Public Services > Central Government

GDS contract awards hint at Verify direction

David Bicknell Published 02 November 2017

£1.3m contract awarded to £103,000 for Ixydo and £39,000 deal for SME Layer 7 cover development capability, DevOps, and specialist knowledge of digital certification models


The Government Digital Service (GDS) has awarded a series of contracts for the GOV.UK Verify identity assurance scheme which seem to provide a clue as to what work going on behind the scenes, if not where the service is heading.

The contracts, for £1.3m to Thoughtworks and £103,000 for Ixydo for development capability cover the design, installation, testing and maintenance of software systems as a part of a development capability for Verify and a need for WebOps capability as Verify migrates from a VMWare based environment to AWS.

The £39,000 contract, awarded to Ashington, Northumberland based SME, Layer 7 seems in keeping with Verify’s private sector ambitions.

The contract, until the end of April 2018, is for the supply of an “information assurance professional”, with knowledge of identity related digital certification models, to undertake this options analysis, alongside the GDS identity team.

The award explains that GOV.UK Verify is analysing, reviewing options and making recommendations on the design of its future certification model, which will be applicable to private sector reuse.

According to the original opportunity on the Digital Outcomes and Specialists marketplace, the specialist will be working with the identity standards and fraud prevention team in the GDS identity assurance programme. This includes two identity advisors and two identity fraud analysts.

The Thoughtworks contract covers development work in several areas: eIDAS (working to consume identities from Europe, and potentially allow re-use of Verify identities in Europe); on-boarding (improving how Government services on-board to use Verify); DCS (continuous development on Document Checking Service); and hub/frontend (A/B tests, improvements to release processes). 

This month, several Open Identity Exchange (OIX) events are expected to provide some insight into where future commercial considerations around Verify and the private sector are headed.

The government recently carried out a review into the future direction of Verify, details of which have yet to fully come to light.

However GDS officials are understood to regard the review commissioned by Cabinet Office Permanent Secretary John Manzoni as supportive of Verify’s current direction. Nor does there seem to be any row-back on the Government’s Transformation Strategy of “making better use of GOV.UK Verify by working towards 25m users by 2020 and exploring options for delivery of identity services for businesses and intermediaries.”

25m users could be regarded as either a target, or perhaps simply, as someone recently suggested “an aspiration.” One way of making the target more reachable could be to push the target date out, to 2030, for example.

It is understood that there may not be any firm announcements for GOV.UK Verify until 2018, though there may be a reference in the Budget on November 22nd to future services that could use Verify for identification purposes.

Identity specialists, several of whom are sceptical of Verify, are mystified by the digital certification work, arguing that some of the issues should have been part of the initial discovery and design, rather than emerge now, six years into the Verify project.

One identity specialist, commenting on the interface between open banking and Verify said, “It will be the open banking people who rescue them. It makes eminent sense to have only one consistent approach for both sectors - for users, security, and provision of solutions. Banks have, and have to have, working (international) systems. So long as Cabinet Office try to set the rules without any money to buy what they specify (unlike the US), little progress can be expected.

“There are features of what is used for Verify which would be useful, e.g. the checking service, but it (still) needs a commercial, not just a technical proposition.”



We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.