OPG Modernising Lasting Power of Attorney DocumentsThis site is to record all decisions, research and planning towards our GDS Assessment.2023-05-12T09:48:22Zhttps://docs.modernising.opg.service.justice.gov.uk/Multi Region by Default2022-04-08T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0015-multi-region-default/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We want our services to be resilient to data center failure. If a data center or region goes down, we want to be able to switch to a new region quickly with minimal to no data loss.</p>
<p class="govuk-body">Region failure is rare but does happen. Common situations for region failure are</p>
<ul class="govuk-list govuk-list--bullet">
<li>Natural disaster</li>
<li>DDOS attacks</li>
<li>Data Center outages</li>
</ul>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">Our other services already are or are in the process of using Multi Region Architecture.</p>
<p class="govuk-body">We should continue to use this strategy for any new architecture.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<h4 id="positive" tabindex="-1" class="govuk-heading-s">Positive</h4>
<ul class="govuk-list govuk-list--bullet">
<li>It is quicker to build our services as multi region from the start rather than retroactively</li>
<li>We can fail over to another region in case of an outage</li>
<li>If we are unable to use a particular region due to Government policy changes, we can quickly move</li>
</ul>
<h4 id="negative" tabindex="-1" class="govuk-heading-s">Negative</h4>
<ul class="govuk-list govuk-list--bullet">
<li>Initial building times are slightly longer</li>
<li>Developers will need to factor in multi region when designing their services</li>
</ul>
Repository Guidelines2022-04-06T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0014-repository-guidelines/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We want our code repositories to be as user-friendly as possible. We have already created a document defining best practices as agreed by all teams on what a good <code>README.md</code> file and repository is and have applied this to our existing repositories.</p>
<p class="govuk-body">This guide can be found on our <a href="https://docs.opg.service.justice.gov.uk/documentation/guides/repo_principles.html#repo-readme-principles" class="govuk-link" target="_blank" rel="noreferrer noopener">OPG Technical Guidance - Repo Readme Principles<span class="govuk-visually-hidden">(opens in new tab)</span></a> page.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should continue to follow our own guidance that was created as a community and update our code bases with new practices as required.</p>
<p class="govuk-body">We should ensure any new practices are recorded in the <a href="https://docs.opg.service.justice.gov.uk/documentation/guides/repo_principles.html#repo-readme-principles" class="govuk-link" target="_blank" rel="noreferrer noopener">OPG Technical Guidance - Repo Readme Principles<span class="govuk-visually-hidden">(opens in new tab)</span></a> page.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<h4 id="positive" tabindex="-1" class="govuk-heading-s">Positive</h4>
<ul class="govuk-list govuk-list--bullet">
<li>Any team is able to know how to navigate each repository</li>
<li>Individuals are able to get setup in a project quickly</li>
<li>You are able to find technical decisions made and their reason</li>
</ul>
<h4 id="negative" tabindex="-1" class="govuk-heading-s">Negative</h4>
<ul class="govuk-list govuk-list--bullet">
<li>Older repositories may fall behind if not kept up to date</li>
<li>Teams must remember to update the source of truth with any new decisions</li>
</ul>
AWS WAF2022-03-22T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0013-aws-waf/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We want to ensure our services are protected to a high standard via a Web Application Firewall.</p>
<p class="govuk-body">Our services run on AWS and already implement <a href="https://aws.amazon.com/waf/" class="govuk-link" target="_blank" rel="noreferrer noopener">AWS WAF<span class="govuk-visually-hidden">(opens in new tab)</span></a> where needed.</p>
<p class="govuk-body">We currently run the following default rules on our PHP applications as well as custom built rules specific for our tech stacks.</p>
<ul class="govuk-list govuk-list--bullet">
<li>CommonRulesSet</li>
<li>KnownBadInputs</li>
<li>PHPRulesSet</li>
</ul>
<p class="govuk-body">Depending on the technology used on the service, we ensure we have the correct rules in place, for example, SQL injection, XSS and many others specific to language and infrastructure choices.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 9/10<br />
Our teams are starting to use this functionality in their services.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should continue to use <a href="https://aws.amazon.com/waf/" class="govuk-link" target="_blank" rel="noreferrer noopener">AWS WAF<span class="govuk-visually-hidden">(opens in new tab)</span></a> in any new services and build upon on knowledge and experience of existing implementations.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<ul class="govuk-list govuk-list--bullet">
<li>Visibility of near real time web traffic and alerts</li>
<li>Automated alerting against rules set</li>
<li>Managed rule sets for new and existing threats</li>
<li>Rules need to take into account our customer behaviours, e.g. multiple users from a corporate network on the same IP Address</li>
<li>There is a risk to false positives happening on front ends. As a result, developers will need to take this into account when debugging issues on a service</li>
<li>There is a minor cost to enabling AWS WAF on services</li>
</ul>
AWS X-Ray2022-03-21T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0012-aws-xray/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We want a way to trace, analyse and debug our distributed systems across our cloud architecture.</p>
<p class="govuk-body">This will give us the ability to</p>
<ul class="govuk-list govuk-list--bullet">
<li>Find bottle necks in our services</li>
<li>Discover hidden errors within our stack</li>
<li>Identify areas of improvement</li>
<li>Justify continuous improvement work</li>
<li>Helps in diagnosis during incidents and tracking change from releases</li>
</ul>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 5/10<br />
Our teams are starting to use this functionality in their services.</p>
<p class="govuk-body">Capturing data is the first part of this, however there are more things that need to be learned and implemented. We should help and encourage those wanting to learn to do so.</p>
<p class="govuk-body">A few areas where our maturity can be improved are.</p>
<ul class="govuk-list govuk-list--bullet">
<li>Thinking about Observability in ticket creation as part of the Product Lifecycle</li>
<li>An understanding of what to track and what not to track</li>
<li>Teams able to continuously improve bottlenecks found in their workflow</li>
<li>Teams are able to see their service health and actively check</li>
<li>Understand and set their own benchmarks for what good looks like</li>
<li>Implement the right level of alerting to support observability</li>
<li>Look at the possibility of a Observability Community of Practice to help share learnings across teams</li>
</ul>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should use <a href="https://aws.amazon.com/xray/" class="govuk-link" target="_blank" rel="noreferrer noopener">AWS X-Ray<span class="govuk-visually-hidden">(opens in new tab)</span></a> to monitor and maintain a healthy service.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<ul class="govuk-list govuk-list--bullet">
<li>Chosen languages may not support its features</li>
<li>Observability should be part of ticket prep and refinement to facilitate.</li>
<li>Code should be written from the start to add the feature</li>
<li>Continuous improvement will become a part of the Product lifecycle</li>
<li>Ownership of monitoring</li>
<li>Benchmarks set for acceptable parameters</li>
</ul>
Continuous Delivery2022-03-18T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0011-continuous-delivery/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">The <a href="https://www.gov.uk/service-manual/technology/deploying-software-regularly" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK technical guidance<span class="govuk-visually-hidden">(opens in new tab)</span></a> specifies that software should be deployed regularly.</p>
<p class="govuk-body">Principles from the GOV.UK guidance are as follows and we will hold ourselves to them.</p>
<ul class="govuk-list govuk-list--bullet">
<li>deploy little and often</li>
<li>deploy quality software</li>
<li>use auditable deployments</li>
<li>use zero downtime deployments where possible</li>
</ul>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 9/10<br />
All our teams use Continuous Delivery in their services and it is a standard practice for all.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">Build the service with Continuous Delivery in mind and as the default. This will require the following elements to be in place</p>
<ul class="govuk-list govuk-list--bullet">
<li>build a single artifact rather than variations for different environments</li>
<li>have multiple deployment environments</li>
<li>manage variable configuration</li>
<li>secure passwords and keys</li>
<li>use smoke tests - software tests that check if the most important functions are working</li>
</ul>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://docs.modernising.opg.service.justice.gov.uk/adr/articles/0011-continuous-delivery/0010-automated-testing" class="govuk-link">Automated testing</a> will need to be of a high enough standard to give Product Owners confidence in the process</li>
<li>Builds and deployments are repeatable</li>
<li>Deployments are quicker</li>
<li>Fast feedback cycle</li>
</ul>
Automated Testing2022-03-18T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0010-automated-testing/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">The <a href="https://www.gov.uk/service-manual/technology/quality-assurance-testing-your-service-regularly" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK technical guidance<span class="govuk-visually-hidden">(opens in new tab)</span></a> specifies that tests should be automated where possible.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">Using automated tests allows us to run locally and in the pipeline. This enabled others to openly see and consume any data produced by the tests.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 9/10<br />
All our teams use automated tests in their services.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">This is dependent on the framework used.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">Having our automated tests run on the pipeline means we have confidence in our build and others who rely on the code can have confidence that it is doing what it should be.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">Include and implement automated code coverage tests, accessibility tests, and security and penetration testing</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<ul class="govuk-list govuk-list--bullet">
<li>Increased overhead on initial development</li>
<li>Increased confidence in future changes not causing issues</li>
<li>Testing can be integrated into release processes without requiring manual intervention</li>
</ul>
Integration with the OPG database2022-03-15T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0008-integration-with-opg-database/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We need to ensure we can integrate to our OPG database as it holds all the data for our LPAs.</p>
<p class="govuk-body">It is used by many parts of OPG. A few of these are</p>
<ul class="govuk-list govuk-list--bullet">
<li>Case Managers</li>
<li>External scanning service</li>
<li>Public facing services (Make a LPA, Use a LPA, View a LPA)</li>
<li>Internal Services and APIs</li>
</ul>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<p class="govuk-body">All our services in some way integrate with the OPG database, whether this is directly or via an API or service in between.</p>
<p class="govuk-body">The database contains all our LPA information from creation on Make a LPA, scanning of the documents, case workers working on the case, through to the Use a LPA service.</p>
<p class="govuk-body">Modernising will be no different, but we must decide on the best way to do this as we enter our Beta phase.</p>
<h3 id="availability" tabindex="-1" class="govuk-heading-m">Availability</h3>
<p class="govuk-body">As the LPA data is stored within the OPG database, we need to be aware that it can be taken offline at any point for planned or unscheduled reasons.</p>
<p class="govuk-body">If there is down time of the database, then we need to plan for how we handle this.</p>
<p class="govuk-body">Should we defensively code and provide a degraded service?</p>
<p class="govuk-body">Should we build the integration points to handle downtime, allowing the service to run to an extent and retroactively complete any operations pending.</p>
<p class="govuk-body">Whatever the decision is within the architecture, it should be decided ahead of any build and is outside the scope of this ADR.</p>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">It is essential to be able to communicate with our Case Management System and the database which contains existing LPA data.</p>
<p class="govuk-body">In order for all other services to take advantage of the Modernising work, we need to ensure interopability between the services.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 8/10</p>
<p class="govuk-body">Developers already work against shared APIs and internal services to the OPG database.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">N/A</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">As long as the correct technology is chosen to sit between the database, Modernising and other services, we should be able to scale any points of interaction between the services.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">N/A</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">N/A</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">Integrating with Sirius and the database during the Modernising user flows will allow us to progressively approve LPAs as they are created. If there is a safeguarding issue early on in the process, then we can catch it sooner.</p>
<p class="govuk-body">It also allows us to capture earlier those who are eligible for discounts to LPAs and therefore reducing the need for refunds post registration.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">When we integrate with the database, it is important to ensure we only have access to the data we need and nothing more.</p>
<p class="govuk-body">If the part of the service is responsible for adding data and validating that data, then the integration point should for example only allow adding of data and getting a confirmation of valid or not from the integration. We should not be returning data and comparing it on the Modernising side.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should integrate with the OPG database via an internal API and not directly with the case management system or the database itself.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">We need to explore the best way to integrate and define any processes and data models that will ensure that case management work and Modernising flows match for data consistency.</p>
Centralised OpenAPI Specification2022-02-08T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0007-centralised-openapi/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We need a way to centrally define our data model that would allow us to have a source of truth for our data.</p>
<p class="govuk-body">Reducing human error and duplication of code, we should reference our core data model wherever possible to maintain a centrally approved schema.</p>
<p class="govuk-body">This could include</p>
<ul class="govuk-list govuk-list--bullet">
<li>Domain model</li>
<li>Validation requirements</li>
<li>Response messaging</li>
<li>Object definitions (such as LPA ID or Post Code)</li>
</ul>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">OpenAPI would allow us to use <code>$ref</code> to point to a centralised and publicly available schema for common domain objects.</p>
<p class="govuk-body">Using standard HTTP protocols for making these links and a commonly accepted standard for the structure of the schema will enable great interopability.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 6/10<br />
Many of our teams have implemented OpenAPI specs in their services. Those that haven't do have knowledge of RESTful APIs and JSON or YAML to be able to work with it.</p>
<p class="govuk-body">To the extent of managing a central specification and maintaining the changes in it, this is new ground and would need an investigation around best practices and automation techniques.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">OpenAPI is a open source collaboration project.</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">If we don't have safety measures in place, such as versioning of core schemas, then there is a risk of down stream consequences causing issues in code bases and APIs that rely on it.</p>
<p class="govuk-body">We need to research best practices of how we take advantage of the de-duplication and centralisation without increasing work load and error rates in our services.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">N/A - Uses a popular and accessible pattern and language</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">N/A - the use of this technology does not have an effect on marginalised groups directly.</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">A publicly available data schema would allow anyone outside of OPG to develop solutions. This could lead to new applications on the market that solve problems in sectors we can't fund research into.</p>
<p class="govuk-body">It increases the understanding of what the LPA is in wider society. Solicitors and charities for example would be able to align their practices more accurately. They will also be able to feed back into the model with real life experiences.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">N/A - there is no place for personal data to be stored within OpenAPI Specifications.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should investigate the use of a centralised OpenAPI Specification. Within that research we should ensure we are not over engineering the solution and that the benefits would outway the cost of maintenance.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">We will be able to maintain a single source of truth model in all our work.</p>
<p class="govuk-body">Outside of the benefits of API design, using modern tooling we can ensure our classes within our code match our centralised model.</p>
OpenAPI Specifications2022-02-01T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0006-openapi/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We need a way to communicate our APIs intent to consumers. We should display all options available as well as required data and validation associated with integrating with our APIs.</p>
<p class="govuk-body">Any changes to the schema of our API should be testable via this specification.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">OpenAPI is a common format used across a wide range of services.</p>
<p class="govuk-body">As a result of its popularity, our main languages, Golang, Python and PHP all support the OpenAPI Standard.</p>
<p class="govuk-body">There is great support for OpenAPI through third party services and tools that we can take advantage of. A great example of tools available can be found on <a href="https://openapi.tools/" class="govuk-link" target="_blank" rel="noreferrer noopener">OpenAPI.Tools<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">A few examples are</p>
<ul class="govuk-list govuk-list--bullet">
<li>Automatic Documentation Generators</li>
<li>Mock Servers</li>
<li>Testing</li>
<li>Data Validators</li>
<li>CI Automation checks</li>
</ul>
<p class="govuk-body">You can use JSON or YAML format for the structure and both are well known standards.</p>
