Government systems are under more pressure than ever to deliver services that are faster, more secure, and more accessible. At the same time, fraud is growing more sophisticated and constituents expect the same ease online that they get from their bank or their phone. Caught between those forces, most agencies are quietly losing ground in the same place: identity.

Across agencies, a consistent pattern has emerged. Identity is treated as a step buried inside a workflow rather than as the foundation the workflow sits on. The result is fragmented experiences for constituents, more exposure to fraud, and a heavy operational burden that traces directly back to identity failures.

There is a better model, and a growing number of agencies are moving toward it. In this model, identity is resolved once, upfront, in a single experience, and then reused everywhere it is needed. Identity stops generating downstream work and starts eliminating it.

For leaders, the shift comes down to three priorities: establish identity as a shared front-door service across systems, invest in identity that completes verification rather than merely attempting it, and remove the redundant verification steps that create friction. Agencies that make this shift will not just improve security and experience. They will change how their systems operate.

The Shift: Identity Has Become a System Constraint

When I took over at the Virginia Employment Commission, the first thing I noticed wasn’t in a report or a dashboard. It was in the call center.

The phones were ringing nonstop, but people weren’t calling about eligibility rules or benefit amounts. They were calling because they couldn’t get in. They couldn’t log in, they couldn’t prove who they were, and they were stuck somewhere in the middle of the process.

At one point, over half of our call center volume was tied to login, authentication, and identity issues — work that had nothing to do with eligibility and everything to do with access. That isn’t a customer service problem; it’s a system design problem. Our agents had effectively become the identity layer, walking claimants through problems that should have been solved before they ever reached a caseworker. We hadn’t built a front door. We had built a maze.

The Real Problem: Identity Is Treated as a Step, Not a System

What I saw at VEC is not unique. Across states and agencies, systems are being modernized quickly, often for the first time in a generation, while attacks grow in scale and sophistication. In one recent example, two public retirement systems absorbed more than 500,000 credential stuffing attempts over a single weekend with no known compromise of member accounts, because identity was handled at the front door rather than deep inside the application.

The pressure is compounding from several directions at once. Fraud attempts are increasingly automated and distributed. Digital adoption is expanding to broader populations whose data profiles vary widely. And agencies are being asked to deliver more services, faster, with the same or fewer resources.

Despite all of this, identity is still typically embedded inside the workflow rather than placed in front of it. The same constituent gets checked at login, again during the application, again at eligibility determination, and again at appeal. Every one of those checkpoints is another place the process can break. And when identity breaks, it creates downstream work: calls, manual reviews, and case escalations. Most of that work adds no value. It is simply the system compensating for its own uncertainty about who it is dealing with.

A Better Model: Three Shifts in Identity Architecture

The agencies that scale share three architectural shifts that separate them from the ones that stall.

The first is moving from fragmented checks to front-door identity. Instead of scattering verification throughout the workflow, leading systems resolve identity once, at the point of entry. That single move eliminates repeated verification, inconsistent identity states, and the friction those create further down the line.

The second is moving from re-verification to reusable identity. Once a person’s identity is established, it should carry forward with them. They should not have to re-verify for each new program, re-enter the same information, or repeat a process they already completed. Identity becomes a persistent layer that works across systems rather than a toll booth at every door.

The third, and most important, is moving from attempt-based verification to completion-based identity. Most systems only attempt to verify identity. If a constituent fails the automated check, the process simply stops and the problem is pushed back to the agency. A modern identity layer takes responsibility for finishing the job. It adapts its methods, offers multiple pathways, and resolves the person’s identity within the same experience rather than burdening an already resource constrained government agency.

What This Looks Like in Practice

When identity is handled as a foundational layer, fraud is caught at the front door rather than chased after dollars go out, digital completion rates rise, constituents move through services without interruption, and identity failures rarely turn into operational work.

The difference shows up most clearly at the moment a verification would otherwise fail. In most systems, that failure becomes a problem the constituent has to solve: a call to a contact center, a trip to a field office, or a manual review that can take days. That handoff is where eligible people give up and where staff time disappears.

In a well-designed system, that handoff doesn’t happen. The system adapts and resolves the person’s identity inside the same session — including completing verification live over video chat, or in person, when an automated check isn’t enough — without sending anyone elsewhere. That ability to finish the job through more than one pathway is what keeps a thin file or a data mismatch from becoming a dead end. It is also what supports lower call volume, higher digital adoption, and reduced manual workload at the same time.

Operational Impact: Identity as a Driver of System Performance

When identity is resolved upfront, the operational effects compound. Call center demand drops, manual reviews decrease, data quality improves because each constituent maps to a single verified identity, and fraud is reduced at its source rather than chased after the fact.

Most importantly, the agency gets capacity back. Capacity to focus on complex cases, to work down backlogs, and to actually improve service delivery. I saw this firsthand at VEC. Before, our staff spent their days helping people get into the system. Afterward, they were focused on delivering the mission they were hired to serve.

Implications for Government Leaders

This is not a technology decision. It is a structural one. As digital demand and fraud both keep climbing, systems that depend on repeated identity checks will not scale. Identity is a leverage point, and small changes here reshape the entire system.

Leaders should prioritize five moves. Re-architect identity as a shared service that sits at the front of the experience rather than inside individual workflows. Invest in completion-based identity by choosing solutions responsible for finishing verification, not just attempting it. Eliminate redundant verification steps across systems and programs so a constituent verifies once. Align fraud strategy to identity by preventing fraud at the point of entry rather than relying on downstream detection. And measure the operational impact by tracking call volume, manual reviews, and processing time. If identity isn’t reducing work, it isn’t solving the problem.

The Future: A Divide Is Emerging

A divide is opening between two kinds of organizations. Those that treat identity as infrastructure will scale their digital services, reduce operational burden, and improve the constituent experience. Those that don’t will keep absorbing identity failures as an operational cost, keep struggling with adoption, and keep leaning on manual processes to fill the gap. That gap will only widen.

Closing Perspective

Identity shouldn’t create work for your system. In most systems today, when identity fails, it becomes a call, a case, or a line at an office, and that work doesn’t disappear. It just shifts onto your staff.

In a well-designed system, it rarely gets that far. It gets resolved before it ever becomes work. That is the difference between systems that try to verify identity and systems that actually do.