frequently asked questions

UCD is still new, so not many questions have been asked yet. We need more! Please submit them via the contact form.

In anticipation, we give below answers to some of the questions that may be asked.

You can filter the questions to see only those relevant to your starting point. There are also some definitions to help explain any unfamiliar terms.

Is UCD compatible with DSIT’s UK Digital Identity & Attributes Trust Framework (UKDIATF)?

UCD will be compatible with all relevant government regulation.

At the time of writing – in May 2024 – the Department of Science, Innovation and Technology is nearing publication of the first official version of UKDIATF. The actual publication date is likely to coincide with the enactment of the Data Protection and Digital Information (DPDI) Bill, now expected early in the life of the next Parliament (assming that the new government does not wish to make significant changes.).

Despite their names, DPDI and UKDIATF are focused on the proofing of digital identity, and its use by individuals to interact with service providers. As yet, government has not thought through the implications of enabling an individual to use a digital wallet for many different kinds of personal data, not just identity but also qualifications, student-status, blue-badges, credit-worthiness, etc.

UCDx plans to participate in the development process to regulate such multi-application wallets, and will ensure compliance witht the resulting reqirements. UCD is likely to be become a ‘scheme’ under a future version of UKDIATF.


The word ‘control’  in  UCD implies that the user plays an active part in the process of  transferring data from one party to another, and thus can stop the transfer by declining to play that part.  For example, an individual controls whether to take a bank note from their wallet and hand it over to a merchant. Similarly, using a wallet, a user will control whether to share data. Control is different to Consent, defined elsewhere.


‘Consent’ means simply that an individual agrees that data can be transferred between parties but plays no other part in the process. In payment systems, for example, an individual  consents to a merchant taking payment by direct debit (by completing a direct debit mandate). Consent is best understood by contrast with ‘Control’, defined elsewhere in this FAQ.

Will a digital wallet cost me anything ?

No. The costs of running the UCD infrastructure will be paid by the service providers who choose to interact with you via your digital wallet. And they will be happy to pay in return for a better experience for their customers, lower costs, and easier compliance with data protection legislation.

Is UCD the same as ‘Self-Sovereign-Identity (SSI)’ ?

Yes and no. SSI is a term used by some companies to describe software that enables  (i) organisations to issue one or more ‘verified credentials’ to an individual; and (ii) the individual to control who should see such credentials.  

Here the term ‘verified credential’ means much the same as what UCDx calls ‘trustworthy personal data’: both terms refer to personal data which the individual controls, in the sense of deciding who gets to see it, but cannot change. And both terms are general, and can refer to any kind of data, whether legal identity, or a qualification, or simply a statement that someone is over a certain age.

UCD differs from SSI in that it is aspires to be a complete proposal, putting forward not just clever software but also an organisational model, business model, funding model, governance model, and application route map, starting in UK education.

Attribute / claim / credential

An attribute is simply a piece of data about – or belonging to – an individual, such as age, hair colour, legal identity, height, qualifications, vouchers, money, a visa for travel etc.

Attributes can be more or less closely tied to a particular identity. For example, a travel visa is generally tied to an identity, as shown in a passport. But a voucher can be anonymous, ‘belonging’  to whoever happens to have possession of it. And money, pure and simple, is always anonymous.

Attributes can be issued directly by a service provider qualified to do so. Examples include: a  qualification issued by a learning provider; a credit score by a credit bureau;  a ticket by an airline, and a legal identity by a government. Such attributes can usefully be called ‘authoritative’.

Attributes can also be checked by some other trustworthy party, other than the issuer. In this case, they can usefully be termed ‘verified’ attributes. Americans often use the word ‘claim’ instead of attribute. The word ‘credential’ can also be used.

Is UCDx CIC independent of PIB-d Ltd ?


Although UCD has been developed as a concept largely by PIB-d Ltd, it has long been apparent that – in order to win the necessary trust – the project has to be led by a public-interest body. This realisation led to the creation, in 2020, of UCDx as a community interest company, using funding provided by InnovateUK.

John Harrison, one of the founders of PIB-d Ltd, serves on the board of UCDx and provides necessary expertise. But he has declared his interest in PIB-d to the board, and – should PIB-d ever seek to win work from UCDx – will be recused from the associated decisions.

Is UCDx linked to TrustoverIP

We may (or may not) join soon.

TrustoverIP  ( is a grouping of organizations formed in 2020 to develop a ‘full-stack’ of standards –  not just technology but also governance – for internet scale digital trust.

UCD, in contrast, is a coherent set of business, technical, organization and governance models, together with a route to scale, for developing infrastructure for User Control of Data (including identity), starting in the UK education and finance sectors.

