Updated: The guidance has been rewritten in plain English so it's easy for both technical and non-technical users to understand. The annexes from the previous version have been removed and the information from them added to the guidance. Examples of how checks can be done have been added throughout the guidance. Information about checking someone's biometric information has been added to the 'Check that the identity belongs to the person who’s claiming it (‘verification’)' section. The 'Identity profiles' section has been expanded. The new identity profiles will make it easier to check the identities of users who do not have much evidence of their identity.
This guidance will help you decide how to check someone’s identity. Some existing identity checking services already follow this guidance.
This guidance was written by Government Digital Service (GDS) with help from organisations across the public and private sectors. Key contributors include:Department for Work and Pensions (DWP) Driver and Vehicle Licensing Agency (DVLA) Home Office Ministry of Defence (MoD) National Cyber Security Centre (NCSC) Barclays Digidentity Experian IDEMIA Post Office
This guidance aligns with these international standards and regulations:Digital ID and Authentication Council of Canada (DIACC) Pan Canadian Trust Framework Model the EU electronic identification and trust services (eIDAS) regulation ISO/IEC 29115 NIST 800-63
This guidance does not explain the practical ways you can check someone’s identity. You’ll need to decide what tools or processes you want to use based on what’s appropriate for your service. For example, you might decide to accept a passport as evidence of someone’s identity if you know:the users of your service are likely to have a passport staff in your organisation have equipment they need to check the document effectively
One of the ways you can follow this guidance to check someone’s identity is by using GOV.UK Verify in your service.seen at 16:39, 15 April in Publications on GOV.UK.
Email this to a friend.