Translation missing: en.content_item.schema_name.open_call_for_evidence

Adoption of trust services: call for views

Published 4 August 2025

Executive summary  

Trust services like electronic signatures are digital tools that make online transactions more secure and reliable. They do this by confirming the authenticity and integrity of electronic documents and transactions.  

There is an existing UK legal framework for trust services, and the Information Commissioner’s Office (ICO) is the established regulator. However, despite this infrastructure being in place and the increasing digitisation of the UK economy, there are no registered qualified trust service providers in the UK. We don’t have evidence that qualified trust services are widely used, and where they are used, the market currently relies on providers registered in the EU for the provision of qualified trust services. 

This call for views is open for response until 20 September 2025 and aims to collect essential information about the UK trust services market to help inform government policy development. If the call for views suggests government action is needed, we will seek to gather information more widely, including from individuals. At the moment, we are focused on gathering views from organisations providing trust services in the UK and those that do or could make use of them.   

The trust services landscape in the UK 

Trust services are digital tools that make online transactions more secure and reliable by verifying the authenticity and integrity of electronic documents and transactions. Electronic signatures (or ‘e-signatures’) are the most popular type of trust services, but they are just one of the trust services recognised under UK law. 

The UK eIDAS Regulation, i.e. Regulation (EU) 910/2014 on electronic identification and trust services for electronic transactions in the internal market (‘UK eIDAS‘) recognises: 

a. the creation, verification, and validation of the following types of trust services: 

• E-signatures are a popular example of trust services. These products provide a digital method of signing documents, negating the need to print, sign, and scan documents. 

• Electronic seals (or ‘e-seals’) are similar to e-signatures, but are typically used by corporations, where e-signatures are for individuals. E-seals are digital equivalents of company stamps or seals.  

• Electronic time stamps create a digital record that certifies when a document, file, or message was created, sent, or signed.  

• Electronic registered delivery services similarly authenticate the specific time a document was sent or received, acting as a kind of secure online proof of posting or recorded delivery service. They provide proof that information was sent and received electronically, and that it was not intercepted or altered on the way. Both are relevant in litigation or forensic investigations. 

b. Certificates for the services above providing the underlying data which make the trust services work, e.g. they confirm the origin and authenticity of signed or sealed data of a document. 

c. The creation, verification and validation of certificates for website authentication, which identify the person or company behind a website and help to verify that the website is genuine. 

d. The preservation of electronic signatures, seals or certificates related to those services, which ensures their legal validity over extended periods of time. 

The ICO has published guidance on each type of these trust services. 

Types of trust services

Trust services can be offered to provide varying levels of confidence: simple, advanced and qualified. The term ‘simple’ is not defined in UK eIDAS, but is used in the industry to refer to trust services that do not satisfy the relevant regulatory requirements for ‘advanced’ and ‘qualified’. ‘Simple’ trust services provide a relatively lower level of confidence. ‘Advanced’ trust services offer higher levels of assurance and security. ‘Qualified’ trust services can provide even higher evidentiary weight and a high level of technical security.  

An Industry Working Group on the Electronic Execution of Documents (“Industry Working Group”)^{[footnote 1]} noted in their eSignatures interim report that parties to high-value or important transactions may wish to have better quality electronic signatures, such as advanced or qualified electronic signatures. 

Trust services in practice

Different types of e-signatures illustrate what the different levels of security mean in practice: 

• Simple: Simple e-signatures may be offered by any organisation. These e-signatures do not need to meet any regulatory requirements of identification or security and are not regulated under UK eIDAS. For example, typing your name in a document or in an email is considered a simple e-signature.  

• Advanced: Advanced e-signatures may be offered by any organisation and must meet the requirements set out in UK eIDAS. These signatures are uniquely linked to the person signing and can detect any changes made to the data afterwards. Most advanced e-signatures are based on public key infrastructure (PKI).  

• Qualified: Qualified signatures are the most secure and may only be offered by qualified trust services providers (QTSPs). They are advanced electronic signatures created by a qualified electronic signature creation device and based on a qualified certificate for electronic signatures. 

• Multinational organisations operating in the UK provide popular simple signature options, as well as advanced and qualified services in the UK.  

The regulatory landscape 

The Information Commissioners Office (ICO)

Under the UK eIDAS Regulation, ‘qualified’ trust services may only be offered by providers who have been granted qualified status by the ICO.  