As such, UCD can be thought of a defined and focused expedition into new territory, whereas TOIP is a collective agreement between organizations that there is a lot of exploratory work to be done, and that it is better to carry out the work collectively. UCD may well draw upon some of the work carried out by TOIP.

Is UCDx linked to the Open Identity Exchange ?


OIX ( is a forum in which public and private sector organisations gather to discuss issues related to digital identity and personal data exchange. From time to time OIX members collaborate on a new schemes, i.e. new ways to makes tangible progress in the field.

UCDx is a member of OIX, and the UCD proposal is – in the eyes of OIX – a new ‘scheme’.

Is UCD linked to Evernym / Inrupt / DataSwift

Ideally, organisations  participating in UCD should be able to purchase software components from a deep market of suppliers, all offering standards-compliant code. Everynm is one early supplier in the market, and seems to be committed to interoperability; others are emerging and have a similar commitment to interop. Inrupt and Dataswift are further software developers active in the field, but UCDx knows less about them as yet.

Why should a bank be interested in UCD ?

Retail banking has remained much the same for a long time. Even web banking is just a new front-end for traditional back-office systems. UCD may be the driver of change.

We envisage that banks will soon begin to offer digital wallets, integrated into web banking applications, and enabling individuals to control the flow of personal data from the same interface that they use to control the flow of money. The first attributes will be proof of qualifications, and proof of identity. Use by the education sector should provide a route to scale.

The key to the involvement of the banks is – of course – the business and funding models. We have clear ideas about these, and are working to develop them further. Please contact us to discuss.

How does UCD differ from OneLogin ?

OneLogin is a system provided by the Government Digital Service as a  successor to Verify. It comprises a single-sign-on facility, coupled with a ‘back-office’ identity-proofing-provider. An individual can use OneLogin to interact with multiple government departments; if necessary they will be asked to proof their identity – by showing a passport or driving licence, and having their credit record checked – so that the result can be stored within the OneLogin system, and shown to a department when required.

UCD could, in principal be, compatible with OneLogin. An individual would choose a wallet provider from a managed market, use it to authenticate to OneLogin, go through the identity-proofing process, and then receive back from government proof of identity for storage in their wallet, and subsequent sharing with other service providers – in the private or public sectors – as required.

Seen this way, Government becomes the ‘attribute authority’ for legal identity, much as – say – a university is the authority for the issue of a degree certificate. This is as it should be, and would reduce significantly the need for commercial identity-proofing providers. There is, of course, a need to devise a suitable business model for such a managed market. We think there are a number of feasible options for such a model.

Does UCD conflict with Investigatory Powers legislation ?

No. See answer to ‘Will my wallet provider (or others)  have access to my data ?’ above.

Will UCD prevent statistical /epidemiological research ?

No. Government departments like to maintain large databases of personal data, in part at least to enable statistical research as to what policy measures prove effective. Examples include – in education – the National Pupil Data Base (NPDB) and the Learning Records Service.

But these databases are assembled without really asking the individuals involved whether they agree. Further, they are often incomplete. For example, LRS mainly contains qualification data from secondary and further education in England: many universities do not contribute data, and the approach is not used at all in Scotland. (We are not sure about the situation in Wales or Northern Ireland.)

UCD could enable individuals to pull down data from LRS and combine it with qualification data from other sources. Then, if they are asked nicely, they may well agree to let an external party view their data for research purposes, provided their anonymity is protected. An explicit link to a research agency could even be installed by default, provided that the individual has the right to delete it.

In summary then, UCD  will not prevent statistical research, since databases – such as LRS –  will likely remain in place. Rather UCD has the potential to enhance such research by actually asking the individual, digitally, for permission to access all data relevant to a given enquiry, not just the sub-set captured in a centralized database.

Why can UCD not be led by the UK government ?

UCD aims to be ubiquitous, a bit like a payment system, and so used by individuals to maintain online relationships with organisations across the public and private sectors, and with other individuals.

Thus, even though UCD is clearly infrastructure, design and implementation cannot be led by government. Why  ? Because government’s remit is limited to individual-public_sector online relationships: it does not extend to online relationships between individuals and between individuals and private sector organisations.

And yet, UCD cannot be built without support from government, because it is government, in one guise or another, that controls significant chunks of our personal data (e.g. qualification records), and so offers a route to critical mass.

UCDx is working to secure the UK government’s support.

Who will pay the capital costs of UCD ?