<p class="govuk-body">GOV.UK have excellent <a href="https://www.gov.uk/guidance/how-to-document-apis" class="govuk-link" target="_blank" rel="noreferrer noopener">guidance on how you should document your APIs<span class="govuk-visually-hidden">(opens in new tab)</span></a> in their <a href="https://www.gov.uk/government/collections/api-design-guidance" class="govuk-link" target="_blank" rel="noreferrer noopener">API Design Guidance<span class="govuk-visually-hidden">(opens in new tab)</span></a> page.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 8/10<br />
Many of our teams have implemented OpenAPI specs in their services. Those that haven't do have knowledge of RESTful APIs and JSON or YAML to be able to work with it.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">OpenAPI is a open source collaboration project.</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">If we have many services with many OpenAPI specifications, there could be issues of maintaining them all.</p>
<p class="govuk-body">If we do not have a well defined domain to work from, we run the risk of duplication of schemas and being out of sync with style, definitions, parameters and responses. This can result in poorly implemented code to get around inconsistencies or badly written specifications without style validators in place.</p>
<p class="govuk-body">We should look into practices that help define a centrally accepted domain and styles that can be pulled from and validated against for all services and implementations.</p>
<p class="govuk-body">There is a risk of development slowing down and bugs entering code should we not pay attention to best practices from the start. We should investigate these options with the teams as soon as possible.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">N/A - Uses a popular and accessible pattern and language</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">N/A - the use of this technology does not have an effect on marginalised groups directly.</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">Using OpenAPI Specifications gives us a library of great resources of all our internal and external integration capabilities.</p>
<p class="govuk-body">We could take a list of them and add them to a government API register to allow other 3rd parties and internal government services to find integrations we provide.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">N/A - there is no place for personal data to be stored within OpenAPI Specifications.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should use OpenAPI Specifications for all internal and external APIs.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">We will be able to maintain an up to date, testable and descriptive resources of all our available integrations across multiple services.</p>
Terraform2021-07-23T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0005-terraform/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We need a way to manage our infrastructure as code (IaC) to support CI/CD and manage and provision our computing, storage and networking resources in the cloud.</p>
<p class="govuk-body">We use Terraform extensively on all our existing services, as well as a central Terraform repository for managing all our services resources, permissions and security needs.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">Terraform is fully open source and has the ability to do Multi-Cloud Deployment.</p>
<p class="govuk-body">Even though there is no plan to split our resources across multiple clouds, having this ability available is advantageous.</p>
<p class="govuk-body">A downside of this being community driven means that new features created by cloud providers can sometimes have a delay in being available for use within Terraform.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 7/10<br />
We have dedicated Webops Engineers within our teams who have expert knowledge on using Terraform. They encourage others to learn and pair on the work they do.</p>
<p class="govuk-body">Different teams have various levels of confidence in its use, but the ability to have a resource within each team with this knowledge makes up for any lack thereof.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">Terraform is Open Source and regularly accepts and releases community based Pull Requests.</p>
<p class="govuk-body">Some of our Webops Engineers are also contributors to the project.</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">Terraform by its nature is incredibly scalable. Enabling IaC, being maintained via Github and controlled via our CI/CD pipelines means it can be versioned, rolled back, monitored and maintained.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">N/A - there is no other non-tech solution that could give us the ability to manage our infrastructure.</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">N/A - the use of this technology does not have an effect on marginalised groups directly.</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">Building our infrastructure in Terraform will allow us to take learnings and contribute back to wider society. If we develop new modules, add additional functionality to Terraform or raise issues that are found, we can help others who use this technology.</p>
<p class="govuk-body">If we decide to Open Source our infrastructure code, we can also take advantage of contributions from other areas outside of our department.</p>
<p class="govuk-body">Others will also be able to use our modules or infrastructure, should they wish, in their own implementations.</p>
<p class="govuk-body">Working in the open will drive trust in Citizens and open ourselves up to honest debate and critique in our choices.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">N/A - there is no place for personal data to be stored within Terraform.</p>
<p class="govuk-body">It does enable the use of technologies that can and this analysis should be recorded against their own ADRs.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should continue to use Terraform taking advantage of our existing lessons learnt and best practices.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">We will be able to take advantage of our existing best practices and knowledge to quickly setup any new infrastructure.</p>
GOV.UK Design System2021-07-13T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0004-govuk-design-system/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We need to follow strict government guidelines on design and accessibility. The design should be consistent across all pages and work for as many browsers as possible.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body"><a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a> is open source and used across all digital government services.</p>
<p class="govuk-body">Any new patterns that we create can be contributed back with our research included.</p>
<p class="govuk-body">We should take advantage of other services research and contributed design patterns and feedback ours.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 8/10<br />
Developers have knowledge of the design system and work with it on a regular basis.</p>
<p class="govuk-body">The use of tooling and testing around front end development is not as strong so will require more focus when implementing.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">The <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a> is completely open source and is required for all public facing government services.</p>
<p class="govuk-body">It has its own team as well as a large community of designers, user researchers, content and developers contributing to it.</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">The <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a> has 4 different types of assets to consume.</p>
<p class="govuk-body">There will be custom patterns and components that we need to build, but because of the use of SASS and Javascript, we will be able to stick to the same standards as the design system and take advantage of the built in variables.</p>
<h4 id="sass" tabindex="-1" class="govuk-heading-s">SASS</h4>
<p class="govuk-body">Allows us to only require styling resources needed.</p>
<p class="govuk-body">We can generate our styles dynamically and keep up to date with the latest styling changes and colours due to SASS variables.</p>
<h4 id="javascript" tabindex="-1" class="govuk-heading-s">Javascript</h4>
<p class="govuk-body">Contains all the code we need to progressively enhance the user interface.</p>
<p class="govuk-body">We only need to import modules that we required and all functionality can be updated for bug fixes or new features via npm.</p>
<p class="govuk-body">This will remove the need for custom Javascript to be written in most cases.</p>
<h4 id="assets" tabindex="-1" class="govuk-heading-s">Assets</h4>
<p class="govuk-body">Contains all images and fonts required for running a Government service. We can keep up to date by always ensuring we import at build time the latest assets available.</p>
<h4 id="nunjucks" tabindex="-1" class="govuk-heading-s">Nunjucks</h4>
<p class="govuk-body">Depending on the technology we want to use, this could be useful. Being able to use these templates, we can ensure we will always have access to the latest components available and maintain our code base with a set of pre configured templates.</p>
<p class="govuk-body">The use of Nunjucks as the templating language should be discussed in another ADR.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">Due to GDS standards, we are required to choose this design system.</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">All the components and patterns are centrally managed and community driven to include user research in each to a high level. This gives us the advantage of having a high degree of confidence that we are using the right tool for our development.</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">As we use the design system, we will find ourselves using custom patterns and components. We should make sure we contribute back as much information as possible to help other services take advantage of our research.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">Where possible we should stick to the standards defined by the <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">If we do decide to move away from the standard, it should be done with the correct research to back the decision and fed back to the <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a> team.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should and have to use the <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">We will be able to work at a high cadence and understanding as the <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a> is used throughout all our services on a day to day basis.</p>
Github for source control2021-07-05T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0003-github-source-control/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We want to store our source code in a open source, cloud based git provider.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">Github is accessible via built in APIS and allows us to open source our code for others to raise issues and ourselves, share details on releases and updates.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 10/10<br />
Developers work every day within Github for existing services.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">We have an Enterprise licence for Github giving us a channel for any support queries.</p>
<p class="govuk-body">Github allows us to open source our code when we are ready.</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">Github is cloud based and incredibly popular giving us a reliable solution for hosting our code.</p>
<p class="govuk-body">Should we need to move for any reason, we are using Git which enables us to move to a new provider.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">There are other providers we could use, but doing so would not bring any great benefit over our already established best practices for existing services and level of support we have with the Enterprise version.</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">N/A</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">Allowing the access of our code via the platform will encourage others to be able to help contribute and reuse our services built.</p>
<p class="govuk-body">The more we can share with others, the stronger our solutions will be.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">We should ensure that our repositories are marked as Open Source as soon as we feel comfortable.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should continue to use our Ministry of Justice Github Enterprise account for our source code.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">We will be able to use our existing management infrastructure for user management and deployments without the need for additional cost or resources.</p>
Verifiable Credentials2021-07-02T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0002-verifiable-credentials/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We want to give the Citizen a way of using a verifiable digital representation of a LPA. This will enable them to use this to prove they are who they say they are.</p>
<p class="govuk-body">If an LPA is no longer a paper deed, then this is one solution to what a digital version could be.</p>
<p class="govuk-body">This could be an optional addition to the existing Use a LPA service to allow for a wider demographic of users.</p>
<p class="govuk-body">It needs to be fully interopable with</p>
<ol class="govuk-list govuk-list--number">
<li>Future technology such as mobile phone digital wallets</li>
<li>Industry standard validation and authenticity implementations</li>
<li>Potential for other agencies to use as a proof of identity</li>
</ol>
<p class="govuk-body">We would need to be able to reliably sign the credential for others to validate the authenticity.</p>
<p class="govuk-body">We would need the Verifiable Credential to be able to store the appropriate required information for the consumer to understand its responsibilities.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">The Verifiable Credentials data model is a <a href="https://www.w3.org/TR/vc-data-model/" class="govuk-link" target="_blank" rel="noreferrer noopener">W3C Open Standard<span class="govuk-visually-hidden">(opens in new tab)</span></a>. As long as the standards are adhered to, interopability will be high.</p>
<p class="govuk-body">The standards don't supply a definitive way of handling Proofs (Signatures). This raises concerns on the interopability of verification and authenticity at this stage and should be taken into account when deciding whether to use this solution. More information can be found here <a href="https://www.w3.org/TR/vc-data-model/#proofs-signatures" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.w3.org/TR/vc-data-model/#proofs-signatures<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">The signing of a Verifiable Credential should also be standards driven and supported by the wider industry.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 2/10<br />
The data model is well defined and an understood pattern for representing data.</p>
<p class="govuk-body">The validity and authenticity aspect of the specification are early in discovery.</p>
<p class="govuk-body">If signing was done via a certificate provider setting, such is done for SSL Certification, then the understanding will be higher. It will come with extra challenges on management of the signing keys and the key life cycle.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">The Verifiable Credentials data model is a <a href="https://www.w3.org/TR/vc-data-model/" class="govuk-link" target="_blank" rel="noreferrer noopener">W3C Open Standard<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">The implementation of verifying and signing Verifiable Credentials is covered in the standard. This is in early stages of research and development with various companies such as <a href="https://mercury.rsalabs.com/" class="govuk-link" target="_blank" rel="noreferrer noopener">RSA Labs and Project Mercury<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">The specifications it is built on are in a draft state and can be found at the following links. This should be considered and monitored. We should aim to listen and contribute if possible to these areas to gain confidence in our choice moving forward.</p>
<ol class="govuk-list govuk-list--number">
<li><a href="https://w3c-ccg.github.io/ld-proofs/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://w3c-ccg.github.io/ld-proofs/<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://json-ld.github.io/rdf-dataset-canonicalization/spec/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://json-ld.github.io/rdf-dataset-canonicalization/spec/<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ol>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">The credential is a small file that can be stored anywhere. Either as a file on a storage platform such as Cloud Object Storage, database, Personal Data Store or a users device.</p>
<p class="govuk-body">Once created and digitally signed, it is handed over to the Citizen and only requires checks on its validity from us as its issuer.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">We know we need to find a way to give the option of a digital version of an LPA. We will likely also need to provide a physical version still.</p>
<p class="govuk-body">Therefore we should consider this as an option to enable easier use of an LPA but also confidence in the validity of the holder using the credential.</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">We need to do user testing around this technology before being confident in its use.</p>
<p class="govuk-body">Areas of interest would be</p>
<ol class="govuk-list govuk-list--number">
<li>Technical literacy</li>
<li>Technology privilege</li>
<li>Understanding of the technology used</li>
<li>Trust in the technology</li>
<li>Metrics on the groups/communities that would be able to use this</li>
</ol>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">If successful the following benefits to society would become evident.</p>
<ol class="govuk-list govuk-list--number">
<li>Use this credential as a mechanism for proving your identity to other services in this eco system</li>
<li>Complete citizen ownership of their LPA, stored wherever they like</li>
<li>Available and shareable in emergency situations</li>
<li>Be an example to other departments and industries to push this new technology</li>
</ol>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">The data that is stored in the credential is owned by the citizen meaning they have full control of how they use it.</p>
<p class="govuk-body">We would require only a minimal amount of data to be held to initially verify the individual to an account. We also would legally be required to store a minimal amount of data for the LPA register.</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We should continue to explore the idea.</p>
<p class="govuk-body">We should continue to consult other parties to ensure we work to the open standards and maintain the ability to pivot in this direction as the industry integrates into this technology.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">Depending on further research this will vary.</p>
<p class="govuk-body">Using the method of RSA Labs Project Mercury would mean us setting up the Office of the Public Guardian or the Ministry of Justice as an issuer.</p>
<p class="govuk-body">We also have the choice of building our own implementation to confidently sign and manage credentials. We should follow the same standards and guidelines to maintain ownership of the code and interopability.</p>
<p class="govuk-body">This would require us knowing the agreed upon proofing method that would be accepted by the wider industry.</p>
<p class="govuk-body">This would introduce issues with</p>
<ol class="govuk-list govuk-list--number">
<li>Revoking credentials if the validity of an LPA is questioned</li>
<li>Credentials short life cycle and how this fits with policy and issuing</li>
<li>Limited industry understanding and use of the technology</li>
</ol>
Record architecture decisions2021-06-27T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/adr/articles/0001-record-architecture-decisions/<h2 id="context" tabindex="-1" class="govuk-heading-l">Context</h2>
