The Trusted Digital Identity Framework (TDIF) is an accreditation framework for Digital Identity services.
It sets out the requirements that applicants need to meet to achieve accreditation. The TDIF makes sure all providers meet strict rules and standards for usability, accessibility, privacy protection, security, risk management, fraud control and more.
The TDIF also includes guidance material and templates to support providers to meet TDIF requirements.
On this page
The current TDIF accreditation program
The Australian Government provides two options for TDIF accreditation:
- to only seek accreditation under TDIF; or
- to seek accreditation under TDIF and participate in the Australian Government Digital Identity System (the System). Note: Currently only government agencies and government digital identity services can be onboarded to the System.
Entities may choose to be accredited under TDIF. This demonstrates that their digital identity services are trusted, safe and secure and built to the standards set by the Australian Government. These services are not, however, onboarded to the System.
To provide digital identity services in the System, entities must be accredited under TDIF and onboarded to the System.
Current options for identity services to engage with the System:
The Australian Government is accrediting a number of businesses under the TDIF as a part of testing the readiness of the Australian Government Digital Identity System to expand beyond the Australian Government. This is an exciting next step in the roll out of the Digital Identity program.
TDIF accreditation has been granted to the services listed below.
An identity provider can create, maintain or manage information about a person’s identity, and offer identity-based services. Relying parties need to be confident that the person they provide a service to is who they say they are. The level of confidence they need depends on the type of service they are providing, and the consequences if they provided it to the wrong person. Identity providers help boost relying parties’ confidence in a person’s digital identity by collecting, verifying, and validating attributes that confirm a person’s identity to an appropriate identity proofing level (IP).
|Service name||Provider||Service type||Accredited identity proofing levels||Verification type||Accreditation date||Accreditation status|
|Digital iD||Australia Post||Mobile application||IP2 (Standard)||Reusable identity||17 May 2019||Active|
|myGovID||Australian Tax Office||Mobile application||IP1, IP2 (Basic, Standard)||Reusable identity||30 May 2019||Active|
|OCR Labs||OCR Labs||Mobile application||IP2 (Standard)||One-off verification||8 July 2021||Active|
|myGovID||Australian Tax Office||Mobile application||IP3 (Strong)||Reusable identity, biometric enabled||30 August 2021||Active|
|OCR Labs||OCR Labs||Mobile application||IP3 (Strong)||One-off verification, biometric enabled||7 March 2022||Active|
|ID||Mastercard||Mobile application||IP1+ (Basic)||Reusable identity||21 July 2022||Active|
Credential providers can generate, bind and distribute credentials to individuals or can bind and manage credentials generated by individuals. For services in which return visits are applicable, a successful authentication provides risk-based assurances that the individual accessing the service today is the same individual who accessed the service previously. The robustness of this confidence is described by a credential level (CL) categorisation.
|Service name||Provider||Service type||Accredited credential levels||Accredited credential types||Accreditation date||Accreditation status|
|Digital iD||Australia Post||Mobile application||CL2||Multi-factor AuthN||17 May 2019||Active|
|myGovID||Australian Tax Office||Mobile application||CL2||MF Crypto Software||30 May 2019||Active|
|ID||Mastercard||Mobile application||CL2||MF Crypto Software||21 July 2022||Active|
Identity exchanges convey, manage and coordinate the flow of identity attributes and assertions between members (identity providers, credential providers, attribute providers and relying parties) of an identity federation.
|Service name||Provider||Interoperability statement||Accreditation date||Accreditation status|
|Exchange||Services Australia||The Exchange supports relying parties using OpenID Connect 1.0 or SAML.||13 May 2019||Active|
|connectID||eftpos||The exchange brokers authentication and identity requests using OpenID Connect 1.0||15 September 2021||Active|
|ID||Mastercard||The exchange brokers authentication and identity requests using OpenID Connect 1.0||10 June 2022||Active|
Attribute providers generate and manage attributes and claims about an individual, business or organisation that are provided to relying parties to support their decision-making processes. An attribute provider represents an authoritative source for a selected set of authorisation, qualification, self-asserted, entitlement, or platform attributes under the TDIF.
|Service name||Provider||Accredited attribute class||Attributes||Accreditation date||Accreditation status|
|Relationship Authorisation Manager (RAM)||Australian Tax Office||Authorisation||Business authorisations||20 June 2019||Active|
|myGov||Services Australia||Platform||myGov LinkID||25 August 2021||Active|
Applying for TDIF accreditation
Thanks for your interest in TDIF accreditation. We welcome organisations and government agencies interested in being accredited under the TDIF.
Before submitting your application, we ask that you request a pre-engagement meeting with the Digital Transformation Agency by emailing email@example.com, including a description of your organisation and the identity system proposed for accreditation.
Our Accreditation/ Engagement team will contact you to organise a meeting which will include next steps and how to submit a formal application.
To become a TDIF accredited provider, applicants are required to demonstrate how their Digital Identity service meets requirements for:
- accessibility and usability
- privacy protection
- security and fraud control
- risk management
- technical integrity and more.
For more information about the accreditation process, go to TDIF 03 Accreditation Process.
Once accredited, providers need to continually demonstrate they meet their TDIF obligations by undergoing annual assessments. For more information, go to TDIF 07 Maintain Accreditation.
TDIF policy documents
The TDIF is currently made up of 13 policies. Additional policies will be added as required and as we learn more about user needs.