The ICO is the UK regulator for trust services in the UK. It has powers under UK eIDAS and the Electronic Identification and Trust Services for Electronic Transactions Regulations 2016 (2016/696) (‘EITSET’) to:

• grant and revoke qualified status for trust service providers established in the UK
• approve or reject qualified trust services
• report on security breaches
• carry out audits
• take enforcement action

See the ICO’s guidance on becoming a qualified trust service provider:

Following ICO approval, information about a qualified trust service provider and the qualified services they offer are published in the UK ‘trusted list’. This list can be used to verify the qualified status of a trust service. 

UK eIDAS

UK eIDAS is the legal framework for the provision of trust services in the UK. It is the UK version of the EU’s trust services regulation which was amended and retained as UK domestic law on EU exit. The Data (Use and Access) Act 2025 amends UK eIDAS to ensure that the UK trust service legal framework is functioning effectively and can continue to do so in the future. The trust services provisions in the Data (Use and Access) Act 2025 are summarised in a Office for Digital Identity and Attributes blog about enhancing digital trust through trust services.

UK eIDAS allows for QTSPs that are registered in the EU to operate in the UK and provide qualified electronic signatures, seals, time stamps and registered delivery services. In 2024, the EU amended its eIDAS regulation (“EU eIDAS”) to create a legislative underpinning for the new EU Digital Identity Wallet and an extended range of trust services. However, the new EU trust services do not have legal effect in the UK. There is no reciprocal arrangement between the UK and the EU for trust services providers who are registered in the UK, to operate in the EU.   

The size of the UK trust services market 

Evidence about the size of the trust services market in the UK is limited. The digital identity sectoral analysis conducted by the Department of Science, Innovation and Technology (DSIT) in 2024 reports that of identified digital identity service providers, 34% offer trust services (including electronic seals, signatures, and certificates), and that those offering trust services generated an estimated revenue of £136 million in 2023 – 2024.  

Currently, there are no UK-registered qualified trust service providers. Companies in the UK that wish to use the more secure qualified trust services can currently only use providers registered in an EU Member State.  

This call for views aims to build a picture of the UK trust services market. It welcomes views on the value of the UK regulatory framework for trust services from organisations that:

• offer trust services
• use trust services

Questions in this section collect evidence on the services being offered by trust service providers and are asked only to organisations that offer trust services

• What type of trust services does your organisation currently offer?

• What affects your organisation’s decision about which type of trust services to offer?

• Is your organisation registered as a qualified trust service provider (QTSP)?

• Where is your organisation registered as a QTSP?

• Why has your organisation chosen not to register as a QTSP in the UK?

Questions in this section collect evidence on trust service usage

• Does your organisation use trust services?

• How long has your organisation used trust services for? 

E-signature adoption across government 

Transfers of property ownership 

In 2020, HM Land Registry (HLMR) removed the requirement for a handwritten (wet) signature when buying a property and started accepting electronically signed documents. Since then, HMLR has also trialled qualified electronic signatures that remove the need for a witness to sign the document and now accepts documents signed with a qualified electronic signature (QES). In the early phases of market adoption of QES, HMLR is looking for parties who can test different technologies and routes in to ensure each new path works as intended. 

Income tax / PAYE refunds 

Anyone filing income tax or PAYE refunds requests with HM Revenue and Customs (HMRC) must use advanced e-signatures . Handwritten (wet) signatures are only accepted by exception. This use case is the only instance of the government mandating the use of a particular type of e-signature in the UK. 

International document authentication 

The Foreign, Commonwealth and Development Office (FCDO) runs an e-Apostille service for customers based in the UK who need to show the legal validity or authenticity of documents going overseas. To create an e-Apostille, the FCDO takes the original file which a customer has uploaded and signed with an advanced electronic signature or a QES, then combines it with the Legalisation Office’s own QES. In 2024 the FCDO Legalisation Office issued 596,940 apostilles in total, of which 3,752 (0.63%) were e-Apostilles. 

Registrars of Scotland 

In Scotland, the Register of Deeds accepts electronic documents signed by a QES, subject to limited exceptions (i.e. deeds which also require to be registered in one of the Scottish Property Registers, wills, testamentary trust disposition and settlements, and codicils are not accepted with digital signatures).

