The UK Digital Identity and Attributes Trust Framework (UK DIATF) is the government’s statutory framework for digital identity services. Any organisation providing digital identity or attribute verification services must be certified against DIATF rules and listed on the Digital Verification Services (DVS) Register overseen by the Office for Digital Identities and Attributes (OfDIA).

DIATF certification ensures services meet stringent requirements for security, privacy, interoperability, and user consent. Vidos is independently certified against the trust framework across three service provider categories, enabling flexible integration approaches for different organisational needs.

Orchestration Service Provider (OSP): Handles complete verification workflows for organisations that want to delegate the entire verification process. The service coordinates all necessary checks and returns verification results through a single API.

Component Service Provider (CSP): Provides verification components that integrate directly within existing services. Organisations build their own orchestration while using Vidos components for specific verification functions.

Attribute Service Provider (ASP): Verifies and validates attributes within credentials from any issuer, confirming that credential attributes meet organisational and regulatory requirements regardless of which identity provider or wallet issued the original credential.

Organisations that need to verify digital credentials (relying-parties): Retailers and hospitality (age verification), financial institutions (identity verification and customer onboarding), healthcare providers (patient identity verification), service providers requiring identity or attribute confirmation, and any organisation accepting digital credentials from UK wallets.

Other DVS providers that want to incorporate certified verification, system integrators and consultancies building identity solutions for clients who need pre-certified verification infrastructure, and organisations certified for supplementary codes who need verification infrastructure.

Technical teams can integrate Vidos verification services in 1-4 weeks. This includes API integration and testing, configuration of verification policies, sandbox testing with sample credentials, and production deployment with dedicated instances.

This timeline assumes standard integration requirements. More complex orchestration or custom policy requirements may extend the timeline, but typically remain under 8 weeks compared to 12-18 months for building and certifying verification infrastructure from scratch.

The UK government’s Blueprint for Digital Government mandates that all central government services must issue digital credentials alongside physical documents by the end of 2027. This means every government service providing physical documents (driving licences, certificates, proof-of-entitlement letters) must also offer digital credential equivalents.

Organisations integrating verification infrastructure now gain operational experience before widespread adoption, process refinement while volumes are manageable, competitive advantage by offering digital credential acceptance early, infrastructure readiness as new credential types become available, and technical capability to handle evolving standards and wallet implementations.

The UK government has announced plans to enable digital verification for regulated checks including Right to Work and Right to Rent. These specific use cases require certification against DIATF Supplementary Codes in addition to core DIATF certification.

Vidos provides the core verification infrastructure that can be integrated by organisations and other DVS providers who hold the necessary supplementary code certifications. This layered approach allows supplementary code certified providers to leverage Vidos verification infrastructure without building and certifying their own cryptographic verification capabilities.

Yes. Vidos is designed as enabling infrastructure for the UK digital identity ecosystem. Other certified DVS providers can integrate Vidos services as verification components (CSP role) within their own service offerings, attribute verification (ASP role) to extend their capabilities, or complete workflows (OSP role) where they want to offer verification to their customers.

This approach allows DVS providers to focus on their core capabilities while leveraging Vidos for trust framework certified verification infrastructure.

Vidos implements privacy-preserving verification following UK DIATF requirements: data minimisation (only processing data necessary for verification), selective disclosure (verifying only the attributes required for each use case), no credential storage (verification results returned without storing credential contents), complete audit trails (logging verification events without exposing credential data), and user consent (all verification requires user presentation of credentials).

These privacy protections align with GDPR requirements and UK data protection principles, ensuring credentials can be verified without creating unnecessary data repositories.

UK DIATF certification includes: technical assessment of cryptographic verification capabilities, security evaluation of infrastructure and operations, privacy assessment against DIATF requirements, interoperability testing with multiple credential formats, operational readiness review of processes and procedures, and ongoing compliance monitoring and regular re-certification.