New Zealand Starts Bid for Digital ID Trust Register

Published Date : 8/7/2025 

New Zealand's Department of Internal Affairs (DIA) has announced a tender for a digital identity trust framework register, set to be published at the end of August. The framework aims to enhance digital credential issuance and protect biometric data privacy. 

A tender will soon launch for a digital identity, IT, or cybersecurity provider to supply and implement a trust framework register for New Zealand. Advanced notice of a request for proposals (RFP) published this week will close at the beginning of next Wednesday, August 13, local New Zealand time. The DIA expects the RFP itself to be published at the end of August.

The RFP for a digital credential issuance platform was launched near the end of July, the same day its advanced notice closed. New Zealand’s government published the Digital Identity Services Trust Framework Rules 2024 just weeks ago. The rules specify the standards ID documents and credentials must comply with, including the W3C Verifiable Credential Data Model, the ISO/IEC 18013-5: Mobile driving licence (mDL) application, or ISO/IEC 23220 series. The Framework also stipulates to minimize the risk of a breach of biometrics or other sensitive data and prohibits server retrieval during credential presentations.

The country also rolled out a biometric data privacy code this week that sets necessity, privacy safeguard, and proportionality requirements for the use of facial recognition and other biometrics. Biometric samples must be collected directly from individuals, except in specific circumstances, and data subjects must be notified that their biometric data has been collected, by who and why.

One of the next steps for New Zealand’s Department of Internal Affairs (DIA) is setting up a trust register listing credential and service providers that are accredited under the framework. It will take the form of a centralized, standards-based platform for communicating the accreditation status of digital identity providers and services. This register is a crucial component of the broader digital identity ecosystem, ensuring transparency and trust in the digital identity landscape.

The DIA's efforts to establish a robust digital identity framework are part of a broader strategy to enhance digital services and protect citizens' data. By implementing these measures, New Zealand aims to create a secure and efficient digital environment that fosters innovation and trust in digital transactions. 

Frequently Asked Questions (FAQS): 

Q: What is the purpose of the trust framework register?

A: The trust framework register is a centralized, standards-based platform that lists accredited digital identity providers and services. It ensures transparency and trust in the digital identity ecosystem.

Q: When will the RFP for the trust framework register be published?

A: The RFP for the trust framework register is expected to be published at the end of August, following the advanced notice which closes on August 13.

Q: What standards must ID documents and credentials comply with according to the Digital Identity Services Trust Framework Rules 2024?

A: ID documents and credentials must comply with the W3C Verifiable Credential Data Model, the ISO/IEC 18013-5: Mobile driving licence (mDL) application, or the ISO/IEC 23220 series.

Q: What does the biometric data privacy code require?

A: The biometric data privacy code sets requirements for the use of facial recognition and other biometrics, including necessity, privacy safeguards, and proportionality. Biometric samples must be collected directly from individuals, and data subjects must be notified of their data collection, by who, and why.

Q: What is the role of New Zealand's Department of Internal Affairs (DIA) in this process?

A: The DIA is responsible for setting up the trust register and ensuring that digital identity providers and services are accredited under the framework. This includes publishing the RFP and implementing the trust framework rules. 

More Related Topics :