We have detected that you are using Internet Explorer to visit this website. Internet Explorer is now being phased out by Microsoft. As a result, NHS Digital no longer supports any version of Internet Explorer for our web-based products, as it involves considerable extra effort and expense, which cannot be justified from public funds. Some features on this site will not work. You should use a modern browser such as Edge, Chrome, Firefox, or Safari. If you have difficulty installing or accessing a different browser, contact your IT support team.
Supporting older version smartcards
Dates by which NHS Digital will no longer provide support and then access for older product versions of smartcards and Identity Agent (IA) Clients.
Provision also of a date by which NHS Digital will switch off the Care Identity Service for authentication only.
This page outlines the plans to deprecate support for Identity and Access Management (IAM) Platform technology areas and ultimately the dates by which we will no longer allow those technology areas to access the national infrastructure.
|Product / service||Unsupported||Access unavailable|
|Gem Series 4 cards (Gemplus)||30 December 2021||30 December 2021|
|BT IA Client||30 June 2021||30 September 2021|
|HSCIC v1 IA Client||30 June 2021||30 September 2021|
|Gem Series 05 or 06 (JCOP41 and JCP 41 cards)||30 September 2023||30 September 2023|
|CIS (authentication only)||30 September 2023||30 September 2023|
Reason for change
The NHS Long-Term Plan has two clear areas that support the introduction of NHS Identity as a priority. It will :
- ensure that clinicians can access and interact with patient records and care plans wherever they are
- mandate and rigorously enforce technology standards, as described in The Future of Healthcare, to ensure data is interoperable and accessible
There are long standing challenges for the NHS in managing out of date software and hardware. It creates costs, spreads finite resources thinly and increases our risk and security and threat landscape.
Part of NHS Digital’s role is to ensure that we mitigate risk and reduce security threats across the NHS whilst also driving forward the necessary technology to meet new and emerging standards and policy commitments.
Together with policy commitments that can only be met by NHS Identity, across the NHS, we have an ageing estate of smartcards and IA client infrastructure, some of which is over 10 years old.
At NHS Digital we are looking to introduce change to ensure that all NHS organisations are ready and prepared. Ready for the introduction of the new service as the new mechanism for authentication in the NHS and social care and prepared for the introduction of a new culture where everyone stays up-to-date with our authentication entry point infrastructure.
What is changing
NHS Digital are announcing dates by which we will no longer provide support and then later access for older product versions of smartcards and IA Clients.
We are also publicising a date by which we will switch off the Care Identity Service for authentication only.
NHS Identity is the new standards-based authentication service (Open ID Connect and FIDO2 to start) which will support new authentication technologies such as Windows Hello for Business, Apple Biometrics on iPAD via an App as well as smartcards.
It will offer authentication over the internet supporting the move to an Internet First approach to authentication for the first time.
The new service is live and in use with a number of systems and an active programme of work has started to work with NHS systems suppliers to build support for the new service into their roadmaps over the next 2 to 3 years.
We expect to add new features to the service over the coming quarters including User Self Registration and Management, a completely new User Registration process and working collaboratively with the Digital Wallet programme of work to understand how NHS Digital can support the Digital Wallet roadmap.
It’s important to drive this change to support the needs of users on the front line and ensure that suppliers, NHS organisations and NHS Digital development teams recognise that the Care Identity Service will be turned off at the end of September 2023. In order to be able to authenticate in the future then they must integrate with NHS Identity.
This will also mean ensuring all users have the latest versions of desktop infrastructure to support smartcard use on machines so they can authenticate with future.
What action you need to take
For smartcards and IA Client there is no need to do anything at present, other than be aware that some NHS organisations may be required to start preparing for updating legacy IA Clients and replace smartcards.
We have started to contact organisations who are impacted by the Gem Series cards and BT IA Client and HSCIC v1 clients to make them aware and ensure that the work is planned in and tracked through. If you require a breakdown of the Gemplus series 4 smartcards active within your organisation, please contact the IAM platform (email: IAMplatforms@nhs.net) with the subject heading – Smartcard Deprecation.
If you are a supplier or you lead a team that delivers a service that currently supports authentication via the Care Identity Service and want to move to NHS Identity then please start your planning now. You can find out more information on our website.
We have a team who will also be driving up adoption of the new service over the next few years to allow us to switch off the Care Identity Service so watch out for further communications and engagement notes and events.
Queries can be sent to: IAMplatforms@nhs.net