The Australian revealed late last year that former prime minister Kevin Rudd’s petition calling for a royal commission into the media had at least 1000 fake signatories generated by a Bangladeshi man paid $58 by Australian blogger Nicholas Smith, who wanted to test the ­vulnerabilities of parliament’s e-petition system.

A parliamentary committee ­investigating the security of the e-petition system has been advised on how to stop embarrassing infiltrations happening again.

The commonwealth Department of Parliamentary Services — responsible for running and securing the Rudd petition — informed the committee it was looking at SMS verification and digital identity markers to tighten controls over petitions. “This would enable the user to provide a mobile phone number where a validation code would be sent for finalisation of the signature process,” the DPS submission reads.

“This is technically feasible, noting this process is not required when completing a paper petition and these services are provided through a third party and would add a nominal ongoing cost to each signature.”

Currently, a signatory needs to give only an email address and ­declare they are an Australian citizen to sign a petition to parliament. The DPS submission also said digital identity markers being developed by government could be used to secure e-petitions in ­future, but it was not feasible to use them in the immediate future.

The submission to the inquiry — chaired by Nationals MP Ken O’Dowd and including government and opposition members — makes no reference to the infiltration of bots and fake names into the Rudd petition. The Australian’s investigation into the petition revealed the document was also littered with fake names including “Nacho cheese”, “Jesus Christ” and “this sucks”.

Many were generated offshore, easily sidestepping parliamentary measures set up to prevent fraud.

The petition has been used by Greens senator Sarah Hanson-Young to justify calling an inquiry into media diversity. The petition, which garnered the fourth-highest number of signatures after campaigns to fund community pharmacies, place a higher tax on beer and address healthcare funding, closed with 501,876 signatures.

DPS told the inquiry its e-petition system was designed to provide as few barriers as possible to people signing, and signatories did not need ID and were free to use a temporary email addresses.

“The system is designed … to be no more prohibitive than creating and signing a paper petition,” the submission states. “Providing proof of identity may impact people who cannot easily prove their identity but would otherwise be entitled to sign petitions such as Aboriginal and Torres Strait Islander people in remote areas, people who are affected by a natural disaster, transgender people.”

The submission also noted some individuals had limited access to identity documents “such as those who are experiencing or have experienced family and domestic violence, people experiencing homelessness or with an address inconsistent with their identity documents, or … refugees”.

Many states, including Victoria, Queensland and Tasmania, require a residential address before people sign an e-petition.

A submission to the inquiry from the Victorian Legislative Council said the address requirement provided security and ­ensured they could check the validity of signatories.

“Allowing a variation of a full name and address (for instance, a first name initial and surname is accepted), in so far that with the information provided, you would be able to locate that person on the electoral roll,” the submission reads, although it also notes ­people experiencing homelessness would face obstacles signing.

More related stories

Health

Doctors plot path to halving gap fees

The GP College is pushing for a major lift in the Medicare rebate for long consultations to halve out-of-pocket costs.

Read more

Nation

‘Dodgy policy’: Queensland government locks in 50c fares

Queenslanders have had 50c public transport fares locked in for the next four years, but not all economists are sold on the $1.5bn commitment.

Read more