FB pixel

States converge on mDLs

States converge on mDLs
 

Many U.S. states are launching and expanding mobile driver’s licenses (mDLs) to eventually be equivalent to their physical counterparts. Eventually, these digital ID credentials are likely to be stored in and shared via digital wallets, Intellicheck CEO Bryan Lewis tells PYMNTS.

“Eventually digital wallets will be how we all do everything,” Lewis says. What America needs now to unite its fragmented digital ID landscape, he argues, is a storage format for mDLs that is secure against hacking.

The fragmentation of the landscape, however, appears to be lifting, if gradually.

New York is preparing to launch a pilot, while New Jersey passed legislation for the creation and issuing of mDLs. Illinois has proposed a bill that would allow for those to display licenses on their smartphones alongside, not in place of, their physical counterparts.

As many as 26 states are taking steps toward implementing mDLs, and 66 million people are using mDLs in the 6 states where they are fully available, according to the Secure Technology Alliance.

“State-issued identity credentials should always be perceived as a public good. By implementing mDLs, we’re providing people with a future-focused, highly secure, cryptographically protected, convenient ID that stakeholders can rely on,” said Eric Jorgensen, director of the Arizona Department of Transportation’s Motor Vehicle Division in a keynote address at the Identity and Access Forum Spring Member Meeting.

In Colorado, mDLs can be used as a valid form of identification for some law enforcement agencies, including the city of Denver. The state of Georgia shared messaging on how to keep digital identities secure, while privacy advocates highlight security implications of the California DMV Wallet.

Georgia Driver Services shares security tips for mDLs, EFF reveals concerns

The Georgia Dept. of Driver Services shared steps citizens can take to secure PII from their state mDL, including leveraging biometric authentication.

Citizens should have a DDS Online Account and download the DDS 2 GO mobile app to receive alerts when their license status changes. They should enable 2FA and use unique passwords like a phrase or string of words. Setting up a passcode or biometric authentication will prevent unauthorized access.

Users should also only go browse sites with https, download security software to block malware, and be alert for social engineering attacks.

With the right security measures, digital identities can unite a fragmented ID landscape. Still, while mDLs have biometric authentication, encryption, and verification capabilities, civil liberties organizations have voiced concerns about whether or not the systems are actually secure.

The Electronic Frontier Foundation (EFF) shared security concerns regarding the California DMV Wallet app in a recent article. The app, which is currently being used by roughly 325 Californians, began a pilot last year.

The state contracted digital credential provider Spruce ID for the creation of a wallet app instead of Google Wallet, which accepts mDLs from Georgia, or the Samsung Wallet which accepts IDs in Iowa and Arizona.

The EFF notes California’s move avoids giving control over device compatibility, public messaging, and other aspects of a state mDL to a major tech company.

Californians can add on TruAge, a separate age verification QR code, to share minimal information while verifying age. However, there is already an mDL reader option for age verification. As of right now, there isn’t a selective disclosure option for sharing mDL information, but the California DMV plans to release one in the future. Once it arrives, TruAge will be redundant.

TruAge is being piloted in at least 6 states, the EFF says. The California DMV is considering the possibility of other add-ons, like disabled parking ID, registration, and vehicle ownership, to its digital wallet.

The EFF says unlinkable proofs are a privacy preserving way of using an mDL. Governance is also needed to establish control mechanisms for digital IDs like interoperable open wallets.

Protections need to be put in place to limit the information law enforcement can gather both by mDLs and from the smartphone presenting the ID, as established in proposed legislation in Illinois. Digital identity apps are not and should never be mandatory, the EFF says.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Physical, digital spoof detection for ID documents upgraded by IDScan.net

IDScan.net is introducing new tools to detect more instances of tampering on identity documents. The new features to detect physical…

 

Social media giants face the wrath of new Australian government committee

Australia continues to harden its stance on social media. In a release from the office of Minister for Communications Michelle…

 

New Zealand trust framework looks to onboard digital ID providers

In an interview with Radio New Zealand (RNZ), Digital Identity New Zealand Executive Director Colin Wallis confirms that the country’s…

 

Google introduces passkeys for users at high risk of cyberattacks

Google users now have the option to use passkeys for account security in signing up for its Advanced Protection Program…

 

EU residency permits to exempt Brits from biometric checks at UK border

The UK government has confirmed its intention to implement the changes necessary to accommodate the European Union’s new digital Entry/Exit…

 

DHS to hold industry day for biometric scanner contract

A hybrid industry day will be held by the U.S. Department of Homeland Security on July 29 to share information…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events