from Morpho UK Limited
Grant of Approval
tScheme Limited grants approval to the electronic trust service identified as:
as supplied by:
Morpho UK Limited
of 255 Wharfedale Road, Wokingham, RG41 5TP.
The management system used to deliver this service is certified by:
Lloyd’s Register Quality Assurance Ltd. (LRQA)
of Trinity Park, 1 Bickenhill Lane, Birmingham B37 7ES
to satisfy the criteria defined in the following tScheme Approval Profiles:
|Base Approval Profile||tSd0111||3.00|
|Approval Profile for Identity Registration Services||tSd0108||2.06|
|Approval Profile for an Identity Provider||tSd0112||1.00|
|Approval Profile for Credential Management Services||tSd0113||1.00|
and in accordance with:
|GPG45 – Identity proofing and verification of an individual||2||2.3|
This approval initially commenced on:
20th October, 2016
and annual renewal against the current issue of these Approval Profiles was confirmed in:
Documents supporting this grant are available by clicking on the links in the tables above.
This Grant of approval is issued by:
PO Box 3653
Company Number 4000985
Approved Service Description
The subject service of this Grant of Approval is the SecureIdentity Service from Morpho UK Limited.
SecureIdentity is designed to allow an adult Subscriber to securely authenticate himself/herself to UK official on-line services without the need to repeatedly transmit personal data. It allows the Subscriber to keep a complete control over all his/her personal data he/she provided at the enrolment while Morpho-UK runs the Service infrastructure at its secure Trust Service centre.
The Subscriber registers on his/her personal terminal (smartphone, tablet) and provides a small set of personal data among the list of authorised data. Based on this, SecureIdentity automatically searches public and private databases to validate these evidences to eventually verify the declared identity.
Key features of the SecureIdentity are:
- Complete managed service;
- Regular automatic identity re-validation. The Identity is revalidated every 6 months when a new sign-in request is received;
- Secure infrastructure designed to meet and assessed against ISO27001:2013 (certification planned during first half of 2016);
- Compliance with the UK Data Protection Act 1998 and all other relevant UK Data Protection Laws;
- Compliance with the HMG (Her Majesty’s Government) IPV Operations Manual Version 2.3.1;
- Compliance to the HMG Good Practice Guide 45: Identity Proofing and Verification of an Individual;
- Support of a variety of personal data including UK Passport, Driver licence, etc.;
- Support of a variety of personal terminals including Smartphone (Apple, Android, etc.);
- Operational 24/7 with physically remote secure contingency facility;
- Customer support through a Service desk opened 14 hours a day during the week (less during the week-end).
The service is built using Morpho technologies trusted by dozens of governments world-wide and utilises industry standard protocols and best practises to protect personal information.