Secure Technology Alliance launches template for using mobile driver’s licenses
Get used to the idea of your phone as your driver’s license. The ecosystem for mobile driver’s licenses (mDLs) continues to expand globally, with countries such as Australia and South Korea following the path of early adopters like Mexico. The U.S. is also seeing a spike in uptake, with six states already offering a secure, cryptographically protected, digital identity credential as a valid mobile driver’s license. According to a release from the Secure Technology Alliance (STA), more are coming, with 26 other states already in the process of introducing mDLs.
To help everyone figure out how to handle all the new digital ID documents, the STA’s Identity and Access Forum has launched an industry-first mDL use case template. The document is intended as a guide for relying parties who will be transitioning to accept mobile driver’s licenses for identification and ID verification, including law enforcement, retailers, and government agencies.
Formally titled “Template for Building your mDL Use Case, Accepting Mobile Driver’s License,” the free template aims to provide businesses with info on how to build business cases, capture operational requirements and design interactions. It outlines the roles of mDL holders, issuing authorities, relying parties and issuer service providers, and describes interactions and potential pain points. It offers insights on implementation and access requirements. Crucially, it also details mDL security and privacy considerations to safeguard biometrics and other identity data.
“Spearheading the evolution of identification practices requires a collaborative effort,” says Sandy Mayfield, managing director of the Identity and Access Forum. “The release of the mDL use case template marks a significant milestone in our collective journey towards widespread understanding and interoperable adoption of this transformative technology. By providing a standardized use case framework, the template empowers stakeholders to navigate the complexities of mDL implementation with clarity and confidence.”
The template is available free for download on the STA’s mDL Connection website.
IDVerse exec says Australia’s digital driver’s licenses ‘quite easy to modify’
A report from ABC News suggests that Australia could stand to have a gander at the mDL template’s section on data security. It quotes cybersecurity experts who say most of Australia’s digital driver’s licenses don’t meet international security standards, leaving holders open to potential biometric ID theft and identity fraud.
Mobile driver’s licenses, says Jamieson O’Reilly, director at cyber security company Dvuln, says mDLs “should reduce things like fraud, misuse, and identity theft – but that relies on a secure implementation, which as we’ve seen, hasn’t been happening.” O’Reilly wants governments to ensure digital licenses are built to ISO 18013-5 specifications.
IDVerse Chief Executive John Myers agrees that standardization is necessary for people to use their IDs across states and internationally. “But we need to make that common standard extremely powerful. There’s a massive increase in fraud with the digital licenses primarily because they’re quite easy to modify, both to produce a fake and to modify the original source.”
At present, Queensland’s digital license is the only ISO compliant app in Australia.
Article Topics
digital ID | driver's license | ISO standards | mDL (mobile driver's license) | mobile app | Secure Technology Alliance
Comments