<p class="govuk-body">We need to record the architectural decisions made on this project.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">Allows anyone to be able to follow and contribute to ongoing decisions made on the service.</p>
<h3 id="developer-knowledge---how-well-known-is-this-in-our-current-skill-sets" tabindex="-1" class="govuk-heading-m">Developer Knowledge - How well known is this in our current skill sets</h3>
<p class="govuk-body"><strong>Overall</strong>: 8/10<br />
Developers are aware of ADRs, but their experience of doing them brings this score down a little.</p>
<h3 id="support%2Fopen-source---is-it-well-supported" tabindex="-1" class="govuk-heading-m">Support/Open Source - Is it well supported</h3>
<p class="govuk-body">Fully Open Source.</p>
<h3 id="scalability" tabindex="-1" class="govuk-heading-m">Scalability</h3>
<p class="govuk-body">Uses Markdown and git to achieve scalability.</p>
<h2 id="ethics" tabindex="-1" class="govuk-heading-l">Ethics</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">Giving visibility to our decisions and allowing contributions ensures Citizens and colleagues are able to have a voice and be aware of changes over time.</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">The design of the pages ensures the site is accessible to the highest standard. This is achieved by using the GDS pattern library.</p>
<p class="govuk-body">In the future we should look at including a Welsh version to be more inclusive.</p>
<p class="govuk-body">Language within the ADRs will contain technical language so may not be accessible to persons not familiar with the terminology.</p>
<h3 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-m">Think big and imagine what the impact of your work can be</h3>
<p class="govuk-body">Decisions can be read and commented on inside and outside of government. Encouraging conversation with others exploring these technologies will enable better communities and feed back into our own decisions.</p>
<p class="govuk-body">This will allow us to get a wider range of opinions on our decisions which we could not have got before.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">N/A</p>
<h3 id="decision" tabindex="-1" class="govuk-heading-m">Decision</h3>
<p class="govuk-body">We will use Architecture Decision Records, as <a href="http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions" class="govuk-link" target="_blank" rel="noreferrer noopener">described by Michael Nygard<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<h3 id="consequences" tabindex="-1" class="govuk-heading-m">Consequences</h3>
<p class="govuk-body">See Michael Nygard's article, linked above.</p>
<p class="govuk-body">ADRs will be public for visibility and collaboration.</p>
<p class="govuk-body">Pull requests and Github issues can be used to drive conversations.</p>
Biometrics and WebAuthn for identity2022-05-30T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/biometrics-webauthn/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body"><a href="https://www.w3.org/TR/webauthn/" class="govuk-link" target="_blank" rel="noreferrer noopener">WebAuthn<span class="govuk-visually-hidden">(opens in new tab)</span></a> is a <a href="https://www.w3.org/" class="govuk-link" target="_blank" rel="noreferrer noopener">W3C standard<span class="govuk-visually-hidden">(opens in new tab)</span></a> that lets users authenticate to web applications using the <a href="https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html" class="govuk-link" target="_blank" rel="noreferrer noopener">Client-To-Authenticator-Protocol (CTAP)<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">It allows the browser to use the device's (Mobile phone or computer) biometric capability to securely and privately authenticate a user with a login.</p>
<p class="govuk-body">WebAuthn can use</p>
<ul class="govuk-list govuk-list--bullet">
<li>Fingerprints</li>
<li>Facial recognition</li>
<li>Compatible company security key</li>
<li><a href="https://fidoalliance.org/fido2/" class="govuk-link" target="_blank" rel="noreferrer noopener">FIDO2<span class="govuk-visually-hidden">(opens in new tab)</span></a> key</li>
</ul>
<p class="govuk-body">When registering or logging in, a user can optionally register their device with their account. They then get prompted by their browser to allow permissions for that site and then register a specific biometric or FIDO2 key.</p>
<p class="govuk-body">From that point on they gain the following benefits</p>
<h3 id="passwordless-authentication" tabindex="-1" class="govuk-heading-m">Passwordless Authentication</h3>
<p class="govuk-body">Log in without a password (like native Online Banking mobile applications).</p>
<h3 id="two-factor-authentication" tabindex="-1" class="govuk-heading-m">Two-factor Authentication</h3>
<p class="govuk-body">Use your Biometric as well as a password when authenticating.</p>
<h3 id="multi-factor-authentication" tabindex="-1" class="govuk-heading-m">Multi-factor Authentication</h3>
<p class="govuk-body">Allows your biometric as an addition to other required authentication types such as an SMS, email or authenticator application.</p>
<h3 id="self-manage-devices" tabindex="-1" class="govuk-heading-m">Self manage devices</h3>
<p class="govuk-body">See a list of registered devices on their account. The user is able to add or remove any devices and track the last use of them.</p>
<h2 id="where-it-is-already-used" tabindex="-1" class="govuk-heading-l">Where it is already used</h2>
<p class="govuk-body">We currently use this technology in a wide range of every day applications. Below is a list of examples where this is already common practice.</p>
<ul class="govuk-list govuk-list--bullet">
<li>Macbook built in fingerprint scanner for permission dialogues</li>
<li>Windows Hello to auto log onto your desktop with a webcam</li>
<li>Fingerprint scan checkout for school children in canteens</li>
<li>Fingerprint and Facial recognition to unlock mobile phones</li>
<li>Log in to online banking applications on phones</li>
<li>Workplace hardware keys to auto log into laptops and online services</li>
<li>Fingerprint to open modern electric cars</li>
</ul>
<h2 id="compatibility" tabindex="-1" class="govuk-heading-l">Compatibility</h2>
<p class="govuk-body">WebAuthn is supported in Chrome, Firefox, Safari and Edge browsers as well as various built in mobile browsers. Total coverage in the browser market today gives 88.69% of users.</p>
<p class="govuk-body">You can see full support for WebAuthn at <a href="https://caniuse.com/?search=webauthn" class="govuk-link" target="_blank" rel="noreferrer noopener">Can I Use<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<h2 id="what-does-this-mean-for-us%3F" tabindex="-1" class="govuk-heading-l">What does this mean for us?</h2>
<p class="govuk-body">Though we are using a <a href="https://www.gov.uk/government/publications/identity-proofing-and-verification-of-an-individual" class="govuk-link" target="_blank" rel="noreferrer noopener">Good Practice Guide (GPG) 45<span class="govuk-visually-hidden">(opens in new tab)</span></a> score of low in our service, this gives us and the user an increased score of High. This has benefits to both parties.</p>
<p class="govuk-body">We have confidence that the authenticated user is who they say they are over many sessions. Most importantly, at the final point of signing the LPA, we have confidence that the same device(s) that have been used throughout, including during verification, match the final submission.</p>
<h2 id="ethical-concerns" tabindex="-1" class="govuk-heading-l">Ethical Concerns</h2>
<h3 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-m">Mitigate against being tech deterministic</h3>
<p class="govuk-body">We are trying to solve the problem of ways in which we can increase the confidence score when completing a LPA for the end user and ourselves.</p>
<p class="govuk-body">We will accept a low confidence score, however giving the user the ability to optionally increase their score, in turn making them feel more trusting of the service, is a bonus.</p>
<p class="govuk-body">Other ways of reaching a high level are complicated and expensive with risks of data privacy (such as uploading photos and videos).</p>
<h3 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-m">Ensure you conduct inclusive research</h3>
<p class="govuk-body">We have already done research with the <a href="https://www.ridc.org.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">Research Institute for Disabled Consumers(RIDC)<span class="govuk-visually-hidden">(opens in new tab)</span></a> which showed a preference to using biometrics on a users device for those with disabilities.</p>
<p class="govuk-body">Even so we should look to do more of our own testing across a full spectrum of users around the use of Biometrics to judge trust, user experience and accessibility before making a choice.</p>
<h3 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-m">Interrogate your data decisions</h3>
<p class="govuk-body">In using webauthn we do not store peoples' biometrics. We trust the device they are using to tell us who they are. We only need to store the public key and a randomly generate credential ID and match against this device each time.</p>
<p class="govuk-body">This ensures the power sits with the user while we have a high degree of trust.</p>
<h2 id="summary" tabindex="-1" class="govuk-heading-l">Summary</h2>
<p class="govuk-body">Before deciding on whether we should use it, we need to do user research and gather feedback from our users to aid in the decision.</p>
<p class="govuk-body">As we don't require a high level of assurance, this should be a completely optional feature and not be a barrier in any way to the user.</p>
<p class="govuk-body">Our next steps should be capturing user research findings and feed that decision into a <a href="https://docs.modernising.opg.service.justice.gov.uk/adr" class="govuk-link">Architectural Decision Record</a>.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://fidoalliance.org/fido2/" class="govuk-link" target="_blank" rel="noreferrer noopener">FIDO Alliance<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.w3.org/TR/webauthn/" class="govuk-link" target="_blank" rel="noreferrer noopener">WebAuthn W3C<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://webauthn.guide/" class="govuk-link" target="_blank" rel="noreferrer noopener">WebAuthn<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://caniuse.com/?search=webauthn" class="govuk-link" target="_blank" rel="noreferrer noopener">Can I Use WebAuthn<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.gov.uk/government/publications/identity-proofing-and-verification-of-an-individual" class="govuk-link" target="_blank" rel="noreferrer noopener">Good Practice Guide (GPG) 45<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Observability and Monitoring2022-04-22T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/observability-monitoring/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">Observability is the practice of ensuring we know what is going on in our service at any time, in a accessible and consumable way.</p>
<p class="govuk-body">This includes the visibility of</p>
<ul class="govuk-list govuk-list--bullet">
<li>Is the service or any part of it down</li>
<li>Is there a slow down in the service with one of its components</li>
<li>Has their been an increase in costs to run the service</li>
<li>Has the User Experience degraded</li>
<li>Are our service KPIs still being met</li>
<li>And lots more</li>
</ul>
<p class="govuk-body">There are many ways we can monitor our service to ensure we know what is happening. This document outlines a few we will be implementing from the start in the Modernising Service.</p>
<h2 id="logging" tabindex="-1" class="govuk-heading-l">Logging</h2>
<p class="govuk-body">Logging is key to identifying how your application is running. Reporting application, network, firewall, KPI and service metric events helps raise the visibility of expected and unexpected behaviour.</p>
<p class="govuk-body">There are three key elements to storing logs that we will ensure we meet.</p>
<ul class="govuk-list govuk-list--bullet">
<li>All data is anonymised</li>
<li>Stored in as fewer places as possible</li>
<li>In a structured and parsable format</li>
</ul>
<p class="govuk-body">As we build up logs in the service, we can build in alerting for abnormal behaviour in our service to alert us as issues arrive. This allows us to be proactive and know about issues at the same time a user is experiencing them.</p>
<p class="govuk-body">We already use logging within our existing services to a good standard, we will build upon this knowledge in the Modernising service.</p>
<h2 id="monitoring" tabindex="-1" class="govuk-heading-l">Monitoring</h2>
<p class="govuk-body">Being able to collect the data in a structured format allows us to use monitoring tools to consume that data and visualise it over time across multiple services.</p>
<p class="govuk-body">As well as visualising the data, modern tooling also allows you to setup</p>
<ul class="govuk-list govuk-list--bullet">
<li>Alerting around key log data</li>
<li>Dashboards to visualise common data</li>
<li>Overlay multiple log groups to find patterns of behaviour</li>
<li>Identify changes in performance over periods of time</li>
<li>Visualise your KPIs and other metrics</li>
</ul>
<p class="govuk-body">A good monitoring setup should better enable our teams to include observability in their decision making and make the data consumable to all professions by making it the universal language of the services health.</p>
<h2 id="performance-benchmarks" tabindex="-1" class="govuk-heading-l">Performance Benchmarks</h2>
<p class="govuk-body">When defining our infrastructure and setting up <a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/observability-monitoring/#tracing" class="govuk-link">tracing</a>, <a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/observability-monitoring/#logging" class="govuk-link">logging alerts</a> and our pipelines, we should add in benchmarks that can monitor the health of new code and existing code.</p>
<p class="govuk-body">This will allow us to maintain a set standard we expect from our code and help identify technical debt in the future.</p>
<p class="govuk-body">Examples of what benchmarks we could set are as follows.</p>
<ul class="govuk-list govuk-list--bullet">
<li>All APIs should respond within 300ms</li>
<li>All JS should be fully loaded on a low end mobile device over 3G in 2 seconds</li>
<li>The size of our CSS should not exceed 10kb using Brotli compression</li>
<li>Tests should run within 1 minute</li>
<li>Test coverage should be 80% or higher</li>
<li>Build times should not exceed 5 minutes</li>
<li>Accessibility checks should always meet WCAG 2.1 AAA</li>
<li>There should be a maximum of three 500 errors in one minute</li>
</ul>
<p class="govuk-body">Using these benchmarks, we set ourselves up to succeed and encourage good coding practices and maintainability in our code.</p>
<h2 id="tracing" tabindex="-1" class="govuk-heading-l">Tracing</h2>
<p class="govuk-body">Being able to trace, analyse and debug our cloud infrastructure will be key to running a healthy service. We cover this aspect of Observability in our <a href="https://docs.modernising.opg.service.justice.gov.uk/adr/articles/0012-aws-xray" class="govuk-link">ADR AWS X-Ray</a>.</p>
<h2 id="real-user-metrics" tabindex="-1" class="govuk-heading-l">Real User Metrics</h2>
<p class="govuk-body">Obtaining data from real users provides an additional set of data compared to synthetic or back end data that we cover in this article.</p>
<p class="govuk-body">Being able to capture real users experience while using the service allows us to refine our front end code to better facilitate our users.</p>
<p class="govuk-body">Data we can capture anonymously from the browser and act upon include but not limited to</p>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://web.dev/vitals/" class="govuk-link" target="_blank" rel="noreferrer noopener">WebVitals<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li>Javascript errors and bottlenecks</li>
<li>Device type (Mobile, Tablet, Desktop)</li>
<li>Connection type (3G, 4G, 5G, landline)</li>
<li>Screen size/orientation</li>
<li>API Response times</li>
<li>Navigation Timing</li>
<li>Resource Timing (static assets)</li>
<li>Bounce pages</li>
</ul>
<p class="govuk-body">When we set up <a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/observability-monitoring/#tracing" class="govuk-link">server side tracing</a> we will also be able to link this data from our front end, through to our back end stack giving us an overview of the entire lifecycle of a page/click.</p>
<h2 id="service-kpis-and-metrics" tabindex="-1" class="govuk-heading-l">Service KPIs and Metrics</h2>
<p class="govuk-body">On our Use a LPA service, we have begun adding manual and anonymised logging events to our application code when key user journey events occur. An example of this is firing an event when a user clicks the <code>Download PDF</code> button on our View part of the service.</p>
<p class="govuk-body">This has allowed us to</p>
<ul class="govuk-list govuk-list--bullet">
<li>Identify points in time where a release could have affected negatively or positively a user journey</li>
<li>When releasing a new feature, are we meeting the goal of that feature (e.g. does this new feature increase the success rate of users logging in)</li>
<li>Identify drop out points in the service and research better ways to help the user</li>
</ul>
<p class="govuk-body">We have also used this same process to automate the collection of our services performance data. <a href="https://www.gov.uk/service-manual/service-assessments/pre-july-2019-digital-service-standard#collect-performance-data-1" class="govuk-link" target="_blank" rel="noreferrer noopener">This is required of all services to provide for the public to ensure we are meeting the aims it was built for<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">This means we no longer need multiple professions to analyse raw data each month and report on it.</p>
<p class="govuk-body">Integrating KPIs and performance data into the code we write allows us to make data driven decisions and reduce manual work for more accurate reporting and decision making.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.gov.uk/service-manual/service-assessments/pre-july-2019-digital-service-standard#collect-performance-data-1" class="govuk-link" target="_blank" rel="noreferrer noopener">Service Standard: Collect performance data<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Business Continuity and Disaster Recovery2022-04-20T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/business-continuity-disaster-recovery/<h2 id="business-continuity" tabindex="-1" class="govuk-heading-l">Business Continuity</h2>
<p class="govuk-body">OPG has previously worked on defining our <a href="https://docs.opg.service.justice.gov.uk/documentation/guides/business_continuity.html" class="govuk-link" target="_blank" rel="noreferrer noopener">Business Continuity and your Service<span class="govuk-visually-hidden">(opens in new tab)</span></a> and has published it to our OPG Technical Guidance documentation site.</p>
<p class="govuk-body">This document takes this existing research and applies it to the Modernising service.</p>
<p class="govuk-body">Business continuity planning makes our service prepared for worst case scenarios. That might be accidental data loss, intentional data destruction or system failure from suppliers like cloud providers.</p>
<p class="govuk-body">Essentially asking the question: what happens when things go catastrophically wrong? This relates to service standard point 14, <a href="https://www.gov.uk/service-manual/service-standard/point-14-operate-a-reliable-service" class="govuk-link" target="_blank" rel="noreferrer noopener">Operate a Reliable Service<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">Our business continuity strategy should be:</p>
<ul class="govuk-list govuk-list--bullet">
<li>Appropriate and proportionate to the needs of the service and its users</li>
<li>Supportable by the delivery team</li>
<li>Agreed with the business</li>
<li>Documented as part of your service’s GitHub repo</li>
</ul>
<p class="govuk-body">Conversations around business continuity should include the Business, Product, Delivery, Developers, WebOps and Technical Architecture.</p>
<h3 id="what-to-look-at-during-the-discovery-%2F-alpha-stage" tabindex="-1" class="govuk-heading-m">What to look at during the Discovery / Alpha Stage</h3>
