ID system without an Identity Card.  It is the opinion of Welcomer that the best way to achieve this is to create an Identity System where the individual looks after and controls their own electronic identity.

As far as is know this is not the current approach of any government.  In this post a way of creating a robust National (and International) Identity system is proposed. The proposal is based on the idea of a connected personal cloud where a personal cloud is information held about a person no matter where it is held and includes only those items that the individual and organisations requiring identification deems relevant.

Identity Systems

Identity systems have two main parts.  The first is establishing a unique id or name for a person when a person first presents themselves. In this paper this is called verification or Identity Assurance. The second is proving that the name represents the same person when ever it is used. In this paper this is called authentication.

Method 1 - Identity Assurance provided by the government - NZ government approach

The NZ government is providing Identity Assurance through the NZ Post Office Real Me service.  A person creates a Real Me account and verifies their identity.  This is done at no cost to the individual.  Organisations pay the NZ Post Office when a person uses Real-Me to verify their identity.

Method 2 - An Identity Assurance issued by for profit organisations for the government - The UK Government Approach

This is a variation on 1 but instead of the government being the only issuing authority private organisations offer the same identity assurance services.

Method 3 - Identity Assurance by giving private organisations access to government credentials - The Australian Government Approach

The Australian government is offering access to government credentials through the Document Verification Service.  Approved private service providers can are given access to government credentials and only organisations that have a legislated need can use the system for Identity Assurance. The Identity Assurance income is divided between the organisations supplying the credentials and the service providers.

Method 4 - Identity Assurance by giving individuals access to their own government credentials through approved service providers.

Instead of organisations offering Identity Assurance services, individuals can prove their identity themselves through the use of approved service providers who provide them with access to government and other reliable trusted credentials. The individual uses these services to provide Identity Assurance to organisations who pay for the assurance. The funds received can be divided between the holders of trusted credentials, the service providers and the individuals.

Beyond Assurance

To encourage take up of Method 4, individuals can nominate one or more Community Organisations, to whom they belong, to receive any fees due to the individual when they provide Identity Assurance. The Community Organisations uses the Identity Assurance for their own organisation. This confirms the identity within the Community.  Community Organisations will encourage members to use the Identity Assurance service with other organisations, and the government, provided the Community Organisations get a direct cash benefit from the repeated use of the Identity Assurance.

Identity Assurance systems typically do not go beyond Assurance. Every organisation needs to set in place its own Authentication System.  In Australia in the Federal Government is doing it using Single Signon Technologies such as myGov or eHealth id.

However if the individual has control over their own electronic identity they can use it to authenticate themselves for their online transactions with organisations who have used a standard Identity Assurance service.  The individual can keep track of all their interactions, through approved service providers, and can protect themselves from identity fraud.

Such systems remove the need for usernames/passwords and single sign ons. They achieve authentication of identity with the devices used to connect.

Once an individual has access to multiple organisations the individual can Federate their own data across organisations, as required, and provide a low cost privacy friendly method for the sharing of personal information.

Once an individual has an Assured electronic identity this identity can be attached to any device agreed by any particular organisation for use with the organisation.  Identity Assurance is independent of the device used.  Devices can be identity cards, such as an Ehealth card, or it can be a passport, or it can be mobile phone, or it can be a credit card, or a travel card or even a national, state, or city identity card.

Deployment of Method 4

The Australian government can deploy Method 4 incrementally for low cost to both the government and the community.  The reasons are:

