myGov is a simple and secure way to access government services online in one place but increasingly, it’s also a target for scammers.
To help protect people’s accounts, we’ve been strengthening myGov’s security and authentication processes, including implementing recommendations from last year’s Commonwealth Ombudsman’s Keeping myGov Secure report.
We’ve now completed 3 of the 4 report recommendations and both suggestions.
Over the past 12 months, we’ve:
- added more controls for sensitive account changes, like banking details, to help prevent fraudulent transactions
- introduced multifactor authentication steps when updating myGov account settings
- strengthened customer authentication processes when linking Centrelink, Medicare and Child Support online accounts to myGov, with other improvements scheduled throughout this financial year
- worked closely with myGov member services to better identify and manage shared risks, share operational updates and respond to suspected fraudulent activity
- reviewed and updated our customer communications to help people to keep their myGov account safe and provide guidance and support to people affected by scams and fraud
- introduced the Security Review feature, which prompts customers to switch to stronger sign in options.
Since the Security Review feature was implemented in December 2024, almost 3.7 million myGov accounts now use stronger sign in methods, such as passkeys or Digital ID.
Work to address the final recommendation is progressing well. In the coming months, we’ll:
- add additional online security measures to help stop fraudulent payment redirections
- roll out a new support tool that will allow our staff to complete technology assisted authentication processes across our services.