<p class="govuk-body">During alpha and discovery phases we should be experimenting and testing our hypothesis. Business continuity work has been light touch at this stage as we need to identify and understand what is proportional and appropriate for our services business continuity. We also need to understand what the service is.</p>
<p class="govuk-body">Questions we need to ask include:</p>
<ul class="govuk-list govuk-list--bullet">
<li>What is the impact of this proposed service failing on users and the business?</li>
<li>What risks exist that you need to find mitigations for?</li>
<li>Which data will be key to your service functioning?</li>
<li>Which data only exists in your service?</li>
<li>What are the business and user expectations around response and recovery?</li>
<li>What non-digital fallbacks are in place already?</li>
</ul>
<p class="govuk-body">Starting to collect answers to these will help identify areas to build on as we move into Beta.</p>
<h3 id="what-to-look-at-during-beta-stage" tabindex="-1" class="govuk-heading-m">What to look at during Beta Stage</h3>
<p class="govuk-body">During private and public beta stages we should focus on how our business continuity needs will impact the MVP build and how we can avoid issues in the future.</p>
<p class="govuk-body">In this phase, decisions should be recorded and agreed upon from all parties.</p>
<p class="govuk-body">During beta we should:</p>
<ul class="govuk-list govuk-list--bullet">
<li>Identify how our service is likely to fail and which components are the greatest risk</li>
<li>Identify how any disaster recovery will impact how we build our infrastructure</li>
<li>Define recovery point objective and recovery time objective for our service</li>
<li>Identify who owns any business continuity processes inside and outside the delivery team</li>
<li>Document any disaster recovery in <code>/docs/DISASTER_RECOVERY.md</code></li>
<li>Ensure we have a backup and restore process for key data assets</li>
<li>Build familiarity with the incident management tools</li>
<li>Identify if our service is dependent on other systems and how much it can operate without them</li>
<li>Identify defensive coding and architectural practices to avoid or reduce dependencies</li>
</ul>
<h2 id="disaster-recovery" tabindex="-1" class="govuk-heading-l">Disaster Recovery</h2>
<p class="govuk-body">Once we know the decisions made from above, we can decide on what is the Disaster Recovery option to take.</p>
<p class="govuk-body">The options are listed below and should be considered at the start of the Beta phase.</p>
<h3 id="overview-of-disaster-recovery-options" tabindex="-1" class="govuk-heading-m">Overview of Disaster Recovery options</h3>
<h4 id="option-1%3A-backup-and-restore" tabindex="-1" class="govuk-heading-s">Option 1: Backup and restore</h4>
<p class="govuk-body">Take automated backups/snapshots of data. Restoration time could be hours as we’d need to replicate the backups/snapshots into another account or region within AWS.</p>
<ul class="govuk-list govuk-list--bullet">
<li><strong>Data loss</strong>: Up to 24 hours</li>
<li><strong>Time to Recover</strong>: 6+ hours</li>
<li><strong>Cost</strong>: Low (Only inactive storage costs)</li>
</ul>
<h4 id="option-2%3A-pilot-light" tabindex="-1" class="govuk-heading-s">Option 2: Pilot Light</h4>
<p class="govuk-body">We keep core services running in another region. For example, we could move into a global Aurora cluster which would replicate the data into a cluster located in another region. Typically there is a 1 second lag between replication.</p>
<ul class="govuk-list govuk-list--bullet">
<li><strong>Data loss</strong>: Low (Minutes)</li>
<li><strong>Time to Recover</strong>: 2-3 hours</li>
<li><strong>Cost</strong>: Medium (Core Data Services would be scaled down but active in a second region)</li>
</ul>
<h4 id="option-3%3A-hot-standby" tabindex="-1" class="govuk-heading-s">Option 3: Hot standby</h4>
<p class="govuk-body">Full replica of our service running in another region, in the event of a disaster we would be able to point users at this in seconds.</p>
<ul class="govuk-list govuk-list--bullet">
<li><strong>Data loss</strong>: Low (Minutes/Seconds)</li>
<li><strong>Time to Recover</strong>: Minutes</li>
<li><strong>Cost</strong>: High (Full-stack active in a secondary region)</li>
</ul>
<h3 id="building-the-dr-plan" tabindex="-1" class="govuk-heading-m">Building the DR plan</h3>
<p class="govuk-body">To have an effective disaster recovery plan in place, we should define an</p>
<ul class="govuk-list govuk-list--bullet">
<li>RTO (<a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/business-continuity-disaster-recovery/#recovery-time-objective" class="govuk-link">Recovery Time Objective</a>)</li>
<li>RPO (<a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/business-continuity-disaster-recovery/#recovery-point-objective" class="govuk-link">Recovery Point Objective</a>)</li>
</ul>
<p class="govuk-body">As a team, this will enable us to create a disaster recovery plan that is effective for Modernising, and it’s something we can simulate periodically to ensure it’s still effective.</p>
<h4 id="recovery-time-objective" tabindex="-1" class="govuk-heading-s">Recovery Time Objective</h4>
<p class="govuk-body">The allowed time it would take to restore the services after a disaster occurs. For example, if the service was to fail at 1030 and our RTO was 1 hour, everything should be back up and running at 1130.</p>
<h4 id="recovery-point-objective" tabindex="-1" class="govuk-heading-s">Recovery Point Objective</h4>
<p class="govuk-body">This should define the amount of acceptable data loss in time. For example, should the service go down at 1030, and we have an RPO of 2 hours, we should be able to recover all the data up to 0830.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.gov.uk/service-manual/service-standard/point-14-operate-a-reliable-service" class="govuk-link" target="_blank" rel="noreferrer noopener">Operate a Reliable Service<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://docs.opg.service.justice.gov.uk/documentation/guides/business_continuity.html" class="govuk-link" target="_blank" rel="noreferrer noopener">Business Continuity and your Service<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Integration and building upon Use a LPA2022-04-01T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/integration-ualpa/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">This article is to document the intent of keeping the <a href="https://www.gov.uk/use-lasting-power-of-attorney" class="govuk-link" target="_blank" rel="noreferrer noopener">Use a LPA service<span class="govuk-visually-hidden">(opens in new tab)</span></a> as its own domain and being responsible for all features post execution of a LPA.</p>
<p class="govuk-body">Use a LPA is responsible for all services online after Execution of an LPA. We envision that Modernising will not replace this service and instead any new features in this domain will be built upon this service.</p>
<p class="govuk-body">We need to ensure any new work done within Modernising pre execution and internal APIs or database work, is still compatible with Use a LPA or the service is brought in line with changes.</p>
<h2 id="technical" tabindex="-1" class="govuk-heading-l">Technical</h2>
<h3 id="interoperability---how-does-this-enable-the-exchange-of-information" tabindex="-1" class="govuk-heading-m">Interoperability - How does this enable the exchange of information</h3>
<p class="govuk-body">The Use a LPA site currently has no API for internal consumers to interact with as there isn't currently a need.</p>
<p class="govuk-body">It only stores within its own database, what it needs to run the service and additional data needed is pulled on demand from the core LPA database.</p>
<p class="govuk-body">If other new services began to require data from the Use a LPA service, the team would be responsible for engaging with those services and working with them to provide the necessary interface for the problem.</p>
<h3 id="how-is-the-service-currently-run" tabindex="-1" class="govuk-heading-m">How is the service currently run</h3>
<p class="govuk-body">We have a dedicated multidisciplinary team who are responsible for the upkeep of the service.</p>
<p class="govuk-body">It is also in its <code>Live</code> phase of the <a href="https://www.gov.uk/service-manual/agile-delivery/how-the-live-phase-works" class="govuk-link" target="_blank" rel="noreferrer noopener">GDS Assessment<span class="govuk-visually-hidden">(opens in new tab)</span></a> and is <a href="https://github.com/ministryofjustice/opg-use-an-lpa" class="govuk-link" target="_blank" rel="noreferrer noopener">Open Source on github<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">Use a LPA is built and maintained as Infrastructure as Code via Terraform. It is also able to scale up on demand as required.</p>
<h3 id="keeping-the-domains-separate" tabindex="-1" class="govuk-heading-m">Keeping the domains separate</h3>
<p class="govuk-body">Having the separation of the Modernising creation domain and the Use a LPA domain (post Execution) will mean a clean split of data and functionality that is easier to manage over time.</p>
<p class="govuk-body">If we build an internal API layer that Modernising and Use a LPA can integrate with, we can ensure a well defined data schema and rule set for LPA data.</p>
<p class="govuk-body">This shared data schema is out of scope for this document and will be covered elsewhere. It will be important for all interactions across the services to be able to communicate efficiently and follow the same data standards.</p>
<h3 id="final-thoughts" tabindex="-1" class="govuk-heading-m">Final thoughts</h3>
<p class="govuk-body">We should continue to keep the domains separate where appropriate.</p>
<p class="govuk-body">Should a part of the Modernising service require access to the data stored within Use a LPA, then the teams should work together to analyse the problem and come to the best solution.</p>
<p class="govuk-body">Decisions on implementation detail should be left to teams to work out and inspire collaboration across domains for the best outcome for the services.</p>
Accessibility Practices2022-03-30T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/accessibility-practices/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">Accessibility is one of the most important factors to be considered while building a service in Government. We build services for everyone.</p>
<p class="govuk-body">This article will cover the areas within the service manual and parts that aren't.</p>
<p class="govuk-body">We want to set out our intent while in our Alpha phase that we should hold ourselves too in the Beta phase of the service.</p>
<h2 id="web-content-accessibility-guidelines-(wcag-2.1)" tabindex="-1" class="govuk-heading-l">Web Content Accessibility Guidelines (WCAG 2.1)</h2>
<p class="govuk-body">Reference: <a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/understanding-wcag#wcag-design-principles" class="govuk-link" target="_blank" rel="noreferrer noopener">Understanding WCAG 2.1<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<blockquote class="govuk-inset-text">
<p class="govuk-body">The Web Content Accessibility Guidelines are an internationally recognised set of recommendations for improving web accessibility.</p>
</blockquote>
<p class="govuk-body">Any services created will be built to the WCAG 2.1 standard.</p>
<p class="govuk-body">We will also ensure as newer versions of the standard get released that we meet these as part of our ongoing commitment to continuous improvement.</p>
<p class="govuk-body">We will do this by</p>
<ul class="govuk-list govuk-list--bullet">
<li>Ensure all professions collaborate on early designs</li>
<li><a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/accessibility-practices/#automated-testing-in-pipelines" class="govuk-link">Adding automated testing to our pipelines</a></li>
<li>Working with internal dedicated accessibility groups</li>
<li>Encourage and aid team members to learn about accessibility</li>
<li><a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/accessibility-practices/#accessibility-audits" class="govuk-link">Run regular accessibility audits to capture problems that cannot be caught by automated tooling</a></li>
<li><a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/accessibility-practices/#testing-with-assistive-technologies" class="govuk-link">Use our OPG accessibility tools to test our sites against popular accessibility tooling</a></li>
</ul>
<p class="govuk-body">We are already doing all of the above on our existing services and we will be learning from these implementations and using this knowledge to apply it to any new services.</p>
<h2 id="automated-testing-in-pipelines" tabindex="-1" class="govuk-heading-l">Automated testing in pipelines</h2>
<p class="govuk-body">Reference: <a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/testing-for-accessibility" class="govuk-link" target="_blank" rel="noreferrer noopener">Testing for accessibility<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">We should add automated testing into the pipeline for our services. We should not solely rely on this though. We need to also do manual testing, however this will give us knowledge that issues that can be automatically found are monitored.</p>
<p class="govuk-body">This will allow us to break the build if we introduce new content that doesn't meet the WCAG 2.1 standard.</p>
<p class="govuk-body">We should take this into account when choosing how we build our service. If we can produce static HTML files then testing becomes faster and cheaper to run rather than writing scripts to run over a ethereal environment.</p>
<p class="govuk-body">Research has been undertaken by the GDS accessibility team's <a href="https://alphagov.github.io/accessibility-tool-audit/" class="govuk-link" target="_blank" rel="noreferrer noopener">audit of the most use accessibility tools<span class="govuk-visually-hidden">(opens in new tab)</span></a> and should be consulted.</p>
<p class="govuk-body">We used <a href="https://www.deque.com/axe/" class="govuk-link" target="_blank" rel="noreferrer noopener">aXe<span class="govuk-visually-hidden">(opens in new tab)</span></a> and <a href="https://pa11y.org/" class="govuk-link" target="_blank" rel="noreferrer noopener">pa11y<span class="govuk-visually-hidden">(opens in new tab)</span></a> on services currently which will aid in our knowledge of implementing this tooling in the pipeline.</p>
<h2 id="cross-device-testing-in-pipeline" tabindex="-1" class="govuk-heading-l">Cross Device testing in pipeline</h2>
<p class="govuk-body">Reference: <a href="https://www.gov.uk/service-manual/technology/designing-for-different-browsers-and-devices" class="govuk-link" target="_blank" rel="noreferrer noopener">Designing for different browsers and devices<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">We need to ensure that our service is accessible with as many browsers and devices as possible.</p>
<p class="govuk-body">Testing across multiple devices and browsers manually can be time consuming and should be automated.</p>
<p class="govuk-body">Using a tool that can load the service and take screenshots, report on Javascript errors and CSS issues across the most popular devices is key to reduce cost.</p>
<p class="govuk-body">A list of browsers and devices we should support can be found at the GDS service manual page <a href="https://www.gov.uk/service-manual/technology/designing-for-different-browsers-and-devices" class="govuk-link" target="_blank" rel="noreferrer noopener">Designing for different browsers and devices<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<h2 id="testing-with-assistive-technologies" tabindex="-1" class="govuk-heading-l">Testing with assistive technologies</h2>
<p class="govuk-body">Reference: <a href="https://www.gov.uk/service-manual/technology/testing-with-assistive-technologies" class="govuk-link" target="_blank" rel="noreferrer noopener">Testing with assistive technologies<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<blockquote class="govuk-inset-text">
<p class="govuk-body">You must make sure your service works with assistive technologies. This is so everyone can use your service with the technology they rely on, such as a screen reader or speech recognition software.</p>
</blockquote>
<p class="govuk-body">The entire service should be tested using assistive technologies to ensure everyone is able to use it.</p>
<p class="govuk-body">This can be done on new patterns and components we create and once tested, those patterns and components should be repeated throughout the user journeys to ensure a reliable journey.</p>
<p class="govuk-body">We have access to our own OPG Accessibility Lab which should be utilized for our own research, but we should also seek out external services that provide expert analysis with real users, which is usually included in <a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/accessibility-practices/#accessibility-audits" class="govuk-link">Accessibility audits</a>.</p>
<h2 id="gov.uk-and-moj-design-patterns-and-components" tabindex="-1" class="govuk-heading-l">GOV.UK and MoJ Design patterns and components</h2>
<p class="govuk-body">When building services, we use the <a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a> and the <a href="https://design-patterns.service.justice.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">MoJ Pattern Library<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">Any new patterns or components we build, we contribute back to the MoJ Pattern Library and Slack community to get our code and research peer reviewed from specialists in other departments.</p>
<p class="govuk-body">This gives us the benefits of a community of specialist roles who can check accessibility among other things before sharing with other departments.</p>
<p class="govuk-body">If we feel a pattern or component is worth sharing with GOV.UK, then we will also work with them to being adding it to the Design System.</p>
<p class="govuk-body">Working this way ensures we can move fast while gaining extra knowledge from others in areas of Government.</p>
<h2 id="accessibility-audits" tabindex="-1" class="govuk-heading-l">Accessibility audits</h2>
<p class="govuk-body">Reference: <a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/getting-an-accessibility-audit" class="govuk-link" target="_blank" rel="noreferrer noopener">Getting an accessibility audit<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body"><a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/getting-an-accessibility-audit" class="govuk-link" target="_blank" rel="noreferrer noopener">Accessibility audits for service<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">Every service the OPG build goes through yearly accessibility audits and ad-hoc audits when required, such as newly made user journeys.</p>
<p class="govuk-body">We should look for an independent, external service that can provide us with an expert audit to prevent any sort of bias or gap in knowledge internally.</p>
<p class="govuk-body">When receiving an audit report back, if there are issues, the entire team should work through them and learn what needs to be fixed and why. Audits are a great learning tool as well as a check that standards are met.</p>
<h2 id="progressive-enhancement" tabindex="-1" class="govuk-heading-l">Progressive enhancement</h2>
<p class="govuk-body"><a href="https://www.gov.uk/service-manual/technology/using-progressive-enhancement" class="govuk-link" target="_blank" rel="noreferrer noopener">Building a resilient frontend using progressive enhancement<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">Making our service accessible to all devices and connections is extremely important, especially in the demographic LPAs are aimed at.</p>
<p class="govuk-body">Using images, Javascript and CSS to give users a better experience can come with its own downfalls.</p>
<p class="govuk-body">Examples of this are</p>
<ul class="govuk-list govuk-list--bullet">
<li>If you require javascript for your site to work, users without it enabled will not be able to use it</li>
<li>If you have large images, poor network connections or devices will cause long loading delays giving a poor and frustrating experience</li>
<li>If you are serving large assets over a mobile network, this has a cost to users <a href="https://whatdoesmysitecost.com/" class="govuk-link" target="_blank" rel="noreferrer noopener">(What does my site cost?)<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
