You have 0 free articles left this month.
Register for a free account to access unlimited free content.
accountants daily logo

‘More secure than any credential’: ATO plays down myGovID security concerns


From security concerns to clashes with workplace policies, the transition to myGovID has caused a few headaches within the profession, but the ATO believes worries are misplaced.

By Jotham Lian 12 minute read

As the profession prepares for the move to myGovID, a number of common concerns have been raised, namely around the security of myGovID and how users’ identities will be kept safe, and how mandating the use of a mobile phone goes against a firm’s workplace practice.

Speaking to Accountants Daily, ATO deputy commissioner and chief digital officer John Dardo said the Tax Office had undertaken various rounds of consultation with the industry and understood the different concerns.

On the security front, despite being unable to disclose the rigorous testing process due to industry safeguards, Mr Dardo was adamant that practitioners would have little to be worried about.


“This is more secure than any credential that has ever been made available to the practitioner community in the past and it certainly is more secure than email and SMS second factor [authentication],” Mr Dardo said.

“[However], the user stuff is out of our control — if somebody has a mobile device and they start to enrol the thumbprints and fingerprints of their whole street, we can’t control that.

“As long as the user is doing the right things, this is by far the most secure credential we’ve ever built.”

Turning to the use of mobile devices in the workplace, Mr Dardo said that because myGovID is only supported on compatible smart devices, firms might need to change their workplace policies.

He noted the two extremes the ATO had heard in its consultation with the industry.

“One extreme, and some of the big practices have told us this, including almost everyone in the big four, is that if they don’t trust their staff enough to have a mobile phone in the workplace, they don’t employ them and it is a really simple threshold for them, and that’s our policy in the ATO as well,” Mr Dardo said.

“The other extreme is that ‘we don’t trust our staff and we dont let them have a phone in the workplace because it is unprofessional’, and our response to them is we get it, but youre going to have to change your business practice.”

Mr Dardo also stressed that the mobile phone would only be required in the log-on step.

“This is just the key to get in. If you are maintaining activity on that device, you dont use the key again until theres a 25-minute lapse in activity,” he said.

“As long as their computer is not lapsing every 25 minutes, they are not going to be using the key again until maybe after lunchtime or after an appointment — they might be using it four or five times a day, but they are not going to be using it 16 times in a day.

“They only need it to key in and they can chuck the phone back in their drawer or back in their bag and keep working — they dont have to look at their phone every minute.”

Jotham Lian

Jotham Lian


Jotham Lian is the editor of Accountants Daily, the leading source of breaking news, analysis and insight for Australian accounting professionals.

Before joining the team in 2017, Jotham wrote for a range of national mastheads including the Sydney Morning Herald, and Channel NewsAsia.

You can email Jotham at: This email address is being protected from spambots. You need JavaScript enabled to view it. 

You are not authorised to post comments.

Comments will undergo moderation before they get published.

accountants daily logo Newsletter

Receive breaking news directly to your inbox each day.