Updated: February 2026
Guidance: Safe use of flash pass presentation
This guidance provides information to Facilitation Service providers, Users and Relying Parties on the safe use of "flash pass" credential presentations.
Guidance: Server Retrieval for Verifiable Credentials
This document provides guidance for the design and implementation of digital identity services, on the Server Retrieval Method in the context of Verifiable Credentials.
Practice note: Changes to key or specified information
This practice note provides guidance to Trust Framework providers on how to identify changes the TFA must be informed of.
Practice Note: Updates to the Trust Framework Rules
This practice note provides information for providers on updates to the Trust Framework Rules.
Practice note: Data breach or loss and cybersecurity attacks
This practice note provides information for providers on data breach or loss and cybersecurity attacks.
Practice note: Individuals to be identified in an application for TF accreditation
This practice note provides guidance to applicants seeking Trust Framework accreditation on how to identify salient individuals within their organisation.
Practice note: Scoping of Services
This practice note provides guidance for providers when defining the scope of service(s) for accreditation and when defining the scope of independent evaluations.
Practice note: The DISTF and s11 of the Privacy Act
This practice note sets out the Trust Framework Authority’s interpretation of how section 11 of the Privacy Act 2020 applies in the context of digital identity services and, in particular, Part 4 of the Digital Identity Services Trust Framework (Trust Framework) Rules.
Application
Trust Framework Authority application guidance for providers
Guidance document for digital identity service providers seeking accreditation under the Trust Framework.
Trust Framework Authority application form
Application form for digital identity service providers seeking accreditation under the Trust Framework. The application form must be completed and returned to the Trust Framework Authority with relevant documents.
This form ensures that applicants have the authority to submit applications on behalf of the provider and must be completed as part of the application process.
Privacy
Trust Framework Authority independent privacy evaluation template
Template to be completed by the independent privacy evaluator with the findings from the independent evaluation (required for an application for Trust Framework accreditation).
Security
Trust Framework Authority independent security evaluation template
Template to be completed by the independent security evaluator with the findings from the independent evaluation (required for an application for Trust Framework accreditation).
Evaluators should note that this template differs from the previous version (dated July 2025). If an evaluation has commenced using the previous version, the previous version may be completed and included in an application for assessment. The new version must be completed for all new applications.
Identification Management
Applicants must obtain and provide either an evaluation of conformance with the New Zealand Identification Standards OR an identification management evaluation from an independent identification management evaluator.
Trust Framework Authority independent identification management evaluation template
Template to be completed by the independent identification management evaluator with the findings from the independent evaluation (required for an application for Trust Framework accreditation).
Guide for identification standards evaluation and conformance
Guidance to support providers in preparing for their evaluation of conformance with the New Zealand Identification Standards.
Trust Framework Authority facilitation services credential format questionnaire
Applicants applying for accreditation of facilitation services need to complete this credential format questionnaire which outlines how they comply with ISO 18013-5, ISO 18013-7, ISO 23220 series and/or the W3C Verifiable Credentials Data Model.
Trust Framework Authority credential services credential format questionnaire
Applicants applying for accreditation of credential services need to complete this credential format questionnaire which outlines how they comply with ISO 18013-5 and/or ISO 23220 series and/or the W3C Verifiable Credentials Data Model.
Reconsiderations
Trust Framework Authority application form for a reconsideration
This form is for applicants applying for a reconsideration of the application and must be submitted within 20 working days of the notice of the decision.
Reporting Templates
Trust Framework Authority six monthly report template
This is as per the requirement under regulation 19(1) of the Digital Identity Services Trust Framework Regulations, all Trust Framework providers are required to report to the Trust Framework Authority at the end of each 6-month period on the use of their accredited services during that period.
Regulation 19(1) of the Digital Identity Services Trust Framework Regulations
Trust Framework Authority annual report template
This is as per the requirement under regulation 19(2) of the Digital Identity Services Trust Framework Regulations for all Trust Framework providers to report to the Trust Framework Authority about the use of their accredited services during each 12 month period.
Regulation 19(2) of the Digital Identity Services Trust Framework Regulations
Trust Framework Authority two yearly report template
This template provides attestations that certain required activities have been completed every two years, starting from two years following the date of the accreditation.