<p class="govuk-body">We should build the service to reach as many people as possible in the quickest and simplest way.</p>
<p class="govuk-body">If we do add assets to enhance the interface, we should do so in a way that does not stop those who have them disabled from using the site.</p>
<p class="govuk-body">We should look to also taking advantage of modern browser APIs to help serve the right content to users.</p>
<p class="govuk-body">For example</p>
<ul class="govuk-list govuk-list--bullet">
<li>Using the <code>prefers-color-scheme</code> setting to serve dark mode styling</li>
<li>Using the <code>Network Information API</code> to detect network quality and serve smaller images</li>
<li>Using the <code>Service Workers API</code> to intelligently cache assets in the browser</li>
</ul>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<p class="govuk-body">We should continue to build upon our existing practices for accessibility and ensure that it is thought of from the start.</p>
<p class="govuk-body">Using the service manual as a guide, we should go beyond it where we can.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/understanding-wcag#wcag-design-principles" class="govuk-link" target="_blank" rel="noreferrer noopener">Understanding WCAG 2.1<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/testing-for-accessibility" class="govuk-link" target="_blank" rel="noreferrer noopener">Testing for accessibility<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://alphagov.github.io/accessibility-tool-audit/" class="govuk-link" target="_blank" rel="noreferrer noopener">audit of the most use accessibility tools<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.deque.com/axe/" class="govuk-link" target="_blank" rel="noreferrer noopener">aXe<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://pa11y.org/" class="govuk-link" target="_blank" rel="noreferrer noopener">pa11y<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.gov.uk/service-manual/technology/designing-for-different-browsers-and-devices" class="govuk-link" target="_blank" rel="noreferrer noopener">Designing for different browsers and devices<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.gov.uk/service-manual/technology/testing-with-assistive-technologies" class="govuk-link" target="_blank" rel="noreferrer noopener">Testing with assistive technologies<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://design-system.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Design System<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://design-patterns.service.justice.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">MoJ Pattern Library<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.gov.uk/service-manual/helping-people-to-use-your-service/getting-an-accessibility-audit" class="govuk-link" target="_blank" rel="noreferrer noopener">Getting an accessibility audit<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.gov.uk/service-manual/technology/using-progressive-enhancement" class="govuk-link" target="_blank" rel="noreferrer noopener">Building a resilient frontend using progressive enhancement<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://whatdoesmysitecost.com/" class="govuk-link" target="_blank" rel="noreferrer noopener">What does my site cost?<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Parallels in digital services that require access after a long delay2022-03-10T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/parallels-services-long-delay/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">With delayed registration, a user would have a undefined period of time between payment and registration of an LPA.</p>
<p class="govuk-body">Steps in delayed registration</p>
<ul class="govuk-list govuk-list--bullet">
<li>Create an account</li>
<li>Pay to create an LPA</li>
<li>Fill in LPA Details</li>
<li>Choose Certificate Provider</li>
<li>Execute and Sign the LPA</li>
<li>Certificate Provider certifies the LPA</li>
<li>Submits to OPG</li>
<li>Time passes where the LPA is valid but not registered
<ul class="govuk-list govuk-list--bullet">
<li>This could be a few days to 30 years time before being registered</li>
</ul>
</li>
<li>Registration of LPA with OPG by the Donor or another Actor on the LPA</li>
</ul>
<p class="govuk-body">We need to investigate other services and patterns that also use this method of paying up front to create a 'thing' but not use that 'thing' until a later date.</p>
<h2 id="services-that-have-gaps-in-delays-between-payment-and-completion" tabindex="-1" class="govuk-heading-l">Services that have gaps in delays between payment and completion</h2>
<p class="govuk-body">During my initial research I am unable to find any other service that requires payment up front and then allows you to delay claiming a product over a period of time.</p>
<p class="govuk-body">Should this change, this section should be updated with the new information.</p>
<h2 id="services-that-are-similar-but-do-not-match-this-process" tabindex="-1" class="govuk-heading-l">Services that are similar but do not match this process</h2>
<p class="govuk-body">Some services have similar user flows to what we are wanting to do. I believe it is worth noting a few examples of these and how they manage payments for content, even if we cannot use them ourselves.</p>
<h3 id="kickstarter" tabindex="-1" class="govuk-heading-m">Kickstarter</h3>
<p class="govuk-body">On Kickstarter, users are able to purchase a product that is in a ideation stage with the promise of it being fulfilled at a future point.</p>
<p class="govuk-body">This requires a user to</p>
<ul class="govuk-list govuk-list--bullet">
<li>Sign up</li>
<li>Pay for a product up front that does not exist</li>
<li>Feed into the creation process over time</li>
<li>Waiting time can be months to years</li>
<li>They receive their product from the creator</li>
</ul>
<h3 id="patreon" tabindex="-1" class="govuk-heading-m">Patreon</h3>
<p class="govuk-body">Patreon allows users to sign up to content creators for a monthly/per creation fee to get access to content they create. You pay up front and then are able to access their back catalog and as long as you keep paying, access to new content.</p>
<ul class="govuk-list govuk-list--bullet">
<li>Sign up</li>
<li>Pay up front with a standing order for future content</li>
<li>Feed into the creation process over time</li>
<li>Each release is then accessable to you</li>
</ul>
<h3 id="gofundme" tabindex="-1" class="govuk-heading-m">Gofundme</h3>
<p class="govuk-body">Gofundme allows an individual to setup a fundraiser with a funding goal/target. You let people know what you are doing and what for, then individuals can donate towards your target with an end date of some activity that will take place.</p>
<ul class="govuk-list govuk-list--bullet">
<li>Sign up</li>
<li>Pay up front with a donation</li>
<li>Offer support through messaging boards</li>
<li>Wait until the end date</li>
<li>See the outcome of the event or change it has effected</li>
</ul>
<h3 id="renewing-a-drivers-licence" tabindex="-1" class="govuk-heading-m">Renewing a Drivers Licence</h3>
<p class="govuk-body">When renewing a Drivers Licence, there is no need for you to remember a username and password. Your details are matched by the information you provide in one session online which asks the following followed by payment at the end.</p>
<ul class="govuk-list govuk-list--bullet">
<li>Your details
<ul class="govuk-list govuk-list--bullet">
<li>Title</li>
<li>Name</li>
<li>Gender</li>
<li>Date of Birth</li>
<li>Country of Birth</li>
</ul>
</li>
<li>You 3 year address history</li>
<li>Your driving record</li>
<li>National Insurance Number</li>
<li>UK Passport Number</li>
</ul>
<p class="govuk-body">If all the above match then you can go to your payment and await your licence in the post.</p>
<h3 id="passport" tabindex="-1" class="govuk-heading-m">Passport</h3>
<p class="govuk-body">Getting a passport requires you to create an application with a passport photos, pay for it and then get someone else to confirm your identity.</p>
<p class="govuk-body">Immediately after identification checks you receive your documents in the post.</p>
<h3 id="insurance" tabindex="-1" class="govuk-heading-m">Insurance</h3>
<p class="govuk-body">Various types of insurance companies all follow the same basic user flow when applying. Unfortunately this finishes with a certificate of insurance, presented to you on a prescribed date.</p>
<p class="govuk-body">Even though the user is in control of the date, it is still a hard set date that if left for long enough will cause a change in the premium offered.</p>
<ul class="govuk-list govuk-list--bullet">
<li>Sign up</li>
<li>Get a quote</li>
<li>Set a date in the future for cover to start</li>
<li>Pay for the insurance</li>
<li>Get a certificate confirming your start date and cover details</li>
</ul>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<p class="govuk-body">At this point it is hard to find any other service that would work in the same way we do.</p>
<p class="govuk-body">There are many that have paths with journeys that require payment up front, but these all follow the pattern of a service or product being given to you after a set amount of time controlled by the service, not the customer.</p>
<p class="govuk-body">We should continue to look for other services or products and update this article accordingly if we do.</p>
GOV.UK Pay for Solicitors and Organisations2022-03-08T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/govukpay-payments/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">We require a way to use GOV.UK Pay for solicitors and organisations who register LPAs on behalf of their clients.</p>
<p class="govuk-body">This will require a different process from paying per LPA.</p>
<p class="govuk-body">We want to give Solicitors a way to pay via invoice, batch payments or other methods to simplify their process with fee structures.</p>
<h2 id="what-gov.uk-pay-does-and-does-not-do" tabindex="-1" class="govuk-heading-l">What GOV.UK Pay does and does not do</h2>
<p class="govuk-body">GOV.UK Pay's responsibility is to take payment from a user, handle the payment and respond to whether payment was successful or not.</p>
<p class="govuk-body">It is not responsible for managing accounts, invoicing or any other type of payment processing.</p>
<p class="govuk-body">We can only use GOV.UK Pay for requesting payment and tracking the status of the payment.</p>
<h2 id="solution" tabindex="-1" class="govuk-heading-l">Solution</h2>
<p class="govuk-body">We cannot hand off an invoicing solution to GOV.UK Pay, however we can still use it for payment of invoices in our service.</p>
<p class="govuk-body">We need to build into our service the ability for organisations to be invoiced and pay via GOV.UK Pay.</p>
<p class="govuk-body">In Beta we need to look at the organisation feature of our service to include the following</p>
<ul class="govuk-list govuk-list--bullet">
<li>Monthly/Quarterly invoicing based on the number of LPAs registered</li>
<li>Optional payments by phone or post</li>
<li>Ensuring payments are tagged with an organisation reference and LPA ID</li>
<li>Dashboard for viewing daily usage</li>
<li>Audit trails for organisations payments</li>
<li>Automatic billing and reconciliation of LPAs registered via organisations</li>
<li>Any type of support needed for organisations should they have a query with their bill</li>
</ul>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.payments.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Pay<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://docs.payments.service.gov.uk/integrate_with_govuk_pay/#integrate-with-the-gov-uk-pay-api" class="govuk-link" target="_blank" rel="noreferrer noopener">Integrate with the GOV.UK Pay API<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.payments.service.gov.uk/take-payments-by-phone-or-post/" class="govuk-link" target="_blank" rel="noreferrer noopener">Take payments by phone or post<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Browser Fingerprinting and Registered Devices2022-03-07T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/browser-fingerprinting/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">We would like to gain confidence that the user is who they say they are when using our site.</p>
<p class="govuk-body">During the process, it would be a help if we knew the device they use is the same or one of many devices they use on repeat journeys.</p>
<p class="govuk-body">We want to investigate the use of Browser Fingerprinting and its use in helping give the user confidence that they have been the only one accessing the site via their login and give us confidence in the devices they are using.</p>
<h2 id="what-is-browser-fingerprinting%3F" tabindex="-1" class="govuk-heading-l">What is Browser Fingerprinting?</h2>
<p class="govuk-body">Browser Fingerprinting is the process of identifying a user via their browser and operating system when using a website.</p>
<p class="govuk-body">It uses a range of different methods and techniques to gather properties about the browser and if possible, the device and operating system it is running on.</p>
<h3 id="techniques-used" tabindex="-1" class="govuk-heading-m">Techniques used</h3>
<p class="govuk-body">There are a range of techniques that can be used to successfully identify a browser. Below is a range of examples that are commonly used techniques and methods.</p>
<ul class="govuk-list govuk-list--bullet">
<li>User agent including screen resolution</li>
<li>Browser details</li>
<li>Timezone</li>
<li>Cookies</li>
<li>Does IP Address and DNS Server match</li>
<li>Is WebRTC enabled</li>
<li>Is Javascript enabled</li>
<li>Is the user in incognito mode</li>
<li>IP Location</li>
<li>Web API
<ul class="govuk-list govuk-list--bullet">
<li>Battery status</li>
<li>Canvas</li>
<li>WebGL</li>
<li>HTTP/2</li>
</ul>
</li>
<li>Keystroke patterns</li>
<li>Accelerometer readings</li>
<li>And more</li>
</ul>
<h2 id="who-uses-fingerprinting" tabindex="-1" class="govuk-heading-l">Who uses Fingerprinting</h2>
<p class="govuk-body">Many companies use Fingerprinting technologies for both positive and negative reasons. Below are a few examples.</p>
<h3 id="online-banking" tabindex="-1" class="govuk-heading-m">Online Banking</h3>
<p class="govuk-body">To help reduce fraud, many online banking services will use Fingerprinting as part of their sign in process.</p>
<p class="govuk-body">This aids in helping with their confidence levels of the user being who they say they are at time of log in. It also gives a better user experience for users returning from a commonly used device.</p>
<p class="govuk-body">For example, if a user logs on to their site via a VPN, they can detect a change in the network IP address from the previous log in and ensure the user has to re-enter their two factor authentication details or put captcha screens in front of the login to deter unwanted threats.</p>
<h3 id="video-on-demand-registered-devices" tabindex="-1" class="govuk-heading-m">Video On Demand Registered Devices</h3>
<p class="govuk-body">A lot of Video on Demand services require you to register your browser before being able to watch their services.</p>
<p class="govuk-body">They also limit the amount of devices you are allowed to register.</p>
<p class="govuk-body">This gives them many benefits, the main one being that it helps ensure that a licence is not being shared between multiple households.</p>
<h3 id="advanced-user-tracking" tabindex="-1" class="govuk-heading-m">Advanced User Tracking</h3>
<p class="govuk-body">With the increased awareness around cookie misuse, browsers and browser addons that disable tracking cookies, services are starting to rely instead on new ways to track users across websites.</p>
<p class="govuk-body">Browser Fingerprinting has begun to replace cookie misuse.</p>
<p class="govuk-body">Because of this more browsers are now disabling common Browser Fingerprinting techniques and creating open source lists to help detect and classify known bad trackers.</p>
<h2 id="accuracy" tabindex="-1" class="govuk-heading-l">Accuracy</h2>
<p class="govuk-body">Depending on how we would gather and use this data, we could damage our users experience on the site while gaining minimal security benefits.</p>
<p class="govuk-body">Examples of a few way in how the accuracy of using Browser Fingerprinting can drop are as follows</p>
<ul class="govuk-list govuk-list--bullet">
<li>Users on a corporate network could all come from the same IP</li>
<li>Multiple users could work from the same device in a household</li>
<li>Use of a modern browser that prevents any detection of Fingerprinting technology such as Brave Browser, Tor Project or Mozilla Firefox</li>
</ul>
<p class="govuk-body">Relying too heavily on this technology could alienate groups of users from being able to access our service if their behaviour is classed as untrustworthy or uncommon.</p>
<h2 id="browser-changes" tabindex="-1" class="govuk-heading-l">Browser changes</h2>
<p class="govuk-body">Even though there is a case for Browser Fingerprinting in safeguarding people who use sites and detecting fraudulent activity, browser companies are working hard to remove the ability to reliably identify users by their hardware.</p>
<p class="govuk-body"><a href="https://www.xda-developers.com/chrome-100-beta/" class="govuk-link" target="_blank" rel="noreferrer noopener">Chrome have announced they will be removing the User Agent from their Chrome browser in the latest version<span class="govuk-visually-hidden">(opens in new tab)</span></a> and we should expect more and more personally identifiable attributes from browsers to be removed over time.</p>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<h3 id="what-we-should-not-do" tabindex="-1" class="govuk-heading-m">What we should not do</h3>
<p class="govuk-body">We may have to rule out using it as a way to give us confidence in knowing the user is who they say they are. The technology is changing too quickly and as our accuracy drops, we risk introducing unforeseen consequences in how people use the site.</p>
<p class="govuk-body">If however during Beta we discover a need for this technology, then we should look to source the solution externally. Maintaining a system that can stay up to date with the latest changes in browsers and ensuring accuracy would be beyond internal resourcing.</p>
<p class="govuk-body">If we do use Browser Fingerprinting, we should make it clear to our users that we use it, what we use it for, the ability to opt out should they wish to and not prevent them from using the service should they do this.</p>
<h3 id="what-we-should-do" tabindex="-1" class="govuk-heading-m">What we should do</h3>
<p class="govuk-body">I suggest we research what value an implementation would hold where a user is able to see their basic device history and log in history.</p>
<p class="govuk-body">This gives value to a user to have ownership of their own security and raise with us any unusual behaviour they see on their account.</p>
<p class="govuk-body">Even with the removal of data from browsers, we should still investigate it's use. Tracking small amounts of attributes to show the users could be a great way increase confidence in our service.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.avast.com/c-what-is-browser-fingerprinting" class="govuk-link" target="_blank" rel="noreferrer noopener">Avast - What is browser fingerprinting?<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.mozilla.org/en-GB/firefox/features/block-fingerprinting/" class="govuk-link" target="_blank" rel="noreferrer noopener">Mozilla - Firefox blocks fingerprinting<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html" class="govuk-link" target="_blank" rel="noreferrer noopener">Amazon Cognito - Creating a device fingerprint<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.thesslstore.com/blog/browser-fingerprinting-the-good-bad-ugly/" class="govuk-link" target="_blank" rel="noreferrer noopener">Browser Fingerprinting: The Good, Bad & Ugly<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Supported Journeys and Delegated Access Blog2022-02-28T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/supported-journeys-delegated-access/<h2 id="designing-for-a-relationship%2C-not-a-user" tabindex="-1" class="govuk-heading-l">Designing for a relationship, not a user</h2>
