The Department for Work and Pensions (DWP) has issued a written ministerial statement providing an update on the publication of connection guidance which includes the new staging timeline for connecting to pensions dashboards.

Skip to content
Pensions dashboards programme logo
  1. Home

Technical solution

Central digital architecture


Central digital architecture overview

The central digital architecture is made up of the consent and authorisation service, the identity service, the pension finder service, and the governance register. The governance register encompasses all the components of the ecosystem. 

Before dashboards are publicly available, the ecosystem will be tested to ensure it is working effectively and that it is safe and secure. Testing will also ensure there is sufficient coverage of pensions and the user experience is positive.


How dashboard users interact with the central digital architecture

Users begin their journey by navigating to a dashboard and completing the relevant registration. They then submit a request to find their pensions information from over 35,000 pension providers and schemes in the UK. 

To make sure data is safe, the identity service will confirm the users’ identity. As well as using the identity information verified by the identity service to find their pensions, the user will also be able to input (or ‘self-assert’) additional information to improve the likelihood of finding all their pensions. This could include, for example, National Insurance number.

The pension finder service will now take over. It will send the request to find the users’ pensions comprised of identity/biographical information (some of which is verified by the identity service, some of which will be input by the user themselves) to all pension providers and schemes. The find data will be sent to integrated service providers (ISP), pension providers and schemes, and the State Pension, to enable them to search against the received information and match users to their pensions. 

If a match is made, the pension providers and schemes (or ISPs on their behalf) and State Pension will register the match by registering a unique identifier of that pension with the consent and authorisation service. This enables the user to then retrieve their pensions information to their dashboard for the user to view.

Dashboard users will be able to come back to the consent and authorisation service to review and amend their authorisation policies for access to their pensions information, as well as initiate new find requests.


Back to top

Ecosystem


Components of the ecosystem

Pensions dashboards: will enable anyone who has a UK pension not in payment (not currently paying out, annuitised or in drawdown) to be able to view their pensions information. MaPS will provide a non-commercial public dashboard service. However, other commercial dashboards may become available upon authorisation and permission from the Financial Conduct Authority (FCA).

Consent and authorisation service: this allows a user to search for and to retrieve their data to a dashboard. It also enables users to manage consents, enter self-asserted find data, such as National Insurance number and initiate find operations.

If a matching pension is found, the consent and authorisation service manages access to the information in line with the authorisation policies set by the user. No pension information is stored.

Identity service: verifies the users’ identity and manages the authentication of details provided. The identity provider validates the users’ first name, last name and date of birth. Additional information like address, National Insurance number, email, and phone number may be provided but not necessarily validated by the identity service.

Pensions providers and schemes: host find and view API endpoints (which are the specific locations within an API that accepts requests and sends back responses allowing the system components to communicate with each other) and internal pension finding/matching. Found pensions are registered with the central digital architecture.

Pension finder service: organises and distributes find requests across the pensions data provider endpoints, or APIs, and is part of the central digital architecture that sends out an instruction to all pension providers and schemes to search for a users’ pensions. 

It has no user interface and receives data from the consent and authorisation service, before sending it to pension providers and schemes. Pension providers and schemes’ find interfaces will acknowledge each find request.

Governance register: controls which organisations and software participate in the ecosystem and meet the required security and performance standards and the central digital architecture components that need to provide logging information for monitoring. The governance register consists of both organisational processes and online IT components.

It also provides central reporting, technical monitoring and similar services. The security and operational management of the central digital architecture relies on logging data that can be analysed and reported on to produce monitoring information and audit reports.


Back to top

Identity service


Role of the identity service

Pensions dashboards will allow individuals to find and view their pensions information online, securely and all in one place. It is essential that the identity of a dashboard user is verified to an appropriate level. This will allow pension providers and schemes, who are responsible for providing member’s data, to have confidence that the user is who they say they are and has authorised their pensions information to be released.

The identity service is part of the central digital architecture, and it is independent of any dashboards.


Personal information verified by the identity service

We expect that the identity service will verify the following information for dashboard users:

  • first name
  • last name
  • date of birth

It may also verify other attributes, but this will be dependent on the identity service provider and may vary over time with the evolution of the service.
Pension providers and schemes in receipt of find requests will be able to identify which data attributes are verified and which are self-asserted by means of assertion flags accompanying the data items.

More information on assertion flags can be found in the data standards.


The identity service in the dashboard user journey

When a user wants to access their pensions information, via their chosen dashboard, the first step in their journey is to be directed to the consent and authorisation service. Here, the user will have their identity verified by the identity service. 

The user’s verified details are then added to additional information self-asserted by the user such as National Insurance number, previous names, addresses, email address and mobile phone number. This is the ‘find’ request. This information is sent to pension providers and schemes to match the user to their pensions information. 


Identity verification for returning users

Having verified their identity, the user does not need to repeat this process when returning to the dashboard to view their pensions information. However, if some time has passed, they may have to re-authenticate, which will be a simple and quick process. 


Identity verification through other dashboards

It is currently unknown whether dashboards will be able to adopt the same identity provider as MaPS and use a common sign in process. We are looking at making the user journey as straight forward as possible. The identity service is part of the central digital architecture owned by the Money and Pensions Service (MaPS). MaPS will therefore select the identity solution and the level of confidence required.


Overseas national users who have a UK registered pension scheme

PDP  recognises that there will be dashboard users who live outside the UK but have pensions schemes in this country. For example, no National Insurance number and an overseas address, or British nationals who now live overseas with a non-UK address. Being in the UK will not be a requirement to use the service. The only constraint on using the service will be the ability of the identity service to verify their identity.


Back to top

Raise a new query

If you can’t find what you’re looking for you can log your query, provide feedback, or raise a concern through our Jira portal. PDP will address your issue and update our support pages accordingly.

Log a query via Jira

Back to top