Digital ID credentials come to the Apple Wallet, inform apps, but EU may cause friction
Apple’s input on developing the standards for mobile driving licences (mDLs) has culminated in the IDs entering the Apple Wallet in iOS 16 with greater functionality. They can now interact with other apps on the same device to verify aspects of the user’s ID. The utility and logic of the system will no doubt foster usership of digital (or at least digitalized) ID as more jurisdictions join, but Apple can expect resistance from the European Union if the company proves a little too successful.
Arizona and Maryland get in gear
The U.S. states of Arizona and Maryland are the first to support mDLs and state ID as digital ID in the Apple Wallet, announces Apple in an explainer. While in Arizona this has been available since March, including for presenting ID via iPhone or Apple Watch at select Transportation Security Administration (TSA) checkpoints at airports, the new functionality in iOS 16 sees internal interaction between Wallet and third-party apps.
In-person functionality is similar to paying by Apple Pay. The user holds their device against an NFC reader. This pushes a notification screen which states what elements of one’s identity profile the service is requesting, such as name, date of birth, address. If the user agrees, they follow the same biometric verification process they would for a payment, such as Face ID or Touch ID.
In-device functionality is even simpler, requiring just a tap to accept on the permissions requirement that pops up in situations such as buying a plane ticket or ordering alcohol. Biometric verification is needed again to share the requested identity attributes.
Other states working on mDLs and state IDs compatible with Apple Wallet are Colorado, Connecticut, Georgia, Hawaii, Iowa, Kentucky, Ohio, Oklahoma, Utah and the territory of Puerto Rico, reports NFCW.
Mobile driving licenses are being accepted in real life use cases already, such as for bank transactions at America First Credit Union offices in Utah and Arizona.
Sign-up is biometric. The user scans the front and back of their physical credential (there is no sign of the DMV sending a digital credential to a device), then undergo video selfie verification and a liveness test.
In his noted Apple blog, Daring Fireball, John Gruber notes further details on functionality. The exchange is encrypted and happens directly between the device and identity reader, meaning users do not need to unlock or hand over their devices, like with Apple Pay.
Only one fingerprint can be registered for adding the ID to the Wallet for users of devices with Touch ID. This is to prevent multiple people who may be registered to use the device from being able to use the digital ID within the device.
Meanwhile in Europe
The EU is well underway with eIDAS 2.0 scheme for interoperable digital identity and the requirement for all member states to provide at least one digital wallet for their citizens, an EUID Wallet. Apple will not have a monopoly on convenience.
Speaking at the recent OIX Identity Trust 2022 conference, Sebastian Elfors from IDnow explained the wallet-to-app protocol, which he called “selective disclosure” is something that the EU considers “to be very, very important and will be a part of the EUID Wallet.”
“There is a digital markets act which is aimed to allow different vendors and providers to be able to offer and issue wallets,” said his colleague, Rayissa Armata. “Obviously we have Apple, Google Android phones we will be using to store and place these digital identities as one device – there are other ways and means to store this identity not just through the phone [desktop, cloud].
“So, these principles are also being discussed from a competitive perspective, legally. How to be fair in the European market to allow other companies, organizations to offer such services.”