  • There is no need for any changes to legislation to deploy it.  The new privacy law that became enforceable on March 12th can be used to allow holders of trusted identity credentials, such as Births Deaths and Marriages, to provide the individual access to their own records using the individual's own choice of method and using an agent of the individual's choice.
  • There is no need to change any existing identification system to deploy Method 4.  Method 4 can coexist with any other existing scheme and can be introduced incrementally to any organisation. Method 4 can use the Federal Government Document Verification Service to provide immediate access to government trusted credentials.
  • There is no need to change any existing IT system to deploy Method 4.  The only requirement is for organisations using the system to expose an API to service providers.  Opening up an API is technically equivalent to creating a webpage that can only be visited by service providers.
  • The holders of credentials systems, can, if they choose, charge for access to their credential systems.
  • There can be many service providers providing competition.
  • There is unlikely to be opposition from privacy advocates because identity will remain siloed and under the control of the individual while providing access to law enforcement through the use of appropriate court orders.
  • Community Organisations who have the goodwill and trust of their supporters will drive adoption; provided they benefit from the introduction of the system.  That is, instead of the service providers and governments being the main beneficiaries in terms of income and efficiencies the wider community can share in the benefits through support of an individual's community organisations of choice.
  • Some Commercial Organisations, such as the large banks, are likely to support the initiatives because they do not compete on Identity Assurance and they gain from a common Identity Assurance System.

Opposition to Method 4

Opposition to Method 4 will come from those who currently benefit from the existing inefficient system or who see ways they can exploit the existing system and obtain a quasi monopoly or duopoly.  There may be opposition from foreign security services as Method 4 makes covert spying activities more difficult.  There will be opposition from the identity tracking industry who profit from tracking individual behaviour. There will be opposition from centralists who believe the government should monitor the citizenry for the citizen's own benefit.  There will be opposition from some IT security providers who believe that security has technical solutions independent of social structures.

Complying with Privacy Legislation - an Opportunity for Organisations

It is difficult for organisations to change the way they communicate electronically with customers.  For the past twenty years technology and advertising models have lead organisations down the path of treating customers as cows to be milked rather than customers with whom to engage.  Big Data and the efforts to guess the needs of customers through personalisation has paradoxically lead to de-personalisation because it works by categorising people. Privacy Laws give organisations a once in a generation chance to move back to treating customers as partners in the exchange of goods and services.  The Australian Privacy Laws in particular have given organisations an opportunity to move to a true personalisation model of interacting with customers. Each customer can be treated as a unique person rather than a stereotype based on age, sex, income, ethnicity and occupation.  The Australian Legislation achieves this by allowing customers to suggest how they would like to view their personal information and to specify an electronic agent to facilitate the interaction. Organisations can choose to give customers access in other ways but they must justify their choice if it is different to that requested by the customer.

Welcomer has been designed to fill the role of an electronic agent acting on behalf of both parties.  The underlying premise of Welcomer is to provide a way for organisations to give customers the same access to their personal information as the personnel within the organisation.  This makes sense from an organisational point of view as they only have one way for data to be viewed. It builds trust in the customer as they know the organisation has nothing to hide.

To that end Welcomer is approaching the Privacy Officers of organisations who have strong Privacy Policies with a proposal to strengthen their Privacy Policies even further. This is achieved by treating customers as the same as Organisational staff with respect to access to personal information.

Following is an outline of an email we are sending to Privacy Officers after we have viewed their Privacy Policies and we agree that the organisation has a strong policy.

From Welcomer To Organisation X

Dear Sir/Madam,

I have just read your privacy policy  xxxxx.  Please let me congratulate you on your policy.  It conforms closely with our own policy and with best practice.

An area of difficulty for all organisations is giving access to individuals. From your policy you state

"12. Access to, and correction of, personal information

We will take reasonable steps to make sure that the personal information we collect, hold, use or disclose is accurate, complete and up to date. If your personal details change, such as your address or phone number, please contact us on xxxxx to update your details.

Following a request, we will provide you with a copy of any personal information which we hold about you in accordance with our obligations under the Privacy Act. We may charge a fee for retrieving this information, in which case we will inform you of the fee in advance of providing the information.

In the first instance, we will ask you to provide some of identification, such as your driver's licence, to ensure that you have the right to access the information."

Our business - Welcomer - has been working on ways to assist organisations give individuals access to their own personal information. Welcomer provides a service to "automate" access while providing security and protection of organisational data.  The Welcomer service can be used by both internal staff and external customers.

The service is low cost, easy to deploy and operate, and can be implemented incrementally with little change to existing systems.  It can be started with internal staff and moved to external customers once it has proved robust and secure.

There are many potential side benefits of the approach.  These include the capacity to seamlessly move personal information with other organisations via the customer, a reduction in fraud and identity theft, and a simpler user experience.

