Trust Framework

The Pan-Canadian Trust Framework™ (PCTF) addresses current and future Canadian digital identity ecosystem innovation needs by verifying the trust of services and networks.

PCTF documents and artifacts help to secure the interoperability of public and private sector identity capabilities while prioritizing user-centred design, privacy, security, and convenience of use.

PCTF is an open public resource. It will always be freely available to the public for review and adoption. Drafts are made available for public review and input. PCTF develops under DIACC’s neutral good governance policies and procedures.

Quick Links

One Framework, Many Partners

Benefits from the input of Canada’s federal, provincial, and territorial representatives of the Joint Councils Identity Management Subcommittee (IMSC), the Canadian public, and through broad economic sector input.

PCTF Documents

To respond to the complexities that digital identity and trust entail, the PCTF has a modular approach, which provides a comprehensive set of documents aligned to the various functionalities and core aspects of identity management services.

Title	Status	Scope	Needs for Canada	Notice	Number	Type	Ready for Certification
Digital Wallet	Final Recommendation V1.0	Defines criteria, requirements, and guidelines regarding digital wallets.	Stakeholders have identified the need for a set of criteria that will be used to create well-designed, privacy enhancing digital wallets.	2023-04-25	DIACC PCTF12	Normative	Yes
Infrastructure (Technology & Operations)	Final Recommendation V1.2	Defines criteria, requirements, and guidelines regarding the trustworthiness of IT infrastructure.	Stakeholders have identified the need for a set of criteria, requirements, and guidelines regarding the trustworthiness of IT infrastructure.	2023-04-25	DIACC PCTF08	Normative	Yes
Verified Person	Final Recommendation V1.2	Defines criteria used to establish that a natural person is real, unique and identifiable.	Stakeholders have identified the need for a set of criteria that will be used to establish that a natural person is real, unique and identifiable.	2022-03-31	DIACC PCTF05	Normative	Yes
Privacy	Final Recommendation V1.2	Defines criteria concerned with the handling of personal data for digital identity purposes.	Stakeholders have identified the need for a set of criteria concerned with the handling of personal data for digital identity purposes.	2022-03-31	DIACC PCTF04	Normative	Yes
Trust Registries	Draft Recommendation V1.0	Defines criteria, requirements, and guidelines regarding Trust Registries.	Stakeholders have identified the need for a set of criteria, requirements, and guidelines regarding Trust Registries governance, operations, and registration and certification management.	2023-03-28	DIACC PCTF13	Normative	No
Credentials (Relationships & Attributes)	Final Recommendation V1.0	Defines criteria related to the creation, issuance, and management of credentials existing in digital form.	Stakeholders have identified the need for a set of criteria related to the creation, issuance, and management of credentials existing in digital form.	2020-06-01	DIACC PCTF07	Normative	No
Verified Organization	Final Recommendation V1.0	Defines criteria that allow organizations to exchange trustworthy information about themselves or others (individuals or organizations) with external parties.	Stakeholders have identified the need for a set of criteria that allow organizations to exchange trustworthy information about themselves or others (individuals or organizations) with external parties.	2020-02-17	DIACC PCTF06	Normative	No
Authentication	Final Recommendation V1.0	Defines criteria used to enable access to digital systems.	Stakeholders have identified the need for a set of criteria that will be used to enable access to digital systems.	2019-05-15	DIACC PCTF03	Normative	No
Notice & Consent	Final Recommendation V1.0	Defines criteria used to formulate a statement about the collection, use and disclosure of personal information, and to obtain a consent decision on that statement from a person authorized to do so.	Stakeholders have identified the need for a set of criteria used to formulate a statement about the collection, use and disclosure of personal information, and to obtain a consent decision on that statement from a person authorized to do so.	2019-04-03	DIACC PCTF02	Normative	No
Assurance Maturity Model	Draft Recommendation V1.0	Provides guidance regarding how to use PCTF conformance criteria in order to properly classify Levels of Assurance.	Stakeholders have identified the need for an Assurance Maturity Model to provide guidance regarding the use of PCTF conformance criteria in order to classify, compare, and align different Levels of Assurance schemes.	2021-06-28	DIACC PCTF11	Informative	Not Applicable
Glossary	Final Recommendation V1.0	A list of terms identified in the PCTF.	Stakeholders have identified the need for a common set of definitions to be used to communicate with regard to identity and access management.	2020-03-10	DIACC PCTF10	Informative	Not Applicable
Model	Final Recommendation V1.0	A high-level model of PCTF related contextual information, goals, and objectives.	Stakeholders have identified the need for a high-level model to organize the Canadian Digital Identity Ecosystem.	2019-02-13	DIACC PCTF01	Informative	Not Applicable
Overview	Final	Sets out the vision and value proposition for the PCTF.	Canadian citizens and consumers, i.e. end users, are the beneficiaries of trust that will be achieved through service standardization and accountability to the PCTF.	2016-08-01	DIACC PCTF00	Informative	Not Applicable

Development & Maintenance

The PCTF is developed and maintained through an open and collaborative process defined in the DIACC Operating Procedures. The DIACC’s Trust Framework Expert Committee (TFEC) is the working group responsible for developing and maintaining the PCTF. The TFEC consists of members from the public and private sectors who work collaboratively through a Peer-Review and Development Process to maintain the PCTF, ensuring it’s up to date with evolving ecosystems.

The TFEC defines the PCTF’s informative and normative documents, adhering to DIACC’s Operating Procedures, and describes the applicable value propositions across Canada’s public and private sectors. The TFEC ensures audibility, suitability, and consistency of its defined conformance criteria operationalized in the DIACC’s Certification Program.

PCTF Conformance Criteria Development Process

The PCTF requirements are developed following an open and standardized process as specified in the following graphic. These include initial draft development, committee review, DIACC Board approval for public input, revisions to incorporate public feedback, and approval from DIACC membership for final publication.

As specified in the Operating Procedures, reviewing the informative and normative documents is a public and open process where any interested party can participate and provide feedback. The public Call for Comments & IPR Review period is vital to the DIACC multistakeholder model. It provides a mechanism to ensure a balanced representation of interested parties’ opinions, views, and suggestions.

In addition to the public comment review periods, DIACC offers an ongoing channel for anyone interested in providing feedback using the PCTF Out of Band Feedback form.

This form collects PCTF public community feedback outside the prescribed public review & comment periods. The DIACC team monitors this form’s responses every quarter. The DIACC’s TFEC will consider comments for inclusion.