<p class="govuk-body">When was the last time you helped someone do something online? A few personal examples from me: during a prototype testing session I talked a participant through how to share their screen with me, while on a whatsapp call with my mom I talked her through how to switch our voice call to a video call and last year while abroad for a conference, I sat next to a fellow speaker and helped him as he completed the online public health passenger locator form for entry back into the UK. For the purposes of this blog I'm going to call this informal support.</p>
<p class="govuk-body">Next question. Do you have any formal 'authority' in place? Perhaps you're a parent or a guardian. Perhaps you have a lasting power of attorney in place for your mum or your dad or your granny? I have a power of attorney in place for my sister. The UK Gov Good Practice Guidelines (GPG) identifies three different types of authority:</p>
<ol class="govuk-list govuk-list--number">
<li><strong>Delegated authority</strong> is when someone nominates a representative to do things for them. Eg. Lasting Power of Attorney.</li>
<li><strong>Asserted authority</strong> is when a representative is able to declare/assert that they have the authority to act on behalf of someone else. Eg. A mother opening a bank account on behalf of her child does not need the child's agreement to do so.</li>
<li><strong>Appointed authority</strong> is when a third party has the legal power to appoint someone to act on behalf of a subject. Eg. A court-appointed company administrator.</li>
</ol>
<p class="govuk-body">For the purposes of this blog, we'll refer to all these authoritative examples as 'formal support'.</p>
<p class="govuk-body">While working on <a href="https://sites.google.com/digital.justice.gov.uk/opgmlpa" class="govuk-link" target="_blank" rel="noreferrer noopener">modernising lasting powers of attorney<span class="govuk-visually-hidden">(opens in new tab)</span></a>, I've come across tens of stories and anecdotes, just like the ones I've shared with you above, where participants talked through how they received help from or gave help to a friend, neighbour or family member while completing their forms. These stories are often accompanied by tales of woe; because once they had a <a href="https://www.gov.uk/power-of-attorney" class="govuk-link" target="_blank" rel="noreferrer noopener">lasting power of attorney<span class="govuk-visually-hidden">(opens in new tab)</span></a> in place, they quickly discovered how difficult it was to start using this really important document.</p>
<p class="govuk-body">As a result of this work, I've started seeing the absence of informal support and formal delegation journeys everywhere and I cannot stop thinking to myself, why do we make it so difficult for people to get the help they need? The reason I'm getting on my soapbox about this is because this isn't just a design flaw. In some instances, this absence becomes outright service failure.</p>
<p class="govuk-body">When you start adding up the numbers, you quickly start to see how important supported journeys are. There are nearly six million lasting powers of attorney and counting in the UK, with around one million being added each year… and that's just one kind of formal support. Supported journeys aren't a chance occurrence, they are a certainty.</p>
<h2 id="why-is-it-important-for-us-to-design-'in'-support%3F" tabindex="-1" class="govuk-heading-l">Why is it important for us to design 'in' support?</h2>
<p class="govuk-body">The simplest answer to this question is because informal and formal support are a key feature of human life and as a result, our services should be flexible enough to cope with a supporter-in-tow on the other end of a screen, telephone or paper form. However, there are a number of other important reasons too.</p>
<h2 id="reduce-fear-and-anxiety" tabindex="-1" class="govuk-heading-l">Reduce fear and anxiety</h2>
<p class="govuk-body">On more than one occasion, I've heard how filling out government forms overwhelms people. There is a real fear and anxiety in getting it wrong or getting into trouble because they got it wrong. Very often, it's this fear and anxiety that drives people to seek support and reassurance from someone else but that, in turn, concerns people that by including someone else, they're doing the wrong thing. Designing 'in' support and delegation makes it known to people that getting support is perfectly ok and normal.</p>
<p class="govuk-body">You could include an entry point for a supporter at the very start of the journey, like this.</p>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/supported-journeys-delegated-access/who-are-you-making-this-lpa-for.png" alt="Screenshot of who are you making this LPA for page. Gives three options, for me, for someone else, for me and someone else." /></p>
<h2 id="reduce-errors" tabindex="-1" class="govuk-heading-l">Reduce errors</h2>
<p class="govuk-body">Designing in support means that we're able to reduce errors when people are sharing information with us. When you're helping someone complete an online form, it's easy to default to 'your' details when you see the word 'you' or 'yours'. Customising the journey with names reduces the cognitive load on the supporter and can help to reduce errors.</p>
<p class="govuk-body">Avoid this: Do you have an account?</p>
<p class="govuk-body">Rather this: Does Wendy have an account?</p>
<h2 id="reduce-delays-in-access-to-public-services" tabindex="-1" class="govuk-heading-l">Reduce delays in access to public services</h2>
<p class="govuk-body">This is especially important with regards to formal supporters like guardians, attorneys, appointees and others because the person we intended to speak to, our imagined 'user', isn't driving the car but is rather in the front seat, so to speak. For those with a formal support arrangement in place, they are relying on service providers to know what these arrangements are, how they work, and to have a process in place to verify the arrangement. Without this, a potentially vulnerable person and their supporter is left in significant distress.</p>
<p class="govuk-body">Verifying the relationship between two people also ensures that should any queries arise or notifications need to be shared, that we contact the right person. Calling someone who has dementia and questioning them about, say, identity documents is not helpful</p>
<h2 id="design-for-a-relationship-not-a-user" tabindex="-1" class="govuk-heading-l">Design for a relationship not a user</h2>
<p class="govuk-body">Once you open this box, you realise there is a lot to think about. For starters, there's the fact that you're having to reframe the design challenge in front of you because you're now having to design for a relationship not a user. That's some real weirdness right there and it takes some getting used to.</p>
<p class="govuk-body">Then there are other design challenges that crop up like capturing consent from the person getting the support, and adapting guidance so that those who are supporting have the language they need to explain what the service is requesting and what decisions need to be made clearly to someone else. Building in safeguards, to reduce the risk of undue pressure and coercion, takes time.</p>
<p class="govuk-body">Consideration also needs to be given to how the kind of supported journeys that are described above should be designed differently to professional support services that solicitors, accountants, charities etc provide. However, this is a blog and not a thesis and there is only so much space that I'm allocated.</p>
<p class="govuk-body">If you'd like to read more about this topic, I'm starting to document my thinking in a framework that I'm <a href="https://docs.google.com/document/d/19_iph4Q3jJIDrxGDOfOPpGnMm8h9GEdZtPQnYKhiF94/edit" class="govuk-link" target="_blank" rel="noreferrer noopener">publishing on this Google Doc over here<span class="govuk-visually-hidden">(opens in new tab)</span></a>.</p>
<p class="govuk-body">As more public services and national infrastructure, like single sign-on accounts and identity, move online, the design of informal and formal support journeys will need to move from nice-to-have into the territory of accessible and inclusive design practice.</p>
<p class="govuk-body">So the next time someone asks you, "Will it scale?" The answer is, "It has to."</p>
Using Technology to reduce mass LPA attempts2022-02-21T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/reducing-mass-attempts/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">OPG need to identify ways in which we can mitigate abuse of bad actors abusing our service and costing the business, and in turn our end users, money with an increase in the cost of registering an LPA.</p>
<p class="govuk-body">We should try to protect the highest cost endpoints while ensuring the user journey is unaffected by any negative experiences.</p>
<h2 id="solutions" tabindex="-1" class="govuk-heading-l">Solutions</h2>
<p class="govuk-body">Below is a list of options we can investigate to try and mitigate this problem.</p>
<h3 id="account-creation-flow" tabindex="-1" class="govuk-heading-m">Account Creation Flow</h3>
<p class="govuk-body">There are ways to prevent malicious creation of accounts and use of verification flows on the service.</p>
<p class="govuk-body">By setting up our registration flow in the correct way, we can put manual steps in place to prevent automation attempts without causing a bad experience to the end user.</p>
<p class="govuk-body">Some of these are</p>
<ul class="govuk-list govuk-list--bullet">
<li>Limit the number of LPAs allowed to be created over time. A rate limit to prevent bad behaviour</li>
<li>Permit only one account per email address</li>
<li>Check for or prevent the use of email aliasing</li>
<li>Allow registration of new accounts via third party account providers</li>
<li>Verify account via email and SMS before user verification or LPA process</li>
<li>Require two factor authentication</li>
</ul>
<h3 id="web-application-firewall" tabindex="-1" class="govuk-heading-m">Web Application Firewall</h3>
<p class="govuk-body">Sources</p>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://aws.amazon.com/waf/" class="govuk-link" target="_blank" rel="noreferrer noopener">AWS WAF - Web Application Firewall<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
<p class="govuk-body">We already have experience of using Web Application Firewalls internally.</p>
<p class="govuk-body">Web Application Firewalls give us a suite of useful security tools to help against not only attack, but mitigating suspicious behaviour.</p>
<p class="govuk-body">A benefit of using a Web Application Firewall is it does not impact legitamite use, it only targets negative types of behaviour.</p>
<h4 id="web-traffic-filtering" tabindex="-1" class="govuk-heading-s">Web traffic filtering</h4>
<blockquote class="govuk-inset-text">
<p class="govuk-body">Web Application Firewalls let you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs.</p>
</blockquote>
<p class="govuk-body">This feature allows us to take advantage of existing and well known traffic patterns that could potentially be used to setup attacks to drive up our costs.</p>
<h4 id="bot-control" tabindex="-1" class="govuk-heading-s">Bot Control</h4>
<blockquote class="govuk-inset-text">
<p class="govuk-body">Bot Control is a managed rule group that gives you visibility and control over common and pervasive bot traffic that can consume excess resources, skew metrics, cause downtime, or perform other undesired activities.</p>
</blockquote>
<p class="govuk-body">Being able to capture bots that abuse our service will help with any third parties trying to use our service bypassing any available APIs.</p>
<p class="govuk-body">It will also prevent attackers trying to drive costs up by repeating certain journeys that cost us to validate details with third parties or internal storage costs.</p>
<h3 id="rate-limiting" tabindex="-1" class="govuk-heading-m">Rate limiting</h3>
<p class="govuk-body">Rate limiting can also be enabled, allowing us to block access to the site when abuse is detected.</p>
<p class="govuk-body">We should investigate strategies to blocking access such as captcha (showing a captcha image to check for bots), perminant (blocking access to the site completely) or incremental time blocking (blocking for timed increments such as 2 minutes, 5 minutes, 10 minutes, etc).</p>
<p class="govuk-body">We can also have different types of rate limiting based on users behaviour patterns. For example, having different implementations for fast but successful journeys or brute forcing attempts.</p>
<h4 id="account-takeover-prevention" tabindex="-1" class="govuk-heading-s">Account takeover prevention</h4>
<blockquote class="govuk-inset-text">
<p class="govuk-body">Account Takeover Prevention is a managed rule group that monitors your application’s login page for unauthorized access to user accounts using compromised credentials. You can use the rule group to help protect against credential stuffing attacks, brute force login attempts, and other anomalous login activities.</p>
</blockquote>
<p class="govuk-body">While not preventing attacks for mass attempts, this does help with reducing the risk of an attack via a compromised account.</p>
<p class="govuk-body">If an OPG trusted account has been comprised and is therefore trusted to make more calls for verification or LPA creation, then this helps reduce this attack area.</p>
<h3 id="user-behaviour-analytics-(uba)-or-transaction-monitoring" tabindex="-1" class="govuk-heading-m">User Behaviour Analytics (UBA) or Transaction Monitoring</h3>
<p class="govuk-body">Sources</p>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.ncsc.gov.uk/collection/10-steps/logging-and-monitoring" class="govuk-link" target="_blank" rel="noreferrer noopener">NCSC 10 Steps to Cyber Security - Logging and Security<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/user-behaviour-analytics-witnessing/" class="govuk-link">Using User Behaviour Analytics in place of Witnessing</a></li>
<li><a href="https://aws.amazon.com/fraud-detector/" class="govuk-link" target="_blank" rel="noreferrer noopener">Amazon Fraud Detector<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
<p class="govuk-body">We have talked extensively about UBA and how we could use it within our service. This technology can be a data point we can work with to aid in our confidence of a LPA.</p>
<p class="govuk-body">Flagging legitamite and suspicious activity through this technology will aid in our confidence for giving account holders the ability to access more expensive operations such as verification and signing.</p>
<h4 id="identify-suspicious-online-payments" tabindex="-1" class="govuk-heading-s">Identify suspicious online payments</h4>
<p class="govuk-body">Sources</p>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.payments.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Pay<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
<p class="govuk-body">For any payments through our service, we will be using the <a href="https://www.payments.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Pay<span class="govuk-visually-hidden">(opens in new tab)</span></a> service.</p>
<p class="govuk-body">Built into this service are fraud prevention methods and risk scores that will help with any fraudulent payments.</p>
<p class="govuk-body">Using a trusted SAAS payment service, that has the resources and expertise in the financial services area is a preferred way of outsourcing this issue.</p>
<h4 id="detect-new-account-fraud" tabindex="-1" class="govuk-heading-s">Detect new account fraud</h4>
<blockquote class="govuk-inset-text">
<p class="govuk-body">Accurately distinguish between legitimate and high-risk account registrations so you can selectively introduce additional checks, such as phone or email verification.</p>
</blockquote>
<p class="govuk-body">We could use this service to ensure that the data collected on registration and the verification process is not fraudulent.</p>
<p class="govuk-body">Having extra safe guards around these already secure processes will help mitigate high-risk accounts being created and subsequently abused.</p>
<h2 id="preventing-bias" tabindex="-1" class="govuk-heading-l">Preventing Bias</h2>
<p class="govuk-body">Some of these suggestions use some form of Machine Learning and with this we know your model is only as good as your data.</p>
<p class="govuk-body">We should use tools that allow us to analyse our use of these services and identify any negative biases that could occur and hold ourselves accountable to the highest standards.</p>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<p class="govuk-body">We have options that we should investigate in Beta to learn more about how they can help solve the problem.</p>
<p class="govuk-body">We already have experience of using Web Application Firewall, so we will have real world data to look at. We should take the opportunity with the existing implementations to trial any exploration.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://aws.amazon.com/about-aws/whats-new/2022/02/aws-waf-fraud-control-login-credential-attacks/" class="govuk-link" target="_blank" rel="noreferrer noopener">AWS WAF introduces AWS WAF Fraud Control - Account Takeover Prevention for protecting your login page against credential stuffing attacks<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://aws.amazon.com/waf/" class="govuk-link" target="_blank" rel="noreferrer noopener">AWS WAF - Web Application Firewall<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://docs.modernising.opg.service.justice.gov.uk/research-development/articles/user-behaviour-analytics-witnessing/" class="govuk-link">Using User Behaviour Analytics in place of Witnessing</a></li>
<li><a href="https://aws.amazon.com/fraud-detector/" class="govuk-link" target="_blank" rel="noreferrer noopener">Amazon Fraud Detector<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.ncsc.gov.uk/collection/10-steps/logging-and-monitoring" class="govuk-link" target="_blank" rel="noreferrer noopener">NCSC 10 Steps to Cyber Security - Logging and Security<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
OPG as a Service2022-02-14T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/opg-as-a-service/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">70% of LPAs made are done by solicitors, charities or other third parties on behalf of the Donor.</p>
<p class="govuk-body">Citation: <a href="https://www.lastingpowerofattorney.service.gov.uk/stats" class="govuk-link" target="_blank" rel="noreferrer noopener">Lasting Power of Attorney Statistics<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body">If we are to encourage the uptake of our digital pathway, we need to explore a way of enabling this group of users to interact with their systems more efficiently.</p>
<p class="govuk-body">Supplying our users with an option to integrate via an API will help move a significant amount of users over to our digital LPA service.</p>
<p class="govuk-body">We know that most solicitors firms use a small range of software providers and work with a group called the <a href="https://www.lssa.co.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">Legal Software Suppliers Association<span class="govuk-visually-hidden">(opens in new tab)</span></a> (LSSA).</p>
<p class="govuk-body">The companies behind this software have a keen interest in integrating with our service through code so that they can streamline their processes and automate work.</p>
<p class="govuk-body">They already integrate with other government services like the Land Registry.</p>
<h3 id="legal-software-suppliers-association-(lssa)" tabindex="-1" class="govuk-heading-m">Legal Software Suppliers Association (LSSA)</h3>
<blockquote class="govuk-inset-text">
<p class="govuk-body">The Legal Software Suppliers Association (LSSA) is the UK industry body for legal systems developers and vendors. Representing most of the leading UK suppliers, it aims to both set and maintain professional standards within the industry and manage areas of mutual interest between lawyers and software providers.</p>
</blockquote>
<p class="govuk-body">Working with the LSSA and those outside of them will be key to unlocking the full potential of any new service we create.</p>
<h2 id="opg-as-a-service" tabindex="-1" class="govuk-heading-l">OPG as a Service</h2>
<blockquote class="govuk-inset-text">
<p class="govuk-body">An API is not "just" an API</p>
</blockquote>
<p class="govuk-body">There is more to building an API than providing consumers with an endpoint to connect to.</p>
<p class="govuk-body">To accomplish providing an integration for the users of our service, we need to build something that does the following:</p>
<ul class="govuk-list govuk-list--bullet">