UCD can only developed as a collaboration between the UK‘s public and private sectors. It’s for this reason that the original development company, PIB-d Ltd, was set up as a joint-venture, half owned by (parts of) the education sector and half privately. But PIB-d was premature.

Now UCDx has been set up  – as a community interest company – to make the case for UCD and act as a future governance body. But the fact remains that creating the infrastructure still requires  collaboration and support from across the UK’s public and private sectors. The stronger the support from the public sector, initially education, the easier it will be for the private sector to raise the necessary finance.

How does UCD differ from Verify ? Verify was a scheme  to enable individuals to prove their legal identity online to government. Government could easily have chosen to award a single large contract to just one identity provider, and then presented the result under the brand. However, it chose instead to award contracts to several Identity Providers (IdPs, initially seven), and allow individuals to choose between them, based on brand strength and other factors.

The fact that individuals could choose an IdP from a managed market was a step towards the idea that it was the individual commissioning the IdP to act as their agent. But this was never really the case: the IdPs were always commissioned, and paid for, by government. And it is government which has decided to end the Verify scheme (probably sometime in 2022) and so terminate the provision of services by IdPs to individuals.

UCD is different. An individual will choose a wallet provider from a managed market, probably at the invitation of a learning provider, just as individuals chose a Verify IdP at the invitation of government. But, in contrast to Verify:

  • the wallet provider will be commissioned by the individual, and will act – principally – as the individual’s agent;
  • the individual will, in theory at least, be able to use their wallet to share any kind of trustworthy personal data between any parties (including individuals), not just proof of identity from IdP to government; and
  • in normal circumstances, only the individual will be able to decide to dispense with their wallet provider’s services, either deleting a wallet entirely, or switching to a different provider.

Why should government be interested in UCD ?

UCD can – over time –  provide a range of necessary online applications which government needs, but cannot easily provide itself because of the need for such applications to be used not only in the individual to government relationship, but also between individual., and between an individual and a private sector service provder. These applications include:

  • sharing proof of identity – from government (or a commercial identity proofing provider) – to other service providers, such as an employer when proving right to work, or a landlord when proving right to rent
  • sharing proof age (without any unnecessary further information) when buying alcohol or accessing adult content
  • building a portable personal achievement record, and sharing appropriate views when transitioning between learning providers or from education into employment
  • enabling an individual to authorise another person, or organisation, to act on their behalf, potentially extending to include power-of-attorney.

The technology required for UCD is now mostly in place, and can be regarded as a variant of recent work on “self-sovereign identity”, led by various standards bodies, and certain software companies.

What UCD contributes are coherent business, funding,  and governance models – together with a credible route to scale –  required for the implementation of these technologies at scale in the UK.

Will awarding bodies be required to act as ‘identity providers’ ?

No. At the moment, when an awarding body (such as a university, or an exam board, or a  trade body) issues a paper qualification to an individual, say ABC, they are stating only that the individual known to them as ABC has earned a particular qualification

Even though awarding bodies may ask for proof of ABC’s identity at the time of registration, it is not their role to vouch for that identity to others, and they would not carry liability insurance for doing so.

Rather, vouching for an individual’s identity to others is the role of a specialist service provider, an ‘identity proofing provider’ or IdPP. Such organisations look at many factors to determine whether a claimed identity is genuine: evidence of interaction with an awarding body may be one such factor, but is far from sufficient. In the longer term, it is likely that government will the principal IdPP, online as in the physical world.

What happens if a wallet provider fails ?

Since UCD wallet providers will be private or third-sector organisations, all competing for custom from individuals, there is a possibility that one or more could either fail commercially, or simply decide to exit the wallet market.

Should this happen, the company in question will be obliged – under its contractual agreements with UCDx – to allow all its customers to port their accounts to a different wallet provider of their own choosing, or in the final resort, transfer any remaining customers to a default provider selected by UCDx.

Will the whole education sector have to change at the same time?

No. UCD can be piloted within a single secondary school, FE college and university. In each case, the learning provider will invite learners to choose a wallet provider from a managed market (i.e. at least two providers),  and then use their wallet to interact with both the learning provider and with fellow learners.

Assuming these pilots prove successful, other learning providers will follow; and the new approach will grow to ubiquity, eventually being used for transitions between learning providers, and into employment, as well as internally.

Will UCAS be affected by UCD?


In UCD terms, UCAS is almost a Decision Support Service (see page re organizational model), helping learners choose between, and apply to, universities. If the UCD pilots succeed, setting the infrastructure en route to scale, it will make sense – at some point – for UCAS to consider integration. The task will be complex, but it will be a sign of success, and so a good problem to have.

