What is the UK Digital Identity and Attributes Trust Framework (DIATF)?
Following the Data (Use and Access) Act receiving Royal Assent in June 2025, the UK Digital Identity and Attributes Trust Framework (UK DIATF) is now a statutory framework that sets mandatory rules for digital identity providers, attribute services, and consumers in the UK. The final Gamma 0.4 framework creates legally enforceable standards for secure, useful, and controllable digital identity solutions across the economy.
Since our involvement with the DIATF from its earliest consultation stages, we've helped organisations through multiple framework iterations.
Our DIATF Consultancy & Support Services
We support startups, scale-ups, and enterprises with every aspect of DIATF compliance, certification, and migration.
Gap Analysis
We assess your current systems and processes against DIATF requirements, identifying exactly what needs to change.
Certification Readiness
We help implement necessary changes and prepare your documentation for successful certification.
Role Determination
We help you identify which DIATF roles apply to your service (Identity, Attribute, Holder, Orchestration, or Component) and how your existing commercial model fits.
Beta 0.3 Migration
Strategic migration support from existing Beta 0.3 certifications to Gamma 0.4, ensuring continuity and compliance before the March 2026 deadline.
DIATF Certification Process Explained
Gap analysis
We conduct a comprehensive assessment of your current product and processes against the final Gamma 0.4 requirements to identify gaps and existing controls.
Our analysis covers the new legislative requirements under the Data (Use and Access) Act, including the updated supplementary codes for right to work, rent, and DBS checks, plus the new white label certification requirements.
Stage 1
A documentation review and initial assessment conducted by an approved certification body against the final Gamma 0.4 framework.
Remedial work
The process of addressing any gaps or deficiencies identified during the Stage 1 assessment to meet the trust framework's standards.
Stage 2 (Certification)
A comprehensive assessment by the certification body to verify that the product and business meets the applicable DIATF requirements.
Internal audit and improvement
A self-assessment process conducted by the certified business.
We'll help you establish robust internal audit processes, enabling your team to conduct thorough self-assessments to maintain ongoing compliance and continuous improvement.
Why choose us
Experience Since Day One
We've been involved with the DIATF since 2019, through all iterations from Beta to the statutory Gamma 0.4 framework, providing continuity and insight.
Proven Success Record
We're amongst the first consultancies helping organisations navigate the new statutory requirements, white label certifications, and Gamma 0.4 migration.
Cross-Functional Expertise
We're product, engineering, and compliance experts and can speak your language.
End-to-End Support
From strategic advisory to hands-on implementation, we support your entire certification journey under the new statutory framework, including ongoing surveillance requirements.
Frequently Asked Questions about DIATF
What is the UK Digital Identity and Attributes Trust Framework (DIATF)?
The DIATF is now a statutory UK government framework under the Data (Use and Access) Act that sets mandatory rules for digital identity and attribute service providers, ensuring secure, privacy-respecting, and trustworthy digital identity solutions across the economy.
What changed with the Data (Use and Access) Act?
The Act received Royal Assent in June 2025, putting the DIATF on a statutory footing. This creates legal obligations for Digital Verification Services and introduces official government powers including a statutory register and UK digital identity trust mark.
Who needs DIATF certification?
Any organisation providing digital identity or attribute services in the UK that wants to be recognised as a trusted provider under the statutory framework, including those offering white label services under the new certification approach.
What is Gamma 0.4 and why is it important?
Gamma 0.4 is the final version of the current DIATF that came into force in July 2025. It's now UKAS-recognised and includes updated requirements for white label certification and revised supplementary codes.
Do I need to migrate from Beta 0.3 to Gamma 0.4?
Existing Beta 0.3 certifications remain valid until March 2026, but new certifications from July 2025 must be against Gamma 0.4. We recommend early migration to ensure continued compliance and market positioning.
What are the new white label certification requirements?
Gamma 0.4 introduces separate certification scopes for 'underpinning services' and 'white label services', with stricter accountability requirements and more frequent evaluation cycles to ensure transparency and trust.
How can consultancy help with these changes?
We guide you through the transition to the statutory framework, Gamma 0.4 migration, white label certification planning, and ensuring your service meets all new legislative requirements whilst maintaining commercial viability.