The United Kingdom has spent the better part of two decades attempting to build a coherent digital identity infrastructure for public services. Two previous attempts — GOV.UK Verify and the Government Gateway — ended in fragmentation, underuse, and eventual retirement. The current iteration, GOV.UK One Login, is now the most mature version of that ambition, operated by the Government Digital Service (GDS) under the Department for Science, Innovation and Technology. Whether it succeeds where its predecessors failed is a question that cannot yet be answered, but the evidence of the past twelve months provides a detailed picture of where the programme stands.

As of the end of 2025, GOV.UK One Login had been used by over 13 million people to access more than 120 government services. That number represents a significant jump from the 3.8 million verified users recorded in early 2024, driven in large part by compulsory identity verification for company directors introduced in November 2025. From 18 November 2025, all company directors and people with significant control must verify their identity with Companies House, feeding new users directly into the platform. The number was expected to rise to 20 million by the end of 2025 as a result.

Alongside the core sign-in platform, the GOV.UK app had been downloaded 316,000 times by the end of December 2025, having entered public beta in July of that year. GDS has designed the wallet to store government-issued credentials digitally within the GOV.UK One Login app; the digital Veteran Card was the first credential issued, and since October, more than 15,000 veterans successfully added their card to the app. Private testing of a digital driving licence began in December 2025, with broader rollout expected later in 2026.

The policy framing around One Login shifted sharply in September 2025. On 26 September, Prime Minister Sir Keir Starmer announced a digital ID scheme, with the government initially stating the digital ID would be mandatory for proving the right to work as a means of tackling illegal immigration. The mandatory element of the scheme was subsequently dropped following political and public backlash, with the messaging shifting toward user convenience and improving public services. A consultation on the scheme was published in March 2026. The sequence — announcement, backlash, retreat, consultation — follows a pattern familiar to any observer of UK digital policy.

The legal foundation for the broader digital identity ecosystem is now established. The Data (Use and Access) Act 2025 received Royal Assent, establishing the regulatory groundwork for Digital Verification Services and creating the formal architecture within which both the government platform and private sector identity providers operate. The Act carries over provisions from the previous government's Data Protection and Digital Information Bill, which fell when the 2024 general election was called.

The government's timeline is explicit. By the end of 2027, One Login is planned to become the only way to access all central government services. GDS director for digital identity Natalie Jones has described the platform as now functioning as a working system rather than a vision, underpinned by a serverless architecture adopted two years ago that GDS says reduces both operating costs and environmental footprint. HMRC is among the last major departments to begin transition; the rollout for HMRC customers is gradual and closely monitored, with existing Government Gateway account holders told they will be contacted when it is time to switch.

The security picture is more complicated. As of late 2024, One Login met only 21 of 39 required outcomes in the NCSC Cyber Assessment Framework, the mandatory standard for critical government services. In May 2025, the Government Digital Service achieved Digital Identity and Attributes Trust Framework (DIATF) approval for One Login in December 2024, but that certification subsequently lapsed after One Login's biometric technology supplier, iProov, failed to renew its own DIATF compliance, causing the One Login registration to expire automatically.

A whistleblower, speaking to Liberal Democrat digital spokesman Lord Clement-Jones, alleged that a government red team was able to gain privileged access to One Login systems during a test in March 2025. The Department for Science, Innovation and Technology confirmed that red team testing took place but denied the system had been penetrated or that any breach went undetected, with a spokesperson stating that subcontractors involved were a small group with no access to production systems and that all code was reviewed before deployment.

The tension between the government platform and the private sector it nominally sits alongside has not abated. The GOV.UK Wallet raises existential questions for the approximately 50 private providers who invested substantially in aligning with the DIATF. Palantir's UK leadership stated publicly it would not bid for digital ID work, citing the scheme's absence from Labour's 2024 manifesto as evidence of insufficient public mandate. The government's position — that it can offer a public option while the private market continues to operate under the DIATF — has not fully resolved the commercial tension.

The economic case for digital ID is argued primarily through fraud reduction and administrative efficiency. The Tony Blair Institute for Global Change estimates that digital ID will generate a £2 billion annual fiscal improvement to government finances, comprising £1.25 billion in reduced benefit fraud, £600 million in additional tax revenue, and £200 million from better-targeted crisis support. Whether those projections hold against the implementation cost and the inherited risks of the underlying infrastructure remains to be seen.

The UK digital identity sector generated £2.1 billion in revenue in 2023/24 and supported over 10,000 full-time equivalent jobs, according to a study commissioned by the Department for Science, Innovation and Technology. The government is expanding into a market it helped to create; how the private providers adapt to a state-issued identity credential carried on citizens' phones will define the shape of that market for the decade ahead.

The 2027 deadline for full central government adoption is firm on paper. The pace of departmental onboarding, the ongoing recertification of One Login under the DIATF, and the political handling of the public consultation on the broader digital ID scheme will each determine whether that deadline holds or becomes another postponed milestone in a programme with a longer history of delays than deliveries.