PublicTechnology

EXCL: One Login delivery date revised to 2028 with hundreds of millions of extra spending set to be committed

Sam Trendall August 1, 2025 in Highlights, News, Science, technology and research - 5 Minutes
Credit: Crown Copyright/Open Government Licence v3.0
Documents reveal £115m being spent this year and a 2028 deadline for deployment across ‘all central government services’, but DSIT tells PublicTechnology the move is an expansion and an endorsement

The end date for completing delivery of the new government-wide GOV.UK One Login system has been formally pushed back by three years, with additional extra investment likely to add up to hundreds of millions of pounds, PublicTechnology can reveal.

However, government has insisted that the move does not constitute a delay against the previously scheduled timeline – but rather an expansion stemming from the success of the project’s implementation so far.

Plans to create a new cross-department online account and sign-in system for citizens were first announced in 2020. Work formally began and One Login was added to the government major projects portfolio (GMPP) at the start of the following year, with a scheduled end date of March 2025. By which time, ministers and senior officials indicated that most, if not all government online services would have completed implementation of One Login. A press release from summer 2023, for example, stated that: “Over 100 public services will be using GOV.UK One Login by 2025, covering the vast bulk of all central government services.”

Transparency documents reveal that One Login’s delivery date has recently been formally set back by three years. In a letter confirming the retention of the project’s senior responsible owner – Government Digital Service official Natalie Jones – government states that “implementation of a single, simple and secure way for users to sign on and, where necessary, prove their identity to access all central government services… is expected to take until 31 March 2028”.

But, in response to enquiries from PublicTechnology, GDS parent organisation the Department for Science, Innovation and Technology claimed that this extended delivery date should not be considered as a delay. Rather, the coming three years of work will see additional services brought in scope of the programme – and should be seen as an endorsement of progress so far, the department said.

“GOV.UK One Login is making it easier and safer for people to access public services online, with more than 7.8 million users already signed up. Over 80 services are now live on the platform, with another 100 in testing,” a DSIT spokesperson said. “The timeline for delivery has not been delayed. The service originally scoped to onboard 145 services by 2025 and now, because of its success, it will be expanded to bring a further 160 services onto the platform over the following three years to ensure we can capture the full range of benefits and savings for taxpayers.”

31 March 2028
New delivery date for One Login

160
Additional services to be brought in scope of the programme by 2028, according to DSIT

£115m
Money to be spent in 2025/26, with more to be required in the two following years

7.8 million
Current number of users, according to DSIT

September 2020
Date ministers first outlined plan for new cross-government account

The letter extending Jones’ role as SRO also reveals that a budget of £115m will be provided to support delivery during the current 2025/26 – the first of the three additional years that the project will remain part of the GMPP set-up.

The original estimated budget for delivery of One Login £305m – a projection which was increased to £329m in 2024. The £115m spending dedicated for this year alone represents an increase in costs of at least 35% – with similar further investment likely to be required in the two subsequent years.

In a recent written parliamentary answer, digital government minister Feryal Clark said that the programme “currently undergoing HM Treasury approvals for a new business case which will run until 2027/28”.

Progress and pitfalls
Published earlier this year, the most recent annual GMPP data release assigned One Login an amber delivery confidence rating on assessors’ traffic-light scale. An accompanying project summary suggested that, as it headed into the final 12 months of its originally scheduled implementation, the programme faced various challenges.

“A combination of headcount restrictions and no corresponding budget increase in 2024/25 would leave GOV.UK One Login with insufficient capacity to complete all of the work originally planned for this financial year,” it said.

In the months since this assessment was made, One Login has been subject to concerns about its security credentials, not least because the system has lost the formal government digital identity trustmark – as certified by DSIT itself.

The project recently awarded almost £20m in contracts for technical architecture and cyber services and, in response to enquiries last month from PublicTechnology regarding the security status of the technology, a government spokesperson said: “As you would expect, we carry out regular, rigorous security testing to ensure we have the ability to respond to any potential cyberthreats. While we don’t comment on specific operational security matters, One Login continues to meet high standards of cyber security and data protection, in line with best practice and government policy.”

“The timeline for delivery has not been delayed. The service originally scoped to onboard 145 services by 2025 and now, because of its success, it will be expanded to bring a further 160 services”

DSIT spokesperson

Despite such difficulties, the SRO documentation claims that work on One Login – which is ultimately intended to replace 190 separate online accounts systems across government, incorporating 44 different sign-in methods – has made significant progress to date.

“Three years in, GOV.UK One Login is now the market-leading account and identity verification solution for government, offering best-in-class performance against key metrics of inclusion, success rates, and fraud prevention,” it says. “It is transforming the interaction of the citizen and state by providing a single verifiable access point, replacing the plethora of different ways to sign-in currently needed to access public services and providing the foundations of efficient data sharing across public sector organisations. The efficiency benefits for citizens and government increase as more services are brought on board.”

The document adds: “By the end of this phase [in 2028], all central government services will be fully onboarded, ensuring that One Login is the default authentication solution across government. In parallel, we will establish and embed the necessary security, fraud prevention, product enhancements, and customer support frameworks to provide a stable, scalable, and resilient service.”

The letter also argues that it was imperative for government to develop such a platform like One Login from the ground up – rather than seeking to implement a commercial alternative.

“Private sector providers lack the incentive or capacity to deliver an integrated solution that aligns with the specific needs of the government, particularly in terms of inclusion, resilience, and fraud prevention,” it says. “This makes government intervention essential.”

Related Posts

A person logs on to their My Charity Commission Account using a laptop
Charity Commission plans £9.5m digital transformation programme
August 29, 2025
Robotic fingers using a keyboard
CPS pilots use of generative AI to write first drafts of correspondence
August 29, 2025
Top tech firms urged to prep for new anti-fraud obligations
August 29, 2025

Sam Trendall

Learn More →