Today, we have published the next iteration of the trust framework, supplementary codes and supporting documents in pre-release. Each publication is marked as the 1.0 version, with the supporting documents version-controlled in this way for the first time.
The UK digital verification services (DVS) trust framework is the foundation for building trust in the digital verification services ecosystem. The rules it sets for DVS providers help build confidence that services certified against it are reliable and secure. The supporting documents underpin the trust framework by setting out guidance for specific elements of the digital verification process, and the supplementary codes extend the trust framework with additional rules for particular sectors or use cases.
This is the first revision of the trust framework published since the relevant provisions in the Data (Use and Access) Act 2025 (‘the Act’) came into force in December 2025. To bring it in line with the legislation, we have renamed it the ‘UK digital verification services (DVS) trust framework’ in place of its former name ‘UK digital identity and attributes trust framework’.
1.0 will not be the last version of the trust framework. We are required under the Act to regularly review it, and we will continue to engage with stakeholders and build the evidence base for future releases.
What is a pre-release?We’re describing this publication as a ‘pre-release’ because digital verification services cannot be certified against it yet, and it does not yet have legal effect. We still have some work to do with the UK Accreditation Service (UKAS) to accredit Conformity Assessment Bodies (CABs) to certify services against this version before we publish the final release.
However, pre-releasing helps give certainty about the forthcoming rules and allows providers time to prepare for the changes made since the previous version, known as the 0.4 ‘gamma’ publication.
Once CABs are accredited and ready to begin certifying later this year, we will officially publish 1.0 using the powers under the Act, clearly labelling it as the final publication.
We don’t expect to make changes to the requirements in the 1.0 publication between now and its final release. The final release will confirm the dates from which DVS providers can start certifying against version 1.0 and the transition timetable from the gamma version. It may also include some final tweaks to links and to document structure.
Changes since the previous release of the trust frameworkThe 1.0 version of the trust framework is intended to iteratively build upon the high baseline set in the gamma version. However, it does introduce some significant new updates.
Enabling safe use of the ‘UK CertifID’ trust markDVS providers certified against the 1.0 version of the trust framework will be able to use the new trust mark. With a basis in legislation, this will give certified DVS providers a way of showing users and other businesses that their service meets the rules set by the government. The 1.0 version sets out rules on when and how the trust mark can be used.
An updated data schemaWe have significantly updated the trust framework’s data schema, which has been rewritten with the needs of business and government in mind. The data schema defines how elements of identity, attribute and authentication data should be organised, named, formatted, and exchanged in a consistent way to enable this data to be understood across DVS providers and by those who would like to use DVS. It is designed from the ground up to meet the revised guidance on checking identities and using authenticators. Use of the data schema remains optional.
Data shared by orchestration and holder servicesTo reflect the increasingly important role we expect for orchestration service providers in supporting the adoption of DVS, we’ve introduced our first rules specifically for them. These rules require that orchestration services are able to tell their customers whether the services they orchestrate are on the DVS register.
We’ve also introduced new rules for holder service providers to require that they be able to share metadata about the identity and attribute information they hold.
Strengthening guidance on vouching and widening the applicability of inclusion rulesWe have rewritten the guidance on vouching to make it more straightforward to create and share vouching evidence when following the guidance on checking identities. This is intended to give DVS providers and others confidence in vouching as a way of checking someone’s identity in lower risk use cases.
We’ve also made the trust framework’s rules on inclusion and accessibility, previously applicable only to a subset of providers, now apply to all certified DVS providers.
Improving navigability and usabilityWe’ve made it easier to find your way around the separate supporting documents, including through introducing line numbering and version control, to mirror the approach taken in the trust framework itself.
The trust framework publication contains a full summary of the changes in version 1.0, covering changes in the trust framework document itself and the separate supporting documents.
Next stepsDVS providers cannot certify against the 1.0 trust framework or supplementary codes just yet. We’ll confirm the dates from which certifications against them can begin once UKAS has completed its review and we’ve published the final releases.
For providers currently certified under gamma, we’ll set out a clear transition period. We’ll also provide a delta assessment route. This means that most gamma‑certified providers will not need to be audited against the entire 1.0 framework from scratch. Instead, an auditor will only check that the provider has made the required step‑up from gamma to 1.0. In other words, gamma-certified providers can choose to be assessed solely against the changes between the two versions. Beta certifications will still expire on 31 March 2026, as previously communicated.
We believe the 1.0 versions of the trust framework, supplementary codes and supporting documents mark a step forward for the sector, giving providers greater clarity, consistency and confidence in the delivery of digital verification services.
Upon publication of the final 1.0 release, we will start engaging with stakeholders to identify and prioritise the areas we should focus on for updates in the next version of the trust framework.
https://enablingdigitalidentity.blog.gov.uk/2026/03/03/announcing-the-1-0-trust-framework/
seen at 16:30, 3 March in Enabling digital identity.