Digital identity

Notifying users of changes to their holder service accounts 

Posted by: , Posted on: - Categories: Digital identity, UK digital identity and attributes trust framework
A person holding a phone in their hand and also using a laptop

Holder service providers must have processes in place to get in touch with users if there’s a change to their account or you’ve received a request to close their account. For gamma (0.4) certification, those processes must be multi-channel.

Building trust through independent, accredited conformity assessment

Posted by: and , Posted on: - Categories: Certification, Digital identity, UK digital identity and attributes trust framework
Conformity assessment you can trust

The United Kingdom Accreditation Service (UKAS) has granted accreditation to Kantara Initiative; making it the first UKAS-accredited conformity assessment body (CAB) certifying under the UK government’s Digital Identity and Attributes Trust Framework.  

What are valid certificates under the UK digital identity and attributes trust framework?

Posted by: , Posted on: - Categories: Certification, Digital identity, Register of digital identity and attribute services
A screenshot of a web browser. The GOV.UK register of digital identity and attribute services is visible in the browser window.

You need to have a valid certificate if you want to prove your service conforms with the UK digital identity and attributes trust framework, and want to apply to be listed on the GOV.UK register of services.

“Must” and “could” in the trust framework and whether the rules apply to your service

Posted by: , Posted on: - Categories: Certification, Digital identity, UK digital identity and attributes trust framework
A screenshot of a web browser. The UK digital identity and attributes trust framework is shown in the window.

If a Part or Section in the trust framework applies to your role, then all of the rules in that Part or Section apply to your service. Your service must conform with all of the “must” rules, and service providers can choose whether or not to implement any “could” rules.

You should plan to renew your certification sooner than you think

Posted by: , Posted on: - Categories: Certification, Digital identity, Register of digital identity and attribute services

You can avoid your service falling off the GOV.UK register by asking your conformity assessment body to complete your recertification process up to 60 days early. You won't lose the remaining time on your current certificate if you do this, and it will help you to avoid any unnecessary disruption.

What happens when you apply to join the register of digital identity and attribute services

Posted by: and , Posted on: - Categories: Certification, Digital identity, Register of digital identity and attribute services

Getting onto the GOV.UK register of digital identity and attribute services is not an automatic process. It can take up to 20 working days for your service to appear on the register.

Using government data to verify your identity: the role of the GOV.UK Wallet

Posted by: , Posted on: - Categories: Digital identity, GOV.UK Wallet, Information gateway

Every day, people use official government documents like passports or driving licences to prove things about themselves in the economy. However, these physical documents weren’t designed for the digital age.   This is why, through the Data (Use and Access) Act, …