Is UCD related to the Learning Records Service?

It could be.

LRS serves, principally, as a back-office store of qualification data from secondary and Further Education in England. This data is provided by the awarding bodies – such as OCR, and City & Guilds – who serve secondary and FE learning providers.

Learners could – using a UCD wallet – set up an online relationship with LRS at the same time as they register with a relevant learning providers, and so be able to pull down qualification data as it becomes available. Later on, they could use the same wallet to pull down qualification data directly from the learning providers – such as universities and professional/ trade bodies – that act as  their own awarding bodies.

LRS is run by the Skills Funding Agency on behalf of the (Westminster) Department for Education. We are seeking DfE’s support.

Is UCD related to the UKAMF, as used in education?


UKAMF enables an individual to use a single username and password, provided by their home institution (say a university or college), to gain access to online resources provided by others, typically a publisher. The publisher will grant or deny access based on information – attributes – released by the home institution. More info can be found at

UCD goes  a big step further, enabling an individual to choose a wallet provider as their personal agent, i.e. as an intermediary in (potentially) all their online relationships, including that with their home institution.

Thus an individual will keep  the same wallet – possibly porting it from one provider to another – throughout their educational career, and will be able to use it to share attributes from any party to any other.  So UCD will be able to offer not just the functionality provided by UKAMF, but much more, starting with a portable personal achievement record, proof-of-student status, low value payment, proof of identity etc.

Does Jisc support UCD?

Conditionally. UCDx has been set up as a public-interest entity to govern the proposed UCD infrastructure, using funding provided by InnovateUK in response to a grant application submitted by PIB-d Ltd.

Jisc is a shareholder in PIB-d Ltd (, a commercial company created  – as far back as 2011 – to develop UCD type infrastructure. While UCDx and PIB-d Ltd are independent of each other, PIB-d may in time bid to UCDx for a concession contract to run UCD pilots.

Jisc has indicated that (i) it believes that UCD type infrastructure is necessary; but that (ii) a UCD development project is only feasible if there is general support throughout the education sector, led by the relevant parts of government.

In consequence, it seems fair to say that Jisc’s support for UCD is conditional on winning support from government.

Why should my institution be interested in UCD?

Three reasons:

  • because it seems daft, given the ongoing transition to the digital world, to still be part of a system that only hands out qualifications on paper
  • because, done right, UCD will improve education, giving learners a single simple interface with which to (i) interact with multiple parties, both learning providers and fellow students; and (ii) transition between learning providers, and into employment, controlling the sharing of relevant data at each step; and
  • because, UCD will – in time – reduce operating costs as systems for control of data converge with those for control of money (i.e. payment systems).

Who will be the first wallet providers?

UCD can only become infrastructure, and reach national scale, if users are given a choice between different wallet providers, and are assured of interoperability and account portabiity between them.

Initially, we expect that wallet providers will be SMEs, suitably regulated by DSIT, and presently acting as commercial identity proofing providers (IdPPs). Many of these companies know that their IdPP role may vanish if government starts to provide legal identity attributes free-of-charge to an individual’s chosen wallet provider, and so are keen to adopt the wallet provider role themselves.

Later on, we expect that at least one of the more nimble retail banks will see marketing advantage in becoming a wallet provider. And then all the others will follow, both to avoid being perceived by customers as technically backward, and to benefit from reduced customer onboarding/KYC costs.

Also the mobile network operators may offer wallets. And Big-Tech (i.e. Google, Microsoft, Facebook, Apple) could decide to participate, but would have to accept external regulation, something they have long tried to avoid.

Can I delete my wallet ?


Just as an individual can choose to  destroy a real-world wallet, and everything within it, so an individual will be able to delete their own  digital wallet and any data within it.

If they do so, they will have to re-establish online relationships with every service provider by some other means. This will be difficult, but the right to delete a digital wallet is fundamental.

Will my wallet provider (or others) have access to my data?

Not in normal use.

A wallet provider will not have the right  to look inside an individual’s wallet or make any use of the data therein.

However,  occasions may arise where a wallet provider, probably working on behalf of others (such as the State or a relative) needs to gain access to such data.  In the case of the state, there would likely be a need for a warrant, akin to that used to obtain physical  access to an individual’s home. A relative might need a power of attorney, or similar.

This area is controversial. In our view, the debate should not be about whether access of this kind should be technically possible, but rather about the safeguards – legal and technical – that should be put in place to ensure that any such third party access only happens in extreme situations, and is never abused

Will I have to have, or use, a unique identity / number?


