Registrant:
tScheme Limited
Mulberry Grove
PO Box 3653
Wokingham
Berkshire
RG40 9NN
United Kingdom
tScheme is the industry-led, self-regulatory, not-for-profit organisation set up to create strict service criteria and to approve electronic trust services, including qualified certificate services. tScheme approval will provide assurance to individuals and companies relying upon electronic transactions, enabling growth in e-business.
tScheme develops sets of criteria called Approval Profiles for commercially offered trust services. These allow service providers who are able to demonstrate that their services meet these sets of criteria to achieve added business value by using the tScheme approval mark. A contract is put in place to safeguard continuing good practice.
To obtain this necessary proof of trustworthiness, a trust service provider is assessed to the relevant profiles by an independent tScheme-recognised assessing body. A report is prepared, and if this certifies compliance with the tScheme criteria, the trust service is granted approval by tScheme Ltd, including the right to display the tScheme mark.
Membership of tScheme is open to all sectors of industry, and to trust service users, ensuring that tScheme continues to address true market priorities.
Primary Contact:
Phil Flaxton
Interim Chief Executive
+44 (0) 8702 417 497
[email protected]
Alternate Contact:
Richard Trevorah
Technical Director
+44 (0) 8702 417 497
[email protected]
tScheme is the Trust Body for the UK’s Trust-Service Status List (TSL)
Directive 2006/123/EC on services in the internal market (the Services Directive) was published on 12 December 2006 and Article 8 of the Services Directive allows for relevant procedures to be completed electronically and remotely. As a result, a trust mechanism has been put in place in order to provide confidence when completing these procedures online.
tScheme Limited is the UK’s Trusted List Scheme Operator (TLSO) and creates, hosts and maintains the UK’s Trust Service-status List (TSL) on behalf of the Department for Business, Energy & Industrial Strategy (BEIS).
Every Member State has its own TSL and each of these is referenced from a central list that is maintained by the Commission (see: EU Trusted list certificate providers - further info and policy).
The key requirements of a TLSO are to provide:
- the tools to create and manage the TSL
- a secure means to provide the location of and updates to the TSL
- information for all related web pages needed to support the UK’s TSL.
Reference the ‘Electronic Signatures Guide’ document by clicking here.
Reference the current ‘United Kingdom : Trusted List’ by clicking here.
tScheme Approval Profiles for IdP-Related Services
The full tScheme profiles are available as PDF documents free of charge for non-commercial use. To track monitoring, you must register (free of charge) - this entitles the user to access to the restricted Approvals Profiles section. To register for access to the profiles please click here.
Base Approval Profile - tSd 0111 (Issue 3.00)
This document defines the base tScheme criteria against which Trust Services and the organisations which provide them must be successfully assessed in order to be eligible for a Grant of Approval. It is intended to be used in conjunction with individual Approval Profiles specific to particular service types.
Approval Profile for Identity Registration - tSd0108 (Issue 2.06)
This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of services to Government, individuals, system objects, corporate entities and other relying parties for the verification and registration of identity attributes.
Approval Profile for Credential Validation - tSd0109 (Issue 1.04)
This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of services to Government, individuals, system objects, corporate entities and other relying parties for the validation of credentials to enable the authentication of the identity of individuals.
Approval Profile for Attribute Registration - tSd0110 (Issue 1.00)
This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of Services to Government, individuals, system objects, corporate entities and other relying parties for the correlation of qualification evidence with an electronic identity sufficient to support addition of relevant attributes to the entity represented by the electronic identity.
Approval Profile for an Identity Provider - tSd0112 (Issue 1.00)
This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of an Identity Provider (IdP) Service.
Approval Profile for Credential Management - tSd0113 (Issue 1.00)
This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of Services to Government, individuals, system objects, corporate entities and other relying parties for the management of the lifecycle of credentials used to enable the authentication of the identity of individuals.
tScheme Approval Profiles for PKI-Related Services
There are also a set of tScheme profiles that relate to providers of PKI Certification Authority services plus certain specific sub-service elements such as Certificate Generation, Certificate Status Management, etc. Further information can be found on the tScheme website.
More detailed information for each of the approval profiles can be found on the tScheme website.
Notes and legal disclaimer for those requesting profiles:
Anyone wishing to have access to these profiles as PDF files are required to complete the Order Form and supply an email address, upon receipt and confirmation of your details, we will send you a user name and password for the Profiles Online restricted area, where they can be downloaded and viewed. To monitor the distribution and for marketing purposes, your details will be kept and you may receive further information from tScheme. We will not pass on your details to third parties, but if you do not want us to retain your data, please make this clear when confirming your order. tScheme is registered in the UK under the Data Protection Act.
The Profiles and other documents have been copyrighted by tScheme. They, and any subsequently produced documents, remain the intellectual property of tScheme Limited, and should not be distributed or reproduced in any way without prior consent from tScheme Limited. Ordering a copy of a profile in no way constitutes tScheme approval or membership. If you wish to submit a service for tScheme approval please contact tScheme directly. The Profiles are free for non-commercial use. By this we are not restricting access to businesses, but rather the Profiles must not be used in a way that directly generates revenue.
Grants of Approval
The following organizations have received a grant of approval from tScheme that they have satisfied the criteria defined in the tScheme Approval Profiles for either IdP- or PKI-related services and are registered:
| Organization | Trust Service | Approval Date | Renewal Date |
|---|---|---|---|
| Digidentity BV | Identity Provider Service for Verify | 30 April 2015 | |
| GB Group Plc | ID3global Service | 12 February 2015 | |
| Verizon | Universal Identity Service | 11 February 2015 | |
| Experian Limited | Identity as a Service (IDaaS) Service | 21 October 2014 | February 2016 |
| Metropolitan Police Service | Enterprise PKI | 14 December 2012 | March 2016 |
| BT | Managed Secure Messaging Service | 8 March 2011 | May 2016 |
| Home Office Technology | Police Service IAM Central Services CA | 25 February 2011 | February 2014 |
| Home Office Technology | Police Service Root CA | 25 February 2011 | February 2014 |
| UK Ministry of Defence | Defence Root CA Service | 29 September 2010 | September 2015 |
| Registers of Scotland | ARTL Service | 12 May 2008 | November 2015 |
| Health and Social Care Information Centre | Root CA for NHS PKI Service | 29 November 2007 | June 2016 |
| BT plc | Assure Public Key Infrastructure | 27 May 2002 | May 2016 |
| Trustis Ltd | Certificate Factory | 27 May 2002 | May 2016 |
| The Royal Bank of Scotland Group | Trustassured Service | 11 February 2002 | May 2016 |