Electronic wills 

The Law Commission has undertaken a major review on modernising the law of wills, and published recommendations, including that legislative reform is required to enable electronic wills to become legally valid. It also recommended that detailed regulations should be developed to establish how requirements to formalise wills will be completed and safeguards preserved.^{[footnote 2]}

Benefits of using trust services 

In a digital world, where electronic documents and electronic communications are the norm, trust services are useful digital tools designed to authenticate and therefore secure transactions. They can be particularly reassuring as a mitigation against fraud when high-value business is being conducted. For this reason, trust services can increase confidence and security in electronic transactions, domestically and across borders. By enabling more transactions to be delivered electronically with confidence, they can reduce business costs. 

E-signatures, for example, can offer significant benefits for signatories, in comparison to their physical counterparts. Completing a contract with a handwritten (wet) signature, has higher economic and environmental costs as it often involves an individual travelling to a location to sign and contracts having to be printed on paper. The time and efficiency savings mean that electronic signatures are comparatively cheaper for both the signatory and the person requiring a document to be authenticated.  

The benefits of adopting e-signatures were recognised by the Law Commission in their 2019 Report on the ‘Electronic Execution of Documents’ and by the Industry Working Group on the Electronic Execution of documents established by the Ministry of Justice in their interim report and final report.

Unlike in some European countries, neither advanced nor qualified e-signatures are widely used in the UK.^{[footnote 3]} Instead, there is a tendency to opt for more traditional methods of completing transactions (such as wet signatures), or free and less secure electronic options (such as simple e-signatures or typing a name on an electronic document).  

The Industry Working Group suggested that the low adoption of qualified e-signatures was due to various factors: 

• a perception of e-signatures being overly technical, which discourages their adoption^{[footnote 4]}
• a lack of accessible guidance to navigate complex legislation and technical requirements,^{[footnote 5]}
• protracted steps to signing as compared to the familiar “print, sign, scan and email” process
• concerns in relation to using e-signatures in cross-border transactions, due to uncertainty around unfamiliar laws, costs, and enforceability^{[footnote 6]}

This call for views welcomes your views on the benefits you see in trust services, and why there is low adoption of trust services in the UK.  

Questions in this section collect evidence on organisations’ views on the future of the trust service market and are asked to all organisations.

• Does your organisation think that the government should take action to stimulate a qualified trust services market in the UK?

• Does your organisation think that the government should take action to increase the number of organisations offering services of UK-registered QTSPs?

• If you would like to take this opportunity to provide additional comment on the future adoption of trust services, please do so using the text box below.

Trust services and verified identity 

Since 2020, the Department has been responsible for publishing a technical document, the UK digital identity and attributes trust framework (‘the trust framework’), which sets out rules and standards that show for what ‘good’ digital identity services look like. Digital Verification Service (‘DVS’) providers can choose to be independently certified against the trust framework. 

The Data (Use and Access) Act 2025 places the trust framework onto a statutory footing. The Act also enables DVS providers who have services that are independently certified against the trust framework to apply to appear on a public register, established and maintained by OfDIA on behalf of the Secretary of State, as a registered DVS provider. 

Currently, over 50 services are independently certified against the non-statutory version of the trust framework and appear on a list of certified providers run by OfDIA and provide thousands of digital identity checks for purposes such as right to work, right to rent, and disclosure and barring services every month. 

The trust framework currently allows for qualified trust service providers to work with DVS certified against the trust framework to provide identity verification where required for the delivery of qualified trust services.  However, there is currently no corresponding reference in the UK eIDAS to recognise the use of digital verification services certified against the trust framework as a method of verifying identity for the purposes of UK eIDAS Article 24(1). 

This call for views welcomes your views on the advantages and disadvantages of creating clearer connections between the UK digital identity and attributes trust framework and the UK eIDAS regulation.  

Question

• Does your organisation think that the government should make clear how QTSPs can work with registered DVS providers? 

How to respond

Take this opportunity to shape our future work and trust services policy.

The call for views will be open for 6 weeks, from 4 August 2025. The closing date for responses is 11.59pm on 20 September 2025.

1. The Industry Working Group on the Electronic Execution of Documents (“Industry Working Group”) was set up following a recommendation of the Law Commission. ↩

2. The Law Commission, Wills, Final Report, part 1, paragraph 8.174. ↩

3. Industry Working Group on eSignatures interim Report, Paragraph 32, Interim Report. ↩

4. Industry Working Group on eSignatures interim Report, Para 33, Interim Report. ↩

5. Industry Working Group on eSignatures interim Report, Para 35, Interim Report. ↩

6. The Law Commission, Wills, Final Report, part 1, paragraph 8.174. ↩