Welcomer is based around the idea of personal cloud where your organisation's data is part of a person's personal cloud. The system uses FIDO (Fast ID Online) as the first factor authentication method so removing the need for usernames/passwords while still allowing them if it leads to a better user experience.

If you are interested in finding out more please reply with some times and a place for a face to face meeting with a Welcomer representative.

Yours Sincerely,


Write a comment…


E29 'Founders Series' 20/3/2014

On the 24th of March 2014 at Entry 29 in Acton Kevin Cox presented to an audience how he got to where he is today at Welcomer.  From starting off as an engineer in Tasmania to founding Edentiti and now the CEO of Welcomer, where the team is creating a new product aimed at giving individuals access to personal information held by organisations. Event Info:

WLPC presents at Finovate Spring 2013

In November,2013 Rory Ford represented WLPC and Welcomer Technologies at the Finovate Spring Product Launch, which is a demo-focused conference series in financial technology. It was here that he presented the idea of Welcomer to an audience and here is part of what he had to say: "WLPC's first product is Welcomer. Welcomer will initially be focused toward ecommerce sites and the technology is intended across a range of different segments. Welcomer removes the need for websites to have user codes/passwords to identify returning customers. Websites that deploy Welcomer can - with the person's permission - allow the person to move personal data securely between websites. This includes personal details such as name and address, preferences such as clothing size or preferred seat and also a person's cards and accounts."

Rory Ford - Product Manager at WLPC, November, 2013

The full presentation can be viewed at:

Updated Privacy Legislation Pushes for Modernization

The updated Privacy Act in Australia is pushing businesses to modernize their information systems. Failure to comply with the latest amendments can result in fines of up to 1.7 Million dollars.  Few, if any, businesses comply with a strict interpretation of the Act. The 18 months given to prepare for the change of policy has expired and most organisations fail to comply.  The Snowden revelations have provided a wake up call and we can expect organisations to be under pressure to update their systems.

The traditional approaches where organisations take full responsibility for user data is not scalable in a connected world.  A new paradigm that includes the individual is needed to make it feasible for organisations to comply with the Act.

Welcomer is one of an emerging group of companies who put individuals on a par with organisations so that individuals can help take some of the burden of protection of personal data.  It becomes possible for organisations to comply with the Act with these technologies whereas it is difficult to see how organisations can comply with business as usual where individuals are treated as objects not sentient beings.

According to Gartner, the authentication market represents a $2.2 billion industry for 2013. They also predict that by the end of 2016, about 30 percent of enterprises will have chosen cloud-based services as the delivery option for new or refreshed user authentication implementations.  This statistic is a 10 percent increase from current figures and Welcomer has the ability with it's Privacy Dashboard functions to provide organisations and individuals with simple scalable privacy friendly methods of connection and authentication.

Read more at:


How WLPC fits in with Gartner’s Top 10 Strategic Technology Trends for 2014

Forbes Magazine online published an article based on Gartner research which outlines the ten strategic technology trends for 2014. Link to Gartner Report:

The 10 directions are as follows:

  1. Mobile Device Diversity and Management
  2. Mobile Apps and Applications
  3. The Internet of Everything
  4. Hybrid Cloud and IT as Service Broker
  5. Cloud/Client Architecture
  6. The Era of Personal Cloud
  7. Software Defined Anything
  8. Web-Scale IT
  9. Smart Machines
  10. 3-D Printing

From this list there are three trends where Welcomer fits. Personal clouds, the Internet of Everything, and Hybrid Cloud and IT as a service broker.  Our latest project is a Data Privacy Dashboard, which will works with our Welcomer application.  The Dashboard and Welcomer work together by creating a personal space in the Cloud, where the individual is able to access and control personal information no matter where it resides.

Welcomer products, along with apps, add functionality and enable the Internet of Everything for individuals.  The Internet of Everything makes relationships between Individuals and Organisations and other Things transparent by remembering the connections between Things no matter what they might be and where the Things might be.  Welcomer technologies provides electronic representations of individuals in their different contexts in ways that preserve privacy, safety and security.