<li>Allow the user to Self Service</li>
<li>Quality support expected of a service that is widely used</li>
<li>A testing environment for new and existing integrations</li>
<li>Information on the service status</li>
<li>Well documented schema and versioning strategy</li>
<li>Allows the consumer to integrate into their existing software platforms</li>
<li>Communicate data flows and business logic for an LPA lifecycle</li>
</ul>
<p class="govuk-body">We should take the learnings from the existing <a href="https://www.notifications.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Notify<span class="govuk-visually-hidden">(opens in new tab)</span></a> and <a href="https://www.payments.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Pay<span class="govuk-visually-hidden">(opens in new tab)</span></a> services which provide a centralised API for any government service to integrate with.</p>
<p class="govuk-body">We should follow the patterns they use, including their url structure, design and features.</p>
<p class="govuk-body">Below is an example of how this may be structured</p>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/opg-as-a-service/opg-as-a-service.jpg" alt="Diagram showing an overview of all components of a potential future self service API." /></p>
<h3 id="documentation" tabindex="-1" class="govuk-heading-m">Documentation</h3>
<p class="govuk-body">Details on how to use the service from sign up to implementation</p>
<h3 id="account-management" tabindex="-1" class="govuk-heading-m">Account Management</h3>
<p class="govuk-body">Manage your account resources in a self service way</p>
<ul class="govuk-list govuk-list--bullet">
<li>Organisation Details
<ul class="govuk-list govuk-list--bullet">
<li>Solicitor</li>
<li>Charity</li>
<li>Company</li>
<li>third party details management</li>
</ul>
</li>
<li>User Details
<ul class="govuk-list govuk-list--bullet">
<li>Individual user details associated with the organisation. This allows for better auditing with interactions within the API</li>
</ul>
</li>
<li>API Keys
<ul class="govuk-list govuk-list--bullet">
<li>Each Organisation has a unique API Key that is required for any API calls</li>
</ul>
</li>
<li>API Throttling Limits
<ul class="govuk-list govuk-list--bullet">
<li>Throttling rules shown to understand your allowed usage of the service</li>
</ul>
</li>
<li>Audit Trails
<ul class="govuk-list govuk-list--bullet">
<li>Anonymised logs to allow you to Audit activity within your organisation</li>
</ul>
</li>
</ul>
<h3 id="support" tabindex="-1" class="govuk-heading-m">Support</h3>
<p class="govuk-body">Provide technical support to users of the service</p>
<ul class="govuk-list govuk-list--bullet">
<li>Uptime and Issues Dashboard
<ul class="govuk-list govuk-list--bullet">
<li>Dashboard with current and past service uptime, alerting hooks for integrations into 3rd party tooling such as Slack and scheduled maintenance times</li>
</ul>
</li>
<li>Sandbox
<ul class="govuk-list govuk-list--bullet">
<li>A testing environment for new integrations or testing out code against newer versions of APIs</li>
</ul>
</li>
</ul>
<h3 id="api" tabindex="-1" class="govuk-heading-m">API</h3>
<p class="govuk-body">Endpoints for external parties to integrate with</p>
<ul class="govuk-list govuk-list--bullet">
<li>Security
<ul class="govuk-list govuk-list--bullet">
<li>IP Range, API Key (Organisation) and UserID (User Details ID) all set for requests to the API</li>
</ul>
</li>
<li>Responses
<ul class="govuk-list govuk-list--bullet">
<li><code>JSON</code> and potentially <code>FHIR+JSON</code> for the NHS</li>
</ul>
</li>
<li>OpenAPI Specifications
<ul class="govuk-list govuk-list--bullet">
<li>Defined OpenAPI specifications allowing mocks and integration checks. There is a potential for Contract Testing here too</li>
</ul>
</li>
<li>API Design Styles
<ul class="govuk-list govuk-list--bullet">
<li>REST</li>
<li>GraphQL</li>
<li>Our Domain supports REST more than GraphQL so REST is probably the way we will go</li>
</ul>
</li>
</ul>
<h3 id="internal-government-services" tabindex="-1" class="govuk-heading-m">Internal Government Services</h3>
<p class="govuk-body"><a href="https://www.notifications.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">Sending of emails, texts and letters via GOV.UK Notify<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<p class="govuk-body"><a href="https://www.payments.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">For the handling of payments through the process via GOV.UK Pay<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<h2 id="example-api-endpoints" tabindex="-1" class="govuk-heading-l">Example API Endpoints</h2>
<p class="govuk-body">Below are a list of potential endpoints and flows we could implement within OPG as a Service.</p>
<h3 id="example-api-flow-1" tabindex="-1" class="govuk-heading-m">Example API Flow 1</h3>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/opg-as-a-service/simple-api-example.jpg" alt="A simplified version of submitting an LPA" /></p>
<p class="govuk-body">We are able to replicate the entire <a href="https://www.lastingpowerofattorney.service.gov.uk/home" class="govuk-link" target="_blank" rel="noreferrer noopener">Make a LPA<span class="govuk-visually-hidden">(opens in new tab)</span></a> journey via this endpoint.</p>
<p class="govuk-body">Providing a Data Model for integrations, we can specify the structure of the data required and provide an endpoint that can be a one off transaction.</p>
<p class="govuk-body">This would allow third parties to create LPAs and actors in a simplified way, but would end the journey there.</p>
<p class="govuk-body">Negatives are that we will find ourselves in a position where we will have duplicate actors and no sure proof way of matching them against existing OPG actors.</p>
<h3 id="example-api-flow-2" tabindex="-1" class="govuk-heading-m">Example API Flow 2</h3>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/opg-as-a-service/full-api-example.jpg" alt="An overview of all components of a potential future self service API." /></p>
<p class="govuk-body">This diagram offers a more complex API for greater control and management of LPA data.</p>
<h4 id="actor" tabindex="-1" class="govuk-heading-s">Actor</h4>
<p class="govuk-body">An actor endpoint will allow systems to manage OPG users details from their own content management systems.</p>
<p class="govuk-body">Creating an actor will then supply the third party with a OPG User ID that they can use in any future LPA management.</p>
<p class="govuk-body">They should also be able to claim the management of a OPG User if they already exist in the system. This needs to be thought about more on how the user would manage and consent to this through the website.</p>
<p class="govuk-body">Having the ability to properly manage a actor will mean better audit trails and confidence in safe guarding rather than potential duplicate identities within the OPG service.</p>
<h4 id="documents" tabindex="-1" class="govuk-heading-s">Documents</h4>
<p class="govuk-body">Giving the ability for third parties to submit documents such as identification material, signatures or photos is a nice to have and may not be required.</p>
<p class="govuk-body">It is here to show that it is possible to do so. We would rather not be in a position where we are managing copies of users private documents.</p>
<p class="govuk-body">Where possible we should be using transactional processes that return us a confidence score to act upon and not storing copies of user data.</p>
<h4 id="lpa-create" tabindex="-1" class="govuk-heading-s">LPA Create</h4>
<p class="govuk-body">Unlike the Make a LPA endpoint, this splits the process into 4 stages to correctly manage an LPA.</p>
<p class="govuk-body">You can register a new empty LPA by a <code>POST</code> to the create endpoint with a internal reference number. At this point we have created a blank record with a reference to the third parties internal reference number.</p>
<p class="govuk-body">After this you can <code>PUT</code> as often as you wish, a <code>OPGLPADataModel</code> object with data that will be stored and saved on the OPG system.</p>
<p class="govuk-body">The <code>OPGLPADataModel</code> will be well documented and have all validation rules defined to work against.</p>
<p class="govuk-body">Sending an <code>LPAID</code> as a <code>GET</code> you will be able to get the status of the LPA.</p>
<p class="govuk-body">Sending a <code>DELETE</code> with the <code>LPAID</code> will delete the LPA from the OPG system.</p>
<h4 id="lpa-complete" tabindex="-1" class="govuk-heading-s">LPA Complete</h4>
<p class="govuk-body">Once you have completed the LPA Create flow with the correct OPG status being returned, you will be ready to complete the lpa. Doing a <code>GET</code> to this endpoint will tell OPG this is ready to be processed and will lock any amends to the LPA moving forward.</p>
<p class="govuk-body">You will be returned the final <code>OPGLPADataModel</code> data and any other corresponding data to confirm this action.</p>
<h3 id="using-the-api-flow" tabindex="-1" class="govuk-heading-m">Using the API Flow</h3>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/opg-as-a-service/using-api-flow.jpg" alt="How you would use the API to manage actors and LPA creation" /></p>
<p class="govuk-body">This example will take you through a potential flow of integrating with an API.</p>
<p class="govuk-body">We have included a path for users to sign in and do actions on our site. This is a way to help prevent duplicate and orphan records from appearing in the OPG system.</p>
<h4 id="create-lpa" tabindex="-1" class="govuk-heading-s">Create LPA</h4>
<p class="govuk-body">Send a request to <code>/lpa/create</code> with</p>
<ul class="govuk-list govuk-list--bullet">
<li>The integrations internal reference number</li>
<li>LPA Configuration data which optionally tells OPG what they need to do when a user first registers
<ul class="govuk-list govuk-list--bullet">
<li>Pay via OPG</li>
<li>Sign via OPG</li>
<li>Verify via OPG</li>
</ul>
</li>
<li>Returns a <code>LPAID</code> to store against the internal LPA record</li>
</ul>
<h4 id="create-actors" tabindex="-1" class="govuk-heading-s">Create Actors</h4>
<p class="govuk-body">Send a request to <code>/actor</code> with</p>
<ul class="govuk-list govuk-list--bullet">
<li><code>LPAID</code> that is stored from the Create LPA Endpoint call</li>
<li>List of <code>OPGActor</code></li>
<li>(optional) <code>EmailActors</code> setting to <code>true</code> will optionally send emails via Notify</li>
<li>(optional) <code>WebhookUrl</code> setting to tell OPG where to send confirmation for each actor completing their sign up. <strong>Note</strong>: This could be set at a higher level in the Organisation settings</li>
<li>Returns a list of unique, time based urls for each actor if <code>EmailActors</code> is <code>false</code></li>
</ul>
<h4 id="actors-log-in" tabindex="-1" class="govuk-heading-s">Actors Log In</h4>
<p class="govuk-body">Each Actor follows the links and does one of the following</p>
<ul class="govuk-list govuk-list--bullet">
<li>
<p class="govuk-body">Signs in to an existing account</p>
</li>
<li>
<p class="govuk-body">Confirms that this LPA should sit within their account</p>
</li>
<li>
<p class="govuk-body">Registers a new account</p>
</li>
<li>
<p class="govuk-body">If any LPA Configuration is set, do these activities</p>
</li>
<li>
<p class="govuk-body">LPA gets added to their account</p>
</li>
</ul>
<h4 id="webhook-or-poll" tabindex="-1" class="govuk-heading-s">Webhook or Poll</h4>
<p class="govuk-body">Once all actors have completed their sign up, the third party are able to carry on with completing and submitting the LPA.</p>
<h5 id="webhook" tabindex="-1" class="govuk-heading-s">Webhook</h5>
<p class="govuk-body">If a <code>WebhookUrl</code> was specified in the create actors step, OPG will send a message to a specific endpoint as set by the third party.</p>
<h5 id="polling-endpoint" tabindex="-1" class="govuk-heading-s">Polling Endpoint</h5>
<p class="govuk-body">If a <code>WebhookUrl</code> was not specified in the create actors step, the third party can check an endpoint on a regular basis to check for those actors being verified or not.</p>
<h4 id="submit-lpa" tabindex="-1" class="govuk-heading-s">Submit LPA</h4>
<p class="govuk-body">Once you have a <code>LPAID</code>, a LPA returning a status indicating all data is complete and all actors are verified, you can submit the LPA to OPG and lock it for processing.</p>
<h3 id="view-an-lpa" tabindex="-1" class="govuk-heading-m">View an LPA</h3>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/opg-as-a-service/view-an-lpa-api.jpg" alt="Diagram showing the View an LPA website as an API" /></p>
<p class="govuk-body">This example shows how we could offer the <a href="https://view-lasting-power-of-attorney.service.gov.uk/home" class="govuk-link" target="_blank" rel="noreferrer noopener">View a LPA<span class="govuk-visually-hidden">(opens in new tab)</span></a> service as a API Endpoint.</p>
<p class="govuk-body">With the ability to monitor third parties by their credentials, we can ensure high levels of trust and prevent bad actors from attacking.</p>
<p class="govuk-body">This will aid those in need of adding the service to their back end systems for better automation rather than the current manual process of using a web form.</p>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<p class="govuk-body">Due to the size of the market who use our site via an intermediary, we should enable third parties to integrate into our service in a programmatic way.</p>
<p class="govuk-body">Feedback from research done with these third parties suggests the more complicated route would be better so that they can have more fine grained control within their systems.</p>
<p class="govuk-body">As well as the user journey on the website, we should dedicate the same amount of effort to our integration service.</p>
<p class="govuk-body">This will require the business to look at Modernising not only in the form of a website feeding into a database, but as a more accessible service with multiple routes to interact with LPAs in the wider ecosystem.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.lastingpowerofattorney.service.gov.uk/stats" class="govuk-link" target="_blank" rel="noreferrer noopener">Lasting Power of Attorney Statistics<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.lastingpowerofattorney.service.gov.uk/home" class="govuk-link" target="_blank" rel="noreferrer noopener">Make a LPA<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://view-lasting-power-of-attorney.service.gov.uk/home" class="govuk-link" target="_blank" rel="noreferrer noopener">View a LPA<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.notifications.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Notify<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.payments.service.gov.uk/" class="govuk-link" target="_blank" rel="noreferrer noopener">GOV.UK Pay<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Using User Behaviour Analytics in place of Witnessing2022-01-31T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/user-behaviour-analytics-witnessing/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<blockquote class="govuk-inset-text">
<p class="govuk-body">"A signature is only useful as evidence if it provides a reliable link between the authorised signatory and the agreed terms. The stronger the evidence of that link, the more robust the signature. If the authenticity of a signature later comes to be contested (for example, in legal proceedings) it may be necessary to prove that the document in question was signed by the parties to it (or, where appropriate, their authorised signatory)."</p>
</blockquote>
<p class="govuk-body">We require an option to investigate replacing physical witnessing with a technology approach. There are many demographic factors that will affect our approach such as age, complexity and cost.</p>
<p class="govuk-body">This document outlines the most unobtrusive option that also gives us confidence and potential to grow in that confidence over time.</p>
<p class="govuk-body">Throughout the process we must ensure that any data collected is anonymous, secure and discarded as soon as it has exceeded its use.</p>
<p class="govuk-body">In a safeguarding issue during the LPA Process, we know the investigations team would use the Certificate Provider as the main contact to pursue. They use data from the LPA and elements from our case management system to track changes and find patterns of behaviour for safeguarding issues.</p>
<h2 id="user-behaviour-analytics-and-aws-fraud-detector" tabindex="-1" class="govuk-heading-l">User Behaviour Analytics and AWS Fraud Detector</h2>
<p class="govuk-body">AWS Fraud Detector (FD) allows us to feed our data into a Machine Learning (ML) service to look for common patterns in fraudulent behaviour and assess our confidence that the person who is interacting with our service is who they say they are.</p>
<p class="govuk-body">We can put anonymised data from our existing Case Management service into it, such as our timeline events, but also data from users using the Modernising service.</p>
<p class="govuk-body">We can capture all behavioural data from all parties making an LPA and assess key data points.</p>
<p class="govuk-body">A few examples of this could be:</p>
<ol class="govuk-list govuk-list--number">
<li>Are all logins from a user coming from the same IP Address</li>
<li>Is the IP Address within the country they have provided on sign up</li>
<li>Does the user change their address or other fields more than once</li>
<li>Is there an appropriate time gap between each stage of form filling</li>
<li>Are there any negative patterns to users logging back in e.g. x number of failed attempts</li>
</ol>
<p class="govuk-body">Each rule can be weighted accordingly and adjusted over time. As we discover new patterns of fraud and misuse, while working closely with the Investigations team, we can amend the rules to be more accurate using real life examples.</p>
<p class="govuk-body">As we discover more areas and patterns within our flow we can also add or remove some. We can also take this information and build on it over time through interactions with our call centers to find patterns in how people act after completing a LPA.</p>
<p class="govuk-body">If we use the confidence score after a user journey, we can potentially use this in place of the Witness and also raise awareness with case workers which could potentially pre-empt any future fraud.</p>
<p class="govuk-body">This process could potentially solve 3 specific areas of concern.</p>
<ol class="govuk-list govuk-list--number">
<li>Replace witnessing</li>
<li>Detect Fraud pre and post LPA creation</li>
<li>Reduce mass attempts for making LPAs</li>
</ol>
<p class="govuk-body">User Behaviour Analytics is a great tool, but it should be used with other human processes and technology, not be solely relied upon. This process is only as good as the data you provide it and your understanding of your users.</p>
<h2 id="digital-signature" tabindex="-1" class="govuk-heading-l">Digital Signature</h2>
<p class="govuk-body">Given the definition of a signature, we should ensure that not only have we collected the data of the person filling in the form at that time, but also indicate using technology that they are who they say they are.</p>
<p class="govuk-body">We can create a digital signature that contains entered information and validation processes that have taken place. But as a final step, we should ensure, based on a confidence score of all parties involved in the process that we are confident they are authentic.</p>
<p class="govuk-body">We should therefore ensure before creating the signature that we run the data through a model to assign a confidence score and either create the signature then or hold off for investigation.</p>
<p class="govuk-body">If we do this, it will be an asynchronous process and will have to be dealt with appropriately within the user flow.</p>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<p class="govuk-body">To conclude, I believe that we should investigate using User Behaviour Analytics scores alongside strong authentication techniques to see whether we can replace a physical witness with a technology based solution.</p>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li>AWS Fraud Detector (<a href="https://aws.amazon.com/fraud-detector/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://aws.amazon.com/fraud-detector/<span class="govuk-visually-hidden">(opens in new tab)</span></a>)</li>
