Mobile driver licenses present new opportunities for biometrics and wider ecosystem
By Steve Purdy, Vice-President Identity and Verification at Thales.
Digital transformation is about to change how we prove our identities. Soon, presenting your driver license credentials to receive a service, or purchase an age-restricted product, will be more convenient, secure, privacy-assured and sanitary. This is the future with a mobile driver license (mDL).
The concept of an mDL is frequently misinterpreted as just an image of a driver license on a phone, like an official photo of the physical ID card. This is far from the truth as mDLs are sophisticated and encrypted digital identity credentials, quite different from a physical credential, and they offer substantial benefits to consumers, government agencies and the private sector.
Convenience for the modern world
An mDL is a digital credential containing all of the same information as a physical driver license, such as photo, address, date of birth, date of issuance, etc. The difference is the way in which users, businesses and governments can interface with the credential, and the level of security provided.
For users, the credential is stored on their smartphone independently or as part of a digital wallet. The user’s data is encrypted and advanced multi-layered security protects the data against the most sophisticated threats and cybercrime attacks. Native device biometrics or other mechanisms like PINs and combined with multi-factor authentication to prevent unauthorized access. This is not only convenient, giving users access anytime they have their smartphone, but also allows for increased identity security. Unlike losing your wallet where your physical ID can be easily accessed, with an mDL, your digital credential is securely stored.
Privacy is also a native feature for users. For example, when proving your age for a purchase or activities like entering a restricted venue, an mDL can provide your complete credential information, or provide only the necessary information that you select by enabling you to generate a 2D barcode – keeping all other personal information private. With this method, the requestor receives only the information necessary to accept or decline a transaction – such as a photo of the registered mDL user for visual confirmation, and a clear indicator showing whether the user meets the age or identity requirement.
Because of a uniformed presentation of information regardless of the entity that issued the mDL, this fast, reliable and secure authentication methodology is also ideal for businesses. For example, an mDL can reduce unnecessary liabilities as a result of employees misreading information from a physical ID and mistakenly issuing an age restricted sale. It can also help prevent confiscating or otherwise recording of an individual’s identity information for illegal or fraudulent purposes. During a pilot in Colorado, a bar manager found the mDL to be of great assistance because with many tourists among the clientele, assessing the validity of licenses from across North America, or even locating the date of birth, was a constant challenge.
Additionally, using an mDL requires no physical exchange as users retain control of their personal device at all times, creating a touchless experience that helps to safeguard public health.
The opportunity for biometrics
The underpinning success of an mDL is based on sound security protocols, but security is likely to be an evolving feature as the use of mDLs grow. Take, for example, the technology evolution of the modern credit card.
Visa began advertising the benefits of chip and PIN payment cards nearly 20 years ago, and these features have only recently become mainstream features throughout the world. To bring more convenience, touchless payment is becoming the new normal and to keep pace with customer security needs, the security evolution is now combining contactless and biometric payment features to stay ahead of fraudsters.
Similarly, mDL security features may be very different in 10 years. Already, mDLs include real-time digital verification processes that are much stronger than anything a physical ID can provide – this native security makes mDLs very attractive not only for users, but also for managing agencies and could allow them to overtake physical IDs in the not too distant future. If mDLs become the storage method of mainstream digital identities, they will be secured with a PIN, a biometric, or both. Biometrics are likely to be required at least at the point where any sensitive personal data or access to important personal accounts are involved. Further, while mDLs on their own may not drive the need for biometric requirements, they could, at a minimum, support them by providing an image that meets ISO image quality standards.
If large tech providers leverage digital wallets and mDLs to power strong authentication, then digital wallets and mDLs could become powerful lifestyle-oriented platforms with compelling benefits for users, and the entire ecosystem of stakeholders.
The benefits for governments
Digital wallets and mDLs allow governments to empower their ID credentialing services to support the jurisdiction’s digital modernization and transformation efforts. However, the main motivation for jurisdictions to issue mDLs is the tremendous opportunity to improve efficiency and reduce fraud. This includes instant updating of dynamic information such as address, marital status, driving privilege status (valid, revoked, suspended) – and even the adding of additional licensing certificates. For instance, fishery, game, wildlife, or marine agencies can use the mDL as an authenticated ID for adding a hunting, fishing or boating license, and digitally issuing that license to the mDL.
mDLs can also improve data consistency across agencies, with information provided in the same form as it appears in an agency database, reducing the risk of multiple identities being associated with the same person. As an added benefit, law enforcement can receive updated information in real-time.
It is clear that over time, once jurisdictions have adopted mDLs, other private sector stakeholders are likely to emerge which could make mDLs more compelling for consumers, while also making them easier to integrate for different uses. From renting a condomium through an online portal to submitting an online loan application, to validating authorized access to a secure area and more, a trusted mDL platform brings a secure and convenient way to authenticate identity for government and private entities that transcends the physical ID.
About the author
Steve Purdy is Vice-President, Identity and Verification for the Thales identity and biometric solutions business.
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.
Article Topics
biometrics | credentials | data protection | digital identity | driver's license | encryption | identity verification | mDL (mobile driver's license) | mobile app | privacy | Thales Digital Identity and Security
Comments