The State of Digital Identity in Australia and New Zealand: 2026 Landscape Report

Australia's Digital Identity Framework

The Trusted Digital Identity Framework (TDIF)

The TDIF is Australia's national framework for digital identity services. It establishes standards for how digital identity services must operate, including requirements for identity proofing, authentication, fraud management, privacy protection, and accessibility.

The framework defines three identity proofing levels. Level 1 (basic) requires a self-assertion of identity. Level 2 (standard) requires identity evidence to be verified against authoritative sources. Level 3 (strong) requires identity evidence to be verified with in-person or equivalent assurance.

For most financial services and regulated activities, Level 2 or Level 3 assurance is required. This means identity documents must be verified against government databases — not just visually inspected.

The Digital Identity Act

The Digital Identity Act establishes the legislative foundation for Australia's digital identity system. It creates a legal framework for digital identity services, establishes the role of the Digital Identity Regulator, and provides privacy protections specific to digital identity transactions.

Key provisions include the requirement that participation in the digital identity system is voluntary (individuals cannot be required to use it), privacy protections that limit how identity data can be used and shared, and the establishment of accreditation requirements for identity service providers operating within the framework.

myGovID

myGovID is the Australian Government's digital identity application. It allows individuals to prove their identity online for government services and, increasingly, for private sector interactions. myGovID uses a multi-factor authentication approach: the user's mobile device serves as a possession factor, and their identity documents (verified against government databases) serve as the knowledge factor.

For verification providers, myGovID integration provides a high-assurance identity signal — if a user authenticates through myGovID, their identity has been verified against multiple government databases. However, not all users have myGovID, and not all use cases support myGovID authentication, so providers must continue to support traditional document-based verification alongside digital identity methods.

AML/CTF Act Requirements

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) establishes identity verification obligations for reporting entities in Australia. The Act is administered by AUSTRAC and requires customer identification and verification at onboarding, ongoing customer due diligence, transaction monitoring and reporting, and record keeping for a minimum of seven years.

The AML/CTF Rules specify acceptable methods for identity verification, including document verification (matching customer-provided information against reliable and independent sources) and electronic verification (using electronic data to verify customer identity). The rules provide specific guidance on which documents are acceptable and how electronic verification must be conducted.

New Zealand's Digital Identity Landscape

RealMe

RealMe is New Zealand's digital identity service, operated by the Department of Internal Affairs (DIA). It provides two levels of service: RealMe login (a username and password for accessing government services) and RealMe verified identity (a verified digital identity that can be used for identity proofing).

RealMe verified identity requires users to complete an in-person verification process at a participating PostShop, where their identity is confirmed against a New Zealand passport or other accepted document. Once verified, the RealMe identity can be used to prove identity online without re-presenting physical documents.

Electronic Identity Verification Act

The Electronic Identity Verification Act 2012 establishes the legal framework for electronic identity verification in New Zealand. The Act provides for the use of electronic identity credentials, establishes privacy protections, and creates the legal basis for accepting electronic identity verification as equivalent to in-person verification.

The Act supports the development of a broader digital identity ecosystem in New Zealand, though adoption has been slower than in Australia. The smaller market size and the strong existing identity infrastructure (based on the NZ passport and NZ driver's license) have reduced the urgency for a comprehensive digital identity overhaul.

AML/CFT Act

New Zealand's Anti-Money Laundering and Countering Financing of Terrorism Act 2009 establishes identity verification obligations for reporting entities. The Act requires customer due diligence including identity verification, ongoing monitoring, and suspicious transaction reporting to the New Zealand Police Financial Intelligence Unit.

Acceptable identity verification methods include document verification (NZ passport, NZ driver's license, NZ firearms license) and electronic verification. The legislation allows for a risk-based approach where the level of verification is proportionate to the risk of the customer relationship.

Cross-Border Considerations

Trans-Tasman Recognition

Australia and New Zealand share a close economic relationship under the Closer Economic Relations Trade Agreement. For digital identity, this creates an opportunity for cross-border recognition — where an identity verified in Australia could be accepted in New Zealand and vice versa.

Progress on formal cross-border digital identity recognition has been incremental. The two countries are aligned in their regulatory approaches (both follow FATF recommendations) and their identity document standards (both issue ICAO-compliant passports). However, technical interoperability between myGovID and RealMe is not yet established.

For businesses operating in both markets, the practical implication is that separate verification processes are required for Australian and New Zealand customers. A user verified through myGovID cannot automatically use that verification in New Zealand, and a RealMe verified identity is not automatically accepted in Australia.

Document Types

Australia accepts Australian passport, Australian driver's license (varies by state/territory), Medicare card, Australian citizenship certificate, ImmiCard, and birth certificate (varies by state). New Zealand accepts NZ passport, NZ driver's license, NZ firearms license, NZ birth certificate, and NZ citizenship certificate.

For platforms serving both markets, the verification system must support the full range of document types from both countries, including state-level variations in Australian driver's licenses (each state/territory issues its own design) and the evolving format of New Zealand's digital driver's license.