Avoco is a highly innovative UK company with a proven track record of delivering major identity solutions for commercial companies and government services for more than 10 years. Avoco was selected by all the bidders to build and provide the technology for the UK Government Skills Funding Agency (SFA) (LOA2) identity program; SFA’s identity system ran successfully for 5 years. Avoco was selected by Royal Mail and GB Group to supply their identity platforms for the UK Government Verify Service. Avoco was also selected to review the design and security of the government orchestration hub service.
Avoco’s Trust-T service is a secure, privacy-enhanced, robust data orchestration solution. Trus-T orchestrates the layers of the identity ecosystem, offering existing identity reuse, in a way that retains user control. Trus-T can dynamically uplift user confidence levels using a data broker option. The whole is facilitated through granular user consent. Trus-T uses configurable rules to manage the behaviour of the extended identity ecosystem. These rules allow for the system to be modified in real-time to reflect the specific needs of each customer system. The relevant identity information is supplied to different services without the need to reinvent the wheel. Onboarding of all of the ecosystem players is straightforward. Trus-T offers customers such as financial institutions, government services, retailers, etc., a way to easily modernise onboarding procedures, offering massive time and cost savings, and dramatically improving customer experience.
Share
Main office address
7th Floor,
16 St. Martin's-le-Grand,
London
EC1A 4EE
Key Products / Services / Sectors (USPs)
Avoco’s Trus-T is the orchestration layer for the identity ecosystem
Trus-T is a service designed using Avoco’s innovative identity API. The Trus-T service provides a number of functional features needed to build consumer orientated services based on a digital identity:
*Connecting your service with multiple online identity providers, of your choice or out of the box. This includes: Amazon, PayPal, UK Verify, Yoti, Self-Sovereign identities, and more…
*Connecting your identity provider with one or more services
*Improved customer choice by offering re-use of existing online accounts to access your service
*Ease of customer on-boarding, allowing customers to use existing accounts to kick start your account process
*Translation of protocols, including OAuth 2.0, SAML 2.0, OpenID Connect, and custom protocols
*Option to pull in other data to uplift an identity account
*Option to verify data and to carry out anti-fraud checks
*Lowers friction
*Low cost
*Fast integration and deployment
*Highly scaleable
*Designed with the complex demographic serviced by government, in mind
Fast, flexible, easy, on-boarding
Customers want convenience. But they also have expectations that include privacy and security, and the chance to build a trusted relationship with a service. The Trus-T service has been designed to offer the features needed to perform all of these.
*Convenience: Provide a central place where customers can chose an existing account to either login to your service or to jump-start your service account process. Makes interacting with government services easy and covers a wide-demographic.
*Privacy: Privacy by Design is a remit of the Trus-T service. We have a number of measures that can be used to add privacy features, including consent management, to your platform.
*Security: Trus-T is built to exacting secure standards by experts in security. The service is Pen-tested by security experts and even the underlying code has been security tested.
*Trusted-Relationships: Digital life is made more convenient and richer when it is based on a relationship created using two-way trust. Trus-T offers a number of methods to help create a relationship with your customers, including a data-sharing engine.
Further details
Aspects of the code is open source but this is a mature, highly developed, security by design system.
Multi-channel support includes, F2F, Web, Mobile, Digital Assistant. Trus-T can be configured to cover off a diverse variety of user journeys.
Trus-T is on-shore built by a British company. Hosting options are all types of cloud, and we include on-premise.
All open standards are supported and we can even support proprietary and legacy protocols as required.
Avoco were the technology behind the IDPS supplied by Royal Mail and GB Group to Verify. We also supplied the IDP technology to Experian for the Skills Funding Agency identity scheme.
Services
Supports eID
Yes
No
Area of focus
Consumers
Internal services (enterprise)
Identity provisioning (IdP)
As-a-Platform
API
As-a-Service
Wallet/SDK
Hub
On-board RPs
Offer translation of protocols
Handles federation
Integrate RPs/IDPs/Wallets
Can offer consent capture if required
Attribute brokerage
Can capture self-asserted
Can verify self-asserted
Can integrate with third parties (eg Open Banking)
Supports verified claims (VCs)
Verification services/support
Not supported
N/A
Yes – third party verifiers used (including Open Banking)
Yes – In-house verification service
Authentication
Password/username
Multiple factors (MFA)
Biometric
FIDO
Mobile device
Other
Data store functionality
Attribute storage
Attribute sharing
Configurable for specific sectors (e.g. health)
Use decentralised stores (eg Wallets or online)
Can offer consent capture/handling
Account management for users
Yes
No
On request
Account recovery
Self-service
Help desk
Key management required by user
Channel support
Omni-channel
Web
Mobile
Digital assistant
Wallet
Other
Protocol support
SAML 2.0
OIDC
Oauth
UMA
DID (decentralised identifiers)
Third party capability
External
Internal
Other
Other
Risk-based authentication
Anti-fraud support
Data minimisation support
Consent management
Variable registration (multi-user journey support)
Support for accessibility
Logging and audit
Billing system
User Journeys
Self-service
Offline options, incl. F2F
Upgrade paths to increase assurance levels over time
Creation of delegated accounts
Rules
To modify system behaviour
For risk-based authentication
To use events to drive transactions
To manage user journeys, including verification
To handle LOA upgrades/downgrades
API available
Yes
No
Wallet-based systems
Wallet available
SDK available
Decentralised
Handle payments
Handle identity document’s (eg drivers license)
Handle health information (eg vaccine certificates)
Other
Testimonials
“Avoco Secure’s Trust Platform is the technology that enables Royal Mail to deliver a verified, scalable, secure, user centric identity assurance service, which will allow users to authenticate themselves to UK Government digital services.”
Jim Conning, MD of Royal Mail Data Services
“We are pleased to be partnering with Avoco Secure as we believe their Trust Platform will enable a secure, friction free user experience across all government services in the scheme.”
John Lord, Managing Director at GBGroup