Table of contents

Technology overview

GOV.UK Verify lets users prove their identity online so they can access government services. When a user wants to access a government service, a trusted identity provider performs the checks needed to prove the user’s identity.

GOV.UK Verify hub

The GOV.UK Verify hub is the infrastructure that manages interactions between users, government services, and identity providers for the purpose of authenticating a user who wants to use a government service.

The hub is at the centre of the GOV.UK Verify federation, providing a clear divide between identity providers and government services. This means your service has to integrate with the GOV.UK Verify hub only. It doesn’t have to integrate with several identity providers.

The hub is stateless, which means that it doesn’t store any part of the message exchange any longer than a session. Also, it ensures privacy as it doesn’t hold any identity data.

The hub ensures that the required level of assurance is observed.

Identity provider

A private sector organisation paid by government to verify a user’s identity and assert verified data that identifies them to the government service.

The organisations are certified as meeting relevant industry security standards and the Identity Assurance Principles published by the Cabinet Office and the National Cyber Security Centre (NCSC).

Government service

A transactional government service that needs proof of a person’s identity to complete a transaction, for example:

  • view or share your driving licence information (Driver and Vehicle Licensing Agency)
  • claim a redundancy payment (Insolvency Service)

Verify Service Provider (VSP)

The VSP is a software tool provided by GOV.UK Verify. It handles communication and authentication between your service and the Verify Hub, converting the Hub’s SAML into JSON and vice versa, and managing much of the security.

SAML

SAML is an open standard for exchanging information securely. The entities of the GOV.UK federation, the government service, GOV.UK Verify Hub, and identity providers, exchange information using SAML.

For more information, see the diagram showing the SAML message flow within the GOV.UK Verify federation.

Public key infrastructure (PKI)

PKI implements secure electronic transactions between the entities in the GOV.UK Verify federation.