</ul>
Verifiable Credentials - JSON-LD ZKP with BBS+ Signatures2021-08-12T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/verifiable-credentials-bbs/<h2 id="introduction" tabindex="-1" class="govuk-heading-l">Introduction</h2>
<p class="govuk-body">With the increased rise in requirements to move to a digital version of paper based credentials due to Covid, the idea of Verifiable Credentials as a solution has drastically increased.</p>
<p class="govuk-body">Reduced ability to process paper documents due to health guidelines in offices and access postal services, has driven a move to more online services.</p>
<p class="govuk-body">Previous services that were reliant on paper now face a challenge of how to move to a new way of working.</p>
<p class="govuk-body">With any new technology or standard that undergoes a rapid rise in popularity, there is a danger of the fundamental ethical, privacy and interoperability standards being forgotten.</p>
<p class="govuk-body">With Verifiable Credentials, this is especially important due to the information they hold and the potential for misuse.</p>
<p class="govuk-body">There are multiple companies who have taken the <a href="https://www.w3.org/TR/vc-data-model/" class="govuk-link" target="_blank" rel="noreferrer noopener">Verifiable Credentials Data Model<span class="govuk-visually-hidden">(opens in new tab)</span></a> and created their own wallets to store these credentials. Companies include</p>
<ol class="govuk-list govuk-list--number">
<li><a href="https://tykn.tech/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://tykn.tech/<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.evernym.com/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.evernym.com<span class="govuk-visually-hidden">(opens in new tab)</span></a><br />
<a href="https://www.postoffice.co.uk/identity/easyid" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.postoffice.co.uk/identity/easyid<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/decentralized-identifier-overview" class="govuk-link" target="_blank" rel="noreferrer noopener">https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/decentralized-identifier-overview<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://auth0.com/blog/verifiable-credentials-with-auth0-and-mattr/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://auth0.com/blog/verifiable-credentials-with-auth0-and-mattr/<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ol>
<p class="govuk-body">A digital wallet is a way of securely storing your VCs and using them. The use of these would mirror the way NFC works when storing your credit card details on your phone.</p>
<p class="govuk-body">At a certain point these digital wallets will become a part of devices such as a phone’s operating system. There is a risk the wallets that store these credentials may face a fragmented market with a race to the most successful standard risking interoperability issues.</p>
<p class="govuk-body">We should ensure that before we decide on the use of a particular standard or implementation, that it is the right thing to do and that we reduce any potential risk of damage to society and the citizens we serve.</p>
<h2 id="what-is-decentralised-identity-(did)%3F" tabindex="-1" class="govuk-heading-l">What is Decentralised Identity (DID)?</h2>
<p class="govuk-body">Decentralised identity, also sometimes referred to as self-sovereign identity, is a concept that aims to give back control of identity data to consumers through the use of an identity wallet or personal data store. In this way, data can be verified by a trusted source (such as the government) and then issued to an individual to store in a location of their choice.</p>
<p class="govuk-body">By controlling what information is shared from the wallet to requesting 3rd parties (e.g., when registering for a new online service), the user is able to better manage their identity online and privacy – for example, only presenting proof that they’re over 18 without needing to reveal their date of birth.</p>
<p class="govuk-body">Source: <a href="https://www.gsma.com/identity/decentralised-identity" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.gsma.com/identity/decentralised-identity<span class="govuk-visually-hidden">(opens in new tab)</span></a></p>
<h2 id="what-is-json-ld-zkp-with-bbs%2B-signatures%3F" tabindex="-1" class="govuk-heading-l">What is JSON-LD ZKP with BBS+ Signatures?</h2>
<p class="govuk-body">BBS+ is a pairing-based cryptographic signature used for signing one or more messages.</p>
<p class="govuk-body">Pairing-based cryptography has been used to construct identity-based encryption (IBE), which allows a sender to encrypt a message without needing a receiver’s public key to have been certified and distributed in advance.</p>
<p class="govuk-body">JSON-LD is a linked data proof that consists of information about the proof, parameters required to verify it, and the proof of value itself.</p>
<p class="govuk-body">Combined together, these give a verified credential the following benefits:</p>
<ol class="govuk-list govuk-list--number">
<li>Anonymous in its use</li>
<li>Revocable</li>
<li>Selective disclosure</li>
<li>Compound proofs</li>
<li>Zero-knowledge proofs</li>
</ol>
<p class="govuk-body">These areas are briefly explained below. For a deeper dive into the technical side of BBS+, JSON-LD and all other technology mentioned, references are given at the bottom of this document for further reading.</p>
<p class="govuk-body">All information in this document has been referenced from these sources.</p>
<h3 id="selective-disclosure" tabindex="-1" class="govuk-heading-m">Selective Disclosure</h3>
<p class="govuk-body">Within VCs you are able to take selective attributes and only reveal those instead of all the attributes.</p>
<p class="govuk-body">For example, presenting a driving licence to prove your age should not require you to disclose all other information on this credential to prove it. All you should need is a boolean response to the query you are asking.</p>
<p class="govuk-body">When you present your VC, you could be prompted to answer, “Are you over 21?”</p>
<p class="govuk-body">The VC then should be able to present the answer without disclosing all other information to the system requesting it.</p>
<blockquote class="govuk-inset-text">
<p class="govuk-body">Imagine going to a bar, but instead of showing your ID, which reveals everything, you only prove that you are old enough to get in - without even needing to reveal your birth date!</p>
</blockquote>
<p class="govuk-body">This is a key advantage of physical documents where you have to hand over your entire ID, to confirm a specific personal attribute.</p>
<h3 id="compound-proofs" tabindex="-1" class="govuk-heading-m">Compound Proofs</h3>
<p class="govuk-body">Compound proofs is a way of combining multiple VCs into one queryable VC without generating a new VC.</p>
<p class="govuk-body">This allows you to combine multiple attributes from different identities all without disclosing any other data about yourself, only sharing the minimum data.</p>
<h4 id="scenario" tabindex="-1" class="govuk-heading-s">Scenario</h4>
<p class="govuk-body">You are going on holiday and you are required to present at various checkpoints before boarding a plane, the following documents:</p>
<ol class="govuk-list govuk-list--number">
<li>A valid passport</li>
<li>A yellow fever vaccine pass</li>
<li>Boarding pass</li>
</ol>
<p class="govuk-body">Compound proofs allow you to combine all these passes into one queryable VC and use selective disclosure to verify only the required attributes at different stages.</p>
<h4 id="example" tabindex="-1" class="govuk-heading-s">Example</h4>
<p class="govuk-body">You are buying a couple of bottles of wine from Duty Free. Currently, you need to present your boarding pass and passport to confirm you are eligible to purchase that item and the amount.</p>
<p class="govuk-body">Instead of handing over both of these documents, the checkout operator can scan your VC querying with a question.</p>
<p class="govuk-body">"Are you able to purchase these items?"</p>
<p class="govuk-body">This can have a combined check for the following</p>
<ol class="govuk-list govuk-list--number">
<li>Are you over 18?</li>
<li>Does the destination you are travelling to allow this item?</li>
<li>Does the destination you are travelling to allow the quantity of this item?</li>
<li>Is this a valid boarding pass?</li>
<li>Is this a valid passport?</li>
</ol>
<p class="govuk-body">All these are then confirmed as being true or false, rather than the system pulling this information, storing it and doing the query internally.</p>
<h3 id="correlating-signatures-and-zero-knowledge-proof-signatures" tabindex="-1" class="govuk-heading-m">Correlating signatures and zero-knowledge proof signatures</h3>
<p class="govuk-body">On previous versions of VCs, when you are issued one by an issuer, it will uniquely sign your credential so that it can be verified.</p>
<p class="govuk-body">The downside of this means, everywhere you use your credential, you can be tracked and monitored using this unique identifier through the verification systems in place.</p>
<p class="govuk-body">A VC ends up being the equivalent of a global super cookie across your digital and physical life. You should not be in a position to be tracked while using a VC.</p>
<p class="govuk-body">BBS+ removes this and replaces it with a unique proof of the issuer's signature without sharing the signature itself.</p>
<p class="govuk-body">This means every time you use a VC as a proof, you never share the unique identifier in the handshake. This results in:</p>
<ol class="govuk-list govuk-list--number">
<li>The Issuer is unable to see how you are using your VCs</li>
<li>The Verifier you are interacting with has no way to correlate you</li>
<li>Multiple companies consuming parts of your data cannot collaborate to build a profile on your shared data</li>
</ol>
<p class="govuk-body">Using zero-knowledge proofs, you only show exactly what the verifier needs without exposing any other information.</p>
<p class="govuk-body">This is important for the privacy of the user. Using cookies in browsers to track a user's habits then selling and sharing this data is a current issue we face. Without zero-knowledge proofs in place, we enable this same level of tracking in the physical world too.</p>
<h2 id="conclusion" tabindex="-1" class="govuk-heading-l">Conclusion</h2>
<p class="govuk-body">Verifiable credentials have a key place in the future. Many governments and organizations around the world are already implementing their own versions and schemas of verifiable credentials. A list of a few examples are below</p>
<ol class="govuk-list govuk-list--number">
<li>Scottish Government via Okta UK (<a href="https://blogs.gov.scot/digital/2020/05/13/digital-identity-scotland-prototype-draws-to-a-close/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://blogs.gov.scot/digital/2020/05/13/digital-identity-scotland-prototype-draws-to-a-close/<span class="govuk-visually-hidden">(opens in new tab)</span></a>)</li>
<li>Post Office (<a href="https://www.postoffice.co.uk/identity" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.postoffice.co.uk/identity<span class="govuk-visually-hidden">(opens in new tab)</span></a>)</li>
<li>Evernym (<a href="https://www.evernym.com/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.evernym.com/<span class="govuk-visually-hidden">(opens in new tab)</span></a>)</li>
<li>Microsoft (<a href="https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/decentralized-identifier-overview" class="govuk-link" target="_blank" rel="noreferrer noopener">https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/decentralized-identifier-overview<span class="govuk-visually-hidden">(opens in new tab)</span></a>)</li>
<li>RSA (<a href="https://www.rsa.com/en-us/blog/2021-07/verifiable-credentials-the-key-to-trust-on-the-next-web" class="govuk-link" target="_blank" rel="noreferrer noopener">https://www.rsa.com/en-us/blog/2021-07/verifiable-credentials-the-key-to-trust-on-the-next-web<span class="govuk-visually-hidden">(opens in new tab)</span></a>)</li>
</ol>
<p class="govuk-body">This does not mean we should accept them in any form that does not hold to the highest standards of privacy and security.</p>
<p class="govuk-body">JSON-LD ZKP with BBS+ signatures at a minimum will provide us with assurance while maintaining privacy throughout the user journey.</p>
<p class="govuk-body">A mindset change from modern ways of handling data in services across the internet will be required for this technology to be adopted. We are so used to collecting more information than we need and storing it, forgetting that we only require little to give citizens the services they require.</p>
<p class="govuk-body">There will be legitimate concerns around fraud protection, auditing and national security threats, but with the right thinking, these issues can be overcome and should not be used as excuses.</p>
<p class="govuk-body">We should move forward with verifiable credentials in the future and prepare whatever solution we come up with, with the intent of being able to use them.</p>
<h2 id="acronyms" tabindex="-1" class="govuk-heading-l">Acronyms</h2>
<ol class="govuk-list govuk-list--number">
<li>Verifiable Credentials - VC</li>
<li>Decentralised Identity - DID</li>
<li>Zero-knowledge Proofs - ZKP <a href="https://en.wikipedia.org/wiki/Zero-knowledge_proof" class="govuk-link" target="_blank" rel="noreferrer noopener">https://en.wikipedia.org/wiki/Zero-knowledge_proof<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li>BBS+ - (named after the original authors Boneh, Boyen, and Shacham)</li>
<li>LD - Linked Data</li>
<li>JSON-LD - JSON formatted version of Linked Data</li>
</ol>
<h2 id="references" tabindex="-1" class="govuk-heading-l">References</h2>
<ul class="govuk-list govuk-list--bullet">
<li><a href="https://www.youtube.com/watch?v=dXlRIrrb9f4" class="govuk-link" target="_blank" rel="noreferrer noopener">What BBS+ Means For Verifiable Credentials - (YouTube)<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.evernym.com/blog/bbs-verifiable-credentials/" class="govuk-link" target="_blank" rel="noreferrer noopener">Why the Verifiable Credentials Community Should Converge on BBS+ - Brent Zundel<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://www.lfph.io/wp-content/uploads/2021/02/Verifiable-Credentials-Flavors-Explained.pdf" class="govuk-link" target="_blank" rel="noreferrer noopener">Verifiable Credentials Flavors Explained<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://w3c-ccg.github.io/ld-proofs/" class="govuk-link" target="_blank" rel="noreferrer noopener">https://w3c-ccg.github.io/ld-proofs/<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://github.com/mattrglobal/jsonld-signatures-bbs" class="govuk-link" target="_blank" rel="noreferrer noopener">https://github.com/mattrglobal/jsonld-signatures-bbs<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://github.com/mattrglobal/bbs-signatures-spec" class="govuk-link" target="_blank" rel="noreferrer noopener">https://github.com/mattrglobal/bbs-signatures-spec<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://json-ld.org/" class="govuk-link" target="_blank" rel="noreferrer noopener">JSON for Linked Data<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
<li><a href="https://doubleoctopus.com/security-wiki/encryption-and-cryptography/pairing-based-cryptography/" class="govuk-link" target="_blank" rel="noreferrer noopener">Pairing Based Cryptography (PBC)<span class="govuk-visually-hidden">(opens in new tab)</span></a></li>
</ul>
Tech Ethics in our decision making reference2021-06-28T00:00:00Zhttps://docs.modernising.opg.service.justice.gov.uk/research-development/articles/tech-ethic-decisions/<h2 id="introduction-to-ethics-in-tech" tabindex="-1" class="govuk-heading-l">Introduction to Ethics in tech</h2>
<p class="govuk-body">Technology is not a product, it's a system. What we mean by this is that technology is never only an app, a product or a service. Rather, <strong>technology is weaved into social systems by facilitating how people transact with the world around them</strong>.</p>
<p class="govuk-body">Social systems include, but are not limited to, the justice system, the information system, the healthcare system but also less tangible systems like power or race.</p>
<p class="govuk-body"><strong>Data is a by-product</strong> of these transactions.</p>
<p class="govuk-body">It is therefore crucial that <strong>when we design digital products and services, we think about the impact we’re having on the systems in which people live their lives.</strong></p>
<p class="govuk-body">The below questions support ethical best practice by encouraging considerations of the wider social context in which designs/solutions will live.</p>
<p class="govuk-body">May you design with moral imagination and deploy with care.</p>
<p class="govuk-body"><img src="https://docs.modernising.opg.service.justice.gov.uk/assets/images/research-development/tech-ethic-decisions-1.png" alt="Diagram showing a mobile phone in the middle with overlapping areas of services including justice system, social network systems, system of legal services, health and care systems and financial systems" title="Diagram showing a mobile phone in the middle with overlapping areas of services including justice system, social network systems, system of legal services, health and care systems and financial systems" /></p>
<h2 id="mitigate-against-being-tech-deterministic" tabindex="-1" class="govuk-heading-l">Mitigate against being tech deterministic</h2>
<p class="govuk-body">What problem are we solving with this technology?</p>
<p class="govuk-body">What value is created by solving this problem?</p>
<p class="govuk-body">Have we already decided to solve this problem using technology?</p>
<p class="govuk-body">Does this problem really benefit from a technological fix or have we not exercised our imaginations enough?</p>
<h2 id="ensure-you-conduct-inclusive-research" tabindex="-1" class="govuk-heading-l">Ensure you conduct inclusive research</h2>
<p class="govuk-body">How can we use participatory and inclusive research methods that enable us to learn from a range of individuals and communities across society?</p>
<p class="govuk-body">Can we identify a marginal group/community who is currently underserved or worse, ignored, in this area? What are their specific needs and what are the specific barriers and pain points they face? Have we designed with them in mind?</p>
<h2 id="think-big-and-imagine-what-the-impact-of-your-work-can-be" tabindex="-1" class="govuk-heading-l">Think big and imagine what the impact of your work can be</h2>
<p class="govuk-body">Locate this product/service in social and cultural systems. Now imagine we are wildly successful in our endeavours. What is the impact on the individual, communities or environment?</p>
<p class="govuk-body">Imagine suddenly everyone wants to follow our lead. Which option would leave the world better off?</p>
<p class="govuk-body">Which option would create the best outcome for communities, as opposed to only certain members?</p>
<p class="govuk-body">Which option would create the greatest good, for the greatest number of people? (remember to define what good is for your project)</p>
<p class="govuk-body">Which option would create the most happiness and the least displeasure for most people? (remember to define what happiness is for your project)</p>
<p class="govuk-body">Which option would make you and the team feel most proud if it became a headline in the national news?</p>
<p class="govuk-body">Which option treats all people equally rather than favours one group over others?</p>
<h2 id="interrogate-your-data-decisions" tabindex="-1" class="govuk-heading-l">Interrogate your data decisions</h2>
<p class="govuk-body">What data are we collecting when someone uses this service?</p>
<p class="govuk-body">Does every piece of data either add value to the service user and/or uphold the integrity of the service?</p>
<p class="govuk-body">Is it clear to service users what data we are collecting from them, how this benefits them and how it will be kept safe?</p>
<p class="govuk-body">User needs versus user rights. Have we designed for the right to decline, the right to know more and the right to question and contest?</p>
<p class="govuk-body">Have we designed our data practices, design and research processes, and technical systems so that they can be audited? Who is responsible for maintaining these and who is ultimately accountable for them?</p>