tScheme

//tScheme
tScheme 2018-04-03T10:13:22+00:00

Registrant:

tScheme Limited
Mulberry Grove
PO Box 3653
Wokingham
Berkshire
RG40 9NN
United Kingdom

tScheme is the industry-led, self-regulatory, not-for-profit organisation set up to create strict service criteria and to approve electronic trust services, including qualified certificate services. tScheme approval will provide assurance to individuals and companies relying upon electronic transactions, enabling growth in e-business.

tScheme develops sets of criteria called Approval Profiles for commercially offered trust services. These allow service providers who are able to demonstrate that their services meet these sets of criteria to achieve added business value by using the tScheme approval mark. A contract is put in place to safeguard continuing good practice.

To obtain this necessary proof of trustworthiness, a trust service provider is assessed to the relevant profiles by an independent tScheme-recognised assessing body. A report is prepared, and if this certifies compliance with the tScheme criteria, the trust service is granted approval by tScheme Ltd, including the right to display the tScheme mark.

Membership of tScheme is open to all sectors of industry, and to trust service users, ensuring that tScheme continues to address true market priorities.

http://www.tscheme.org/

Primary Contact:
Phil Flaxton
Interim Chief Executive
+44 (0) 8702 417 497
phil.flaxton@tscheme.org

Alternate Contact:
Richard Trevorah
Technical Director

+44 (0) 8702 417 497
richard.trevorah@tscheme.org

tScheme is the Trust Body for the UK’s Trust-Service Status List (TSL) 

Directive 2006/123/EC on services in the internal market (the Services Directive) was published on 12 December 2006 and Article 8 of the Services Directive allows for relevant procedures to be completed electronically and remotely. As a result, a trust mechanism has been put in place in order to provide confidence when completing these procedures online.

tScheme Limited is the UK’s Trusted List Scheme Operator (TLSO) and creates, hosts and maintains the UK’s Trust Service-status List (TSL) on behalf of the Department for Business, Energy & Industrial Strategy (BEIS). 

Every Member State has its own TSL and each of these is referenced from a central list that is maintained by the Commission (see: EU Trusted list certificate providers – further info and policy).

The key requirements of a TLSO are to provide:

  • the tools to create and manage the TSL
  • a secure means to provide the location of and updates to the TSL
  • information for all related web pages needed to support the UK’s TSL.

Reference the ‘Electronic Signatures Guide’ document by clicking here.

Reference the current ‘United Kingdom : Trusted List’ by clicking here.

 

tScheme Approval Profiles for IdP-Related Services

The full tScheme profiles are available as PDF documents free of charge for non-commercial use. To track monitoring, you must register (free of charge) – this entitles the user to access to the restricted Approvals Profiles section. To register for access to the profiles please click here.

Base Approval Profile – tSd 0111 (Issue 3.00)

This document defines the base tScheme criteria against which Trust Services and the organisations which provide them must be successfully assessed in order to be eligible for a Grant of Approval. It is intended to be used in conjunction with individual Approval Profiles specific to particular service types.

Approval Profile for Identity Registration – tSd0108 (Issue 2.06)

This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of services to Government, individuals, system objects, corporate entities and other relying parties for the verification and registration of identity attributes.

Approval Profile for Credential Validation – tSd0109 (Issue 1.04)

This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of services to Government, individuals, system objects, corporate entities and other relying parties for the validation of credentials to enable the authentication of the identity of individuals.

Approval Profile for Attribute Registration – tSd0110 (Issue 1.00)

This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of Services to Government, individuals, system objects, corporate entities and other relying parties for the correlation of qualification evidence with an electronic identity sufficient to support addition of relevant attributes to the entity represented by the electronic identity.

Approval Profile for an Identity Provider – tSd0112 (Issue 1.00)

This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of an Identity Provider (IdP) Service.

Approval Profile for Credential Management – tSd0113 (Issue 1.00)

This document defines the tScheme criteria against which organisations must be successfully assessed in order to be eligible for a Grant of Approval for the provision of Services to Government, individuals, system objects, corporate entities and other relying parties for the management of the lifecycle of credentials used to enable the authentication of the identity of individuals.

 

tScheme Approval Profiles for PKI-Related Services

There are also a set of tScheme profiles that relate to providers of PKI Certification Authority services plus certain specific sub-service elements such as Certificate Generation, Certificate Status Management, etc. Further information can be found on the tScheme website.

More detailed information for each of the approval profiles can be found on the tScheme website.

Notes and legal disclaimer for those requesting profiles:

Anyone wishing to have access to these profiles as PDF files are required to complete the Order Form and supply an email address, upon receipt and confirmation of your details, we will send you a user name and password for the Profiles Online restricted area, where they can be downloaded and viewed. To monitor the distribution and for marketing purposes, your details will be kept and you may receive further information from tScheme. We will not pass on your details to third parties, but if you do not want us to retain your data, please make this clear when confirming your order. tScheme is registered in the UK under the Data Protection Act.

The Profiles and other documents have been copyrighted by tScheme. They, and any subsequently produced documents, remain the intellectual property of tScheme Limited, and should not be distributed or reproduced in any way without prior consent from tScheme Limited. Ordering a copy of a profile in no way constitutes tScheme approval or membership. If you wish to submit a service for tScheme approval please contact tScheme directly. The Profiles are free for non-commercial use. By this we are not restricting access to businesses, but rather the Profiles must not be used in a way that directly generates revenue.

Grants of Approval

The following organizations have received a grant of approval from tScheme that they have satisfied the criteria defined in the tScheme Approval Profiles for either IdP- or PKI-related services and are registered:

Organization Trust Service Approval Date Renewal Date
Digidentity BV Identity Provider Service for Verify 30 April 2015
GB  Group Plc ID3global Service 12 February 2015
Verizon Universal Identity Service 11 February 2015
Experian Limited Identity as a Service (IDaaS) Service 21 October 2014 February 2016
Metropolitan Police Service Enterprise PKI 14 December 2012 March 2016
BT Managed Secure Messaging Service 8 March 2011 May 2016
Home Office Technology Police Service IAM Central Services CA 25 February 2011 February 2014
Home Office Technology Police Service Root CA 25 February 2011 February 2014
UK Ministry of Defence Defence Root CA Service 29 September 2010 September 2015
Registers of Scotland ARTL Service 12 May 2008 November 2015
Health and Social Care Information Centre Root CA for NHS PKI Service 29 November 2007 June 2016
BT plc Assure Public Key Infrastructure 27 May 2002 May 2016
Trustis Ltd Certificate Factory 27 May 2002 May 2016
The Royal Bank of Scotland Group Trustassured Service 11 February 2002 May 2016