Foundational role of biometrics for digital identity credentials discussed in IBIA paper
The International Biometrics + Identity Association (IBIA) has published a report examining the transition which is beginning towards the use of digital identity credentials replacing physical documents. A series of core principles that must be addressed to support the transition are considered, along with implementation considerations, necessary life cycle process support, and important differences between physical and digital credentials.
The “Principles for the Implementation and Use of Biometrically Enabled Mobile Identity Credentials” paper is an initiative of the IBIA Mobility working group, and argues that the billions of smartphones already possessed by people around the world are the natural platform for digital driver’s licenses and travel documents to be hosted on.
Core principles identified include the assertion of the same identity and requisite privileges as the physical credential the digital one is derived from, adherence to international standards that define the credential and its contents, and the foundational role of biometrics in any physical or digital identity credential. The report also notes the requirement of robust document authentication processes for source identity documents to support self-service processes, and the inherent importance of facial recognition matching to successful digital credentialing.
The report was written by Aware Director of Business Development Magruder Dent, Innovatrics Business Development Manager for North America Bill Dumont, Acuant Senior Account Executive for Government Systems Paul Townsend, HID Global Product Director for goID Jean-Baptiste Milan, and IBIA Executive Director Tovah LaDier.
International standards include ISO 18013-5 for mobile Driver’s Licenses (mDLs) and ICAO 9303/ISO 7501 for ePassports and Digital Travel Credentials (DTCs). The IBIA document notes that the storage of personal information in digital credentials in a Logical Data Structure (LDS) with cryptographic protection from the Issuer’s Public Key Infrastructure (PKI), data remains sound and interoperable over time, proves the authenticity of the credential in use, and supports biometric identity verification. Digital credentials can support a wide variety of use cases with increased personal data control, and reducing the relying party’s risk with automated technologies for credential checks.
Considerations for authentication mechanisms, enrollment, and various processes utilizing mobile digital credentials are examined.
Travel credentials like ePassports and mDLs will be among the main forms of digital identity that are forecast by Goode Intelligence to reach 3 billion distributed by 2025.