The conversation around digital IDs in the UK is gaining pace. The government is exploring the introduction of a mandatory national digital ID, with some even pushing for physical national ID cards. The upcoming GOV.UK Wallet app will enable over 40 million drivers and over 50 million passport holders to store government-issued credentials.
Whilst this is generating debate, it’s important to recognise that the UK already has a secure, privacy-focused digital ID system in place. This is with the Digital Identity and Attributes Trust Framework, known also as DIATF.
This framework isn’t a competing model to the government’s digital ID plans. Rather, it’s a complementary one, offering UK adults choice. DIATF-certified digital IDs are already helping people verify their age and identity in a way that’s safe, decentralised and completely voluntary.
What is DIATF?
DIATF is the UK government’s official trust framework for regulating how digital identity providers operate. It is overseen by the Office for Digital Identities and Attributes (OfDIA), which sits in the Department for Science, Innovation and Technology (DSIT).
DIATF defines how identity services should operate, spanning areas such as data protection, cybersecurity, accessibility and user consent. Providers must undergo independent audits to achieve certification to the framework, demonstrating that they meet high standards of privacy and security.
It ensures users can trust the digital ID services that they choose to use. These services have been live since mid-2022 and are successfully delivering value for individuals and businesses.
What are the features of DIATF-certified digital IDs?
As some of the discussion shifts toward digital ID cards and government-led solutions, it’s vital to understand the key qualities of DIATF-certified digital IDs and why they matter.
A trusted, voluntary foundation
At the heart of the DIATF framework is the principle of voluntary participation. People can choose whether they want to use a DIATF-certified digital ID and decide exactly when they share their information and who they share it with.
The digital IDs that are operational right now are designed to be empowering, not controlling. They’re tools that people are able to opt into when it suits their needs, with full visibility and control over their data.
Built with Privacy by Design principles
DIATF-certified Digital IDs, such as Yoti Digital ID, are built on the principles of Privacy by Design. From the outset, they’re designed to minimise data use and limit unnecessary sharing to put users firmly in control of their data.
When using the Yoti Digital ID app, users can choose to only share the necessary information with the requesting organisation – and this is only done with their consent. There’s no hidden data exchange or logging of where or when the information is used. There’s also no way for providers (or anyone else, including us) to track user behaviour across services.
This approach is fundamentally different from systems that may rely on centralised tracking or building user profiles. User privacy is a foundation for digital IDs under the DIATF framework.
No centralised tracking or data honeypots
Another key strength of our Digital ID is its decentralised architecture. This means that each piece of data is individually stored across multiple, separate locations, rather than in a single central system. In turn, there’s no central database which stores personal identity details or tracks user activity.
As a result, the system is more resilient to breaches and misuse. Without a central repository of sensitive information, there’s no single point of failure. Instead, users retain control of their information, which significantly reduces the risk of large-scale data exposure.
Independently audited for accountability
To become DIATF-certified, providers must undergo rigorous independent audits by accredited assessors. This external validation ensures services meet high standards in areas including security, data protection, user experience and compliance.
DIATF certification requires demonstrating to third-party experts that every part of the digital ID service is robust and trustworthy. It’s this transparency and accountability that gives DIATF-certified digital IDs their credibility, as providers can’t just claim to be secure. They need to prove it.
Live, proven and growing in adoption
Millions of people across the UK are already using digital IDs for a wide range of everyday tasks, including verifying their age online and signing up for financial services.
As regulations are updated, the relevance and value of DIATF-certified digital IDs will only increase. Upcoming changes to the Mandatory Licensing Conditions (MLCs) will allow DIATF-certified digital IDs to be accepted as proof of age when purchasing alcohol. Additionally, changes to Money Laundering Regulations (MLRs) will clarify how digital identity providers, certified under DIATF, satisfy MLR requirements.
How DIATF-certified digital IDs and government-issued digital IDs can work together
Government-issued digital IDs can be a valuable addition to the UK’s already-functioning digital ID ecosystem, as long as they are privacy-preserving and user-centric. These are the same principles that underpin DIATF. They could help streamline access to public services and offer an alternative option for those who want one.
It’s worth noting that currently, DIATF-certified digital IDs cannot be used to share identity attributes with government services. However, UK citizens will be able to use their mobile driving licence (mDL) in the GOV.UK wallet to create a derived credential with DIATF-certified identity providers.
For the ecosystem to truly succeed, it’s critical that consumers can choose which digital IDs and age assurance methods they want to use. DIATF-certified digital IDs provide a complementary path forward that puts privacy, flexibility and user choice at its core. The two approaches don’t have to be rivals, instead forming two parts of a modern, multi-provider system that can adapt to diverse user needs.
Trust is key to increased digital ID adoption
Digital IDs depend on trust. Trust that personal data is secure and trust that privacy is protected. DIATF-certified digital IDs earn that trust through independent certification, transparent practices and a clear commitment to user-first design.
As the UK continues to shape its digital ID future, it should look to what’s already working. DIATF shows that secure, privacy-preserving digital IDs are possible, and they’re already helping people every day, and on their own terms.
If you’d like to join the millions of users already using our Digital IDs, download our Yoti app on iOS or Android. Or if you’d like to find out how your business can accept Digital IDs, get in touch.