UCD will be designed to avoid – at the infrastructure level – any unique identifiers for individuals, making it more difficult for counterparties to exchange personal data between their back offices without involvement of the individual. Instead, they will need  to ask the individual, via their wallet account, to disclose the data.

Note, however, that some parties will require  an individual to disclose personal data capable of being used as a unique personal identifier (such as the triad of name, date-of-birth and postcode; or an email address; or a  phone number) at the point they sign-up. In this case, the individual can either comply or choose to walk away.

How many wallets can I have?

As many as you like.

But – just as too many bank accounts or wallets becomes a nuisance – so most people will find that it’s easier to have just one or two digital wallets. Otherwise, they may find that the data that they need to share via one wallet is only present in a different wallet.

Will I have to prove my identity in order to get a digital wallet ?


Just like signing up for a conventional account on any website, the only thing that an individual must prove to get a digital wallet is that they are human (probably by solving a captcha).

Later, when using a wallet to set up an online relationship with a service provider, it’s the service provider which determines what information the individual needs to disclose and to what degree such information needs to be trustworthy.

In some cases, the service provider – say a Further Education college or a family doctor – may request online proof of an individual’s legal identity not because such proof is necessary for the delivery of their services, but rather to help link the individual to any existing offline records that they may maintain. (Or they could make the linkage by face-to-face contact instead: a teacher can recognise a student, and just as a doctor can recognise one of their patients.).

Why do I need a wallet provider?

There is a purist approach to UCD in which individuals don’t need a wallet provider, and rely instead only on software installed only on their own device. While it might be possible to make this work technically, there are two main reasons why we think there is a need to involve wallet providers

The first is that software is never intrinsically trustworthy, secure or privacy-enhancing. Rather all these good things are the result of work by people and organisations, are communicated by some form of brand or trademark, and need to be paid for.  Put otherwise, there is a need for infrastructure to have a coherent business model; and the best one (that we can find, anyway) relies upon service providers  paying wallet providers small periodic relationship fees.

Second, humans are fallible: they forget passwords, and they forget to make backups. For most people, it makes sense having a wallet provider to help them ensure that they never lose their data, or access to it.

Will UCD software be open-standard / open-source?

UCDx will maintain and enforce open standards to ensure interoperability and account portability between different wallet providers.

Whether any software components are made available open-source is a secondary issue, to which the answer is not yet clear.  However, the Open Wallet Foundation was set up in 2002, as an offshoot of the Linux Foundation, to encourage the development of open-source software for wallets, and UCDx is all in favour: there is no point in developing multiple, competing, commercial versions of what should be interoperable code.

Many web browsers are now built on a common open-source core. Only the cosmetics differ. UCDx hopes that wallet software will follow the same pattern.

Will UCD use Artificial Intelligence?

Perhaps. The main idea behind UCD is to give individuals control over their own data. Once they have such control, they may well choose to give a (well-regulated) AI access, seeking advice or guidance.  And if they don’t like the results, they can switch to a different AI, or turn the thing off entirely.

Will UCD use Blockchain?

Not necessarily. UCD can be built without block-chain – which is just one technical option and in no way a panacea. If used at all, the most likely application is for the exchange of public keys between parties.

Why should I, as an individual, want a UCD-style digital wallet ?

It won’t change your life. But doing stuff on line will gradually become better.

You won’t have to manage as many usernames and passwords, or other authentication mechansims.

You will enjoy bank-grade security, & better privacy.

And life will become easier, since you will be able to do more things online more easily, all based around the simple idea of controlling, precisely, the sharing of your trsutworthy personal data between differerent service providers. Applications include:

  • building up a lifelong, portable, personal achievement record, to be used when applying to a new learning provider or for employment
  • sharing proof-of-identity from an identity-proofing-provider (either commercial or government) to be used when
    1. opening an account with a new financial service provider
    2. proving Right to Work to a new employer
    3. proving Right to Rent to a new landord
    4. interacting with government
  • sharing
    • proof of student status from a learning provider to a merchant offering student discounts
    • proof of entitlement to preferential treatment (free prescriptions, blue badges etc)
    • marketing preferences with a service provider, and changing them easily
    • loyalty card number automatically, as you make payment
    • proof of age for age-restricted purchases, with just one click, as part of a payment transaction
  • seeing all your financial accounts (current, savings, pension, life insurance etc) in one place;
  • helping someone you care for – perhaps a child or an elderly parent – interact online; and
  • communicating securely with any service provider, much as we can do using WhatsApp.

David Alexander, the founder of Mydex CIC, describes the problems solved by user-control-of-data as reducing Friction, Effort, Risk and Cost, or “FERC”. He is not wrong.