Policy paper

UK digital identity and attributes trust framework: use of expired documents as identity evidence

Updated 20 July 2023

About this document

Good Practice Guide (GPG) 45, how to prove and verify someone’s identity, states that in some circumstances documents can be accepted as identity evidence after they have expired. This guidance provides additional detail on how digital identity and attribute providers that are certified against the UK digital identity and attributes trust framework should treat expired documents as identity evidence.

Rules for accepting expired documents

Although in-date documents should be used when available, in some circumstances you may accept documents after they have expired. There is no obligation to accept expired documents, but if you do choose to accept them, you must:

• only accept passports, up to a maximum of 12 months after they have expired
• consider any legislation or guidance that may be relevant to a specific sector or use case and impacts the use of expired passports

You may apply additional restrictions to your acceptance of expired documents. For example, you may choose to only accept expired passports with NFC chips issued by specific countries, or for a maximum of 6 months. You may decide to set restrictions yourself, or they may be determined by other organisations, such as your relying parties. They may also be determined by the requirements of a scheme of which you are a member.

For checks that are being conducted as part of a trust framework scheme you are certified against, you must make sure that your treatment of expired documents is compatible with relevant scheme requirements.