The Digital Identity and Attributes Framework (UK DIATF) was set up by the UK government to support digital identity services and prevent fraud. The UK DIATF initiative allows individuals to use their digital identities across various industries seamlessly by simplifying how they share verified attributes with other organisations and individuals. In addition, digital identity service providers can now be UK DIATF certified, establishing them as a government-certified IDSP (Identity Service Provider), securing their reputation as trustworthy partners.
Introducing the UK DIATF Framework
The UK DIATF framework prioritises privacy, transparency and user autonomy regarding personal data protection. Individuals are able to manage their digital identities, having full control over what personal data is shared and with whom. Users may also withdraw consent at any point, which proves highly useful for time-sensitive transactions.
Businesses can become UK DIATF Certified by undergoing an independent assessment to verify whether they are compliant with the standardised frameworks outlined for IDSPs. This certification process is controlled by the Department for Science, Innovation and Technology DSIT) and the office for Digital Identities and Attributes (OfDIA).
A DIATF Certification underlines an organisation’s services are secure, reliable, and compliant. The digital identity and attributes trust framework certification is a great way to verify whether an identity service provider follows high operational standards including compliance with established critical standards such as ISO 17065.
UK’s Digital Identity & Fraud Landscape
The UK DIATF framework was launched in response to the growing and dynamic threat of digital fraud. Since the COVID-19 pandemic, the shift toward online business operations and advances in technology have driven demand for robust identity verification (IDV) and anti-money laundering (AML) solutions. Valued at $10.45 billion in 2023, the global IDV market is expected to grow significantly, reaching $11.97 billion in 2024 and an impressive $39.82 billion by 2032, with a projected compound annual growth rate (CAGR) of 16.2%.
50% of UK businesses experienced a cyberattack or security breach in the past 12 months.
This significant growth is directly linked to the surge in digital fraud and cyberattacks. According to the UK government’s Cyber Security Breaches Survey, 50% of UK businesses experienced a cyberattack or security breach in the past 12 months. Cybercrime now imposes an annual cost of £27 billion on the UK economy.
The Creation of UK DIATF (Digital Identity and Attributes Trust Framework)
The UK Digital Identity and Attributes Trust Framework (DIATF) was created as part of the government’s wider initiative to establish a secure digital ecosystem for identity verification. Before its implementation, the UK’s approach to digital identities, identity verification and preventing identity fraud was extremely fragmented. Lack of consistency was a hallmark across identity verification practices across various sectors. Matt Warman, Minister for Digital Infrastructure, highlighted the critical objectives of the new framework in his Ministerial foreword in 2021, in which he lists the following:
- A clear framework of rules that underpin what “good” digital identities look like. This enhances standards across the country to protect individuals from fraud and helps to safeguard privacy.
- The need for established oversight and governance of these rules, updating them over time depending on new threats and needs.
- Creating proposals to address existing legislation which might unintentionally prevent or complicate the use of digital identities (e.g requirements for physical documents in identity verification processes.)
Unravelling the DIATF Framework: Use Cases
Under the UK Digital Identity and Attributes Trust Framework (UK DIATF), organisations must be certified under specific use cases, as each use case possesses its own regulatory and operational requirements that differ from other use cases. This ensures that Identity Service Providers (IDSPs) meet the necessary standards for each unique service that they might be offering, such as Right to Work, Right to Rent or DBS checks.
Different degrees of compliance by IDV providers with the framework’s mandates result in varying levels of confidence. For Right-to-Rent and Right-to-Work checks, the Home Office mandates that IDSPs achieve at least a medium level of confidence as the minimum standard.
Right to Rent Checks
Fraudulent tenancy applications have increased in the UK, posing a significant challenge to landlords. Records of false job titles, as well as hidden criminal records, are examples of fraudulent practices that are often carried out within these applications. Verifying that tenants are who they claim, and that they have the right to rent, protects landlords and letting agencies from the risk of fraud.
The surge in rental fraud reflects not only the challenges within the housing market but also the ingenuity of fraudsters exploiting systemic vulnerabilities.
Currently, British and Irish citizens only need to present an identity document to prove their legal right to rent. However, keeping the verification process so minimal drastically increases risks of fraud. Cases of non-payment of rent, legal issues, property damage and more occur with increased frequency when fraudulent tenants are able to rent property illegally.
Digital Identity Service Providers (IDSPs) can be certified under the DIATF framework, with a medium level of confidence required by HMRC.
Right to Work and DBS Checks
Candidates have been found to often hide criminal records or their lack of a legal right to work in the UK from prospective employers, leading to a need for comprehensive checks. Digital Right to Work checks and DBS checks allow employers across the UK to carry out necessary employee screening.
As a UK employer, you have a legal obligation to comply with the prevention of illegal working legislation. This requires you to conduct a Right to Work check on every UK-based employee to verify they have the requisite permission to perform the work on offer.
The effective prevention of illegal working relies on right to work checks being comprehensive and effective. To become a DIATF-certified Right to Work or DBS provider, a medium level of confidence required.
DIATF-Certified Services With ComplyCube
ComplyCube has been recognized by the UK government’s Digital Identity and Attributes Trust Framework (UK DIATF) as a Certified Digital Identity Service Provider (IDSP) of Right to Rent Checks, Right to Work Checks and DBS Checks. Our bespoke solutions enable employers, landlords and rental agencies across the UK to conduct enhanced checks for employees and tenants whilst remaining compliant with government standards.
For more information on UK DIATF-Certified Right to Rent, Right to Work and DBS Checks, reach out to one of our compliance experts.
