Insights Government publishes updated version of digital identity trust framework following previous feedback

The digital identity trust framework is part of the Government’s plans to make it faster and easier for people to verify themselves using modern technology through a process as trusted as using drivers’ licences or passports.

This updated document sets out the Government’s vision for the rules governing the future use of digital identities. It supersedes the original version of the digital identities trust framework, published in February 2021. Comments from that version of the framework received during last month’s consultation have been fed into this updated version.

The framework shows how organisations can be certified to provide secure digital identity services by going through an assessment process with an independent certification body. It also states how data can be shared between organisations and announces that the Government will start testing the framework in partnership with service providers.

Applications have opened for organisations interested in taking part in the testing process, which will involve organisations assessing where their service meets the proposed trust framework rules and providing feedback to the Government. The aim is that this process will prepare organisations for full certification in the future, as well as help the Government to refine trust framework rules so they work for both people and organisations.

Once finalised, the Government plans to bring the framework into law and make it easier and safer for people to use digital services to prove who they are or verify something about themselves.

The updated framework includes:

  • details on how organisations will become certified against the trust framework in the future, including how the independent assessment will take place; the process will involve bodies accredited by the UK Accreditation Service (UKAS) completing service audits to assess eligibility;
  • new guidance on how organisations can work together to create a consistent approach, which delivers a better user experience and reduces the need for burdensome and repetitive verification processes; it outlines how organisations describe data in the same format so other organisations know the method of identity verification used;
  • clearer definitions for the trust framework’s roles so organisations can better understand which applies to their specific service, depending on how they are managing data; and
  • refined rules on certain areas, such as how to manage digital identity accounts.

To read the Government’s press release in full and for access to the updated framework, as well as details on how to express an interest in taking part in testing the process, click here.