(Note: We aim to meet the Australian Government’s web accessibility requirements with the documents below. However, if you require a more accessible version, please contact us.)
01 – Glossary of Abbreviations and Terms [PDF, 882KB] includes a list of acronyms and defines the key abbreviations and terms used in the TDIF.
02 – Overview [PDF, 821KB] provides a high-level overview of the TDIF.
03 – Accreditation Process [PDF, 1MB] sets out the process and requirements an applicant is required to complete to achieve TDIF accreditation.
04 – Functional Requirements [PDF, 986KB] outlines requirements applicable to the accredited roles, including fraud control, privacy, protective security, user experience and technical testing. It also includes a series of functional assessments to be undertaken by the applicant to achieve TDIF accreditation, including a privacy impact assessment (PIA), privacy assessment, security assessment, penetration test and an accessibility assessment against the Web Content Accessibility Guidelines.
04A – Functional Guidance [PDF, 997KB] provides guidance to applicants on meeting the requirements set out in the TDIF 04 Functional requirements.
05 – Role Requirements [PDF, 1.2MB] includes user terms and lifecycle management requirements applicable to the accredited roles.
05A – Role Guidance [PDF, 1.4MB] provides guidance to applicants on meeting requirements set out in the TDIF 05 Role requirements.
06 – Federation Onboarding Requirements [PDF, 810KB] outlines the requirements to be met when an applicant’s identity system is approved to onboard to the Australian Government’s identity federation. This document includes functional requirements, technical integration testing requirements, operating obligations and the accreditation requirements for an identity exchange.
06A – Federation Onboarding Guidance [PDF, 1.42MB] provides guidance to applicants on meeting requirements set out in the TDIF 06 Federation onboarding requirements.
06B – OpenID Connect 1.0 Profile [PDF, 1.3MB] describes how OpenID Connect 1.0 is used within the Australian Government’s identity federation.
06C – SAML 2.0 Profile [PDF, 957KB] describes how SAML 2.0 is used within the Australian Government’s identity federation.
06D – Attribute Profile [PDF, 1MB] describes the attributes used within the Australian Government’s identity federation and how these are mapped in the OpenID Connect 1.0 Profile and SAML 2.0 Profile.
07 – Maintain Accreditation [PDF, 860KB] sets out the process and requirements an accredited provider is required to complete by the anniversary of their initial accreditation date to remain TDIF accredited.
The following templates are provided as guidance for applicants and can help support their accreditation effort.
TDIF Accreditation Requirements – template [XLS, 927KB] includes all TDIF requirements.
TDIF Application for Accreditation Letter – template [docx, 93KB] a template for the TDIF Accreditation Letter as required in the TDIF 03 Accreditation Process.
TDIF Application for Variation of Accreditation Letter – template [docx, 100KB] a template for the TDIF Accreditation Letter as required in the TDIF 03 Accreditation Process.
TDIF Statement of Claims - form [PDF, 395KB] to be completed and submitted with the TDIF Application for Accreditation Letter or Application for Variation of Accreditation Letter as required in the TDIF 03 accreditation process.
TDIF Attestation Letter (Initial Assessment) – template [docx, 59KB] a template for the TDIF Qualifying Attestation Letter as required in the TDIF 03 Accreditation Process.
TDIF Attestation Letter (Annual Assessment) – template [docx, 58KB] a template for the TDIF Qualifying Attestation Letter as required by the TDIF 07 Maintain Accreditation requirements.
TDIF Fraud Control Plan – template [docx, 116KB] sets out the standard assessment requirements to be covered by an applicant’s Fraud Control Plan.
TDIF Cryptographic Key Management Plan – template [docx, 96KB] sets out the requirements to be covered by an applicant’s Cryptographic Key Management Plan.
TDIF Privacy Impact Assessment (PIA) Report – template [docx, 146KB] sets out the standard assessment requirements to be covered by an applicant’s PIA Functional Assessment Report.
TDIF Privacy Assessment Report – template [docx, 141KB] sets out the specific assessment requirements to be covered by an applicant’s Privacy Assessment Functional Assessment Report.
TDIF Penetration Test Report – template [docx, 105KB] sets out the standard assessment requirements to be covered by an applicant’s Penetration Test Functional Assessment Report.
TDIF Security Assessment Report – template [docx, 166KB] sets out the specific assessment requirements to be covered by an applicant’s Security Assessment Functional Assessment Report.
TDIF Accessibility Assessment Report – template [docx, 107KB] sets out the standard assessment requirements to be covered by an applicant’s Accessibility Assessment Functional Assessment Report.
TDIF Exemption Request Form [docx, 244KB] to be used when submitting an exemption request as required by TDIF 03 Accreditation Process.
Test report – PAD Algorithm – template [docx, 390KB] sets out a standard test report as required for applicants that undergo PAD capability biometric testing as part of Online Biometric Binding.
Test report – Biometric Matching Algorithm – template [docx, 389KB] sets out a standard test report as required for applicants that undergo biometric testing as part of the Technical Biometric Binding.
All changes made to the TDIF are published in accordance with the TDIF Variation Standard Operating Procedure. All changes to the TDIF documents are recorded in the TDIF Change Log, available below.
TDIF Variation Standard Operating Procedure [PDF, 440KB] sets out the procedure for implementing requested changes to the TDIF.
TDIF Change Request Form [PDF, 149KB] use this form to request any changes to the TDIF.
TDIF Change Log – June 2022 [XLS, 1MB] records any changes made to the TDIF before July 2022.