Australian Government services such as myGov, Centrelink and Medicare are highly sensitive to identity and privacy, requiring strong authentication and security controls. At the same time, many users face access barriers due to limited connectivity, devices or digital capability. Our client sought to address this gap through a public-access kiosk enabling citizens to securely access government services from community centres, service hubs and other public locations. For this model to be viable, the solution needed to balance strong security, privacy-first handling of biometric data, ease of use without staff assistance and compliance with government standards.

Buckham & Duffy was engaged to design and deliver a rapid proof-of-concept demonstrating secure, privacy-first biometric access to government services via a public kiosk. Delivery was completed within a four-week timeframe and focused on architecture, integration and compliance validation.

A multi-factor authentication pipeline was designed and implemented combining:

• 01Finger-vein recognition as the primary biometric factor
• 02Facial recognition with liveness detection as a secondary factor.

Both biometric modalities were required to succeed for establishment, needing to achieve AAL2-equivalent security levels. Fallback PIN and password options were included for accessibility while maintaining security standards. The integrated hardware and software solution was validated through proof-of-concept testing for accuracy, performance and resistance to spoofing.