Support for W3C Digital Credentials API, digital identity passports part of iOS 26

Of the news coming out of Apple’s WWDC25, some of the most significant for the digital identity industry involves Apple’s embrace of digital credentials in Apple Wallet. Notably, the tech giant has announced that iOS 26 will support TSA approved digital passports and augmented boarding passes with integrated terminal maps, and that henceforth, iOS releases will support the W3C Digital Credentials API to request mDocs from Safari and WebKit.

Standards make mobile documents interoperable, privacy preserving

A video for developers outlines some of the unique properties that come with mobile documents, or mDocs: “for one, they are defined in the ICO/IEC 18013-5 standard,” says a man identified as Erik, an engineer with Wallet and Apple Pay team. “This allows them to be interoperable across different platforms.”

Also on the standards front, a LinkedIn post from Chris Goh, national harmonisation lead for digital identity with Austroads, notes that Apple (along with Google) also supports the ISO/IEC 18013-7 digital credential API in their browsers and wallets. “This means mDocs under the standard can be used to verify identity online as well as in person.”

Furthermore, mDocs offer greater user control over what data is shared – i.e., the principle of data minimization. Erik describes a scenario in which an organization requests data from a user through a branded consent sheet, which allows a user to ensure that only relevant data is shared, then authorize the ID verification with FaceID.

Apple has also developed a system in which web browsers can communicate with nearby iPhones for identity verification via Wallet. Those without Safari can scan a QR code with their iPhone to activate the verification process.

In addition to W3C, ICO/IEC 18013-5 and ISO/IEC 18013-7, the FIDO CTAP protocol is used for cross-platform flow. “This means that any code that a website writes to integrate with Apple platforms can work with other browsers and apps that choose to adopt these same standards,” Erik says.

“The experience is built to be cross-platform from the ground up. This includes support for iPhone, iPad and Mac, as well as other browsers and operating systems. No matter where a user is browsing on the internet, they can use the documents on their iPhone for identity verification.”

Finally, he says, “we built a set of Document Provider APIs for Apple platforms. These APIs allow apps such as the Local Driving Authority app to surface as an option during an identity verification flow.”

To summarize, “there are two distinct entry points for those of you who wish to participate in this flow. If you are a developer for a document provider app on iOS, then you may be interested in the Document Provider API. This API will allow your iOS app to be surfaced as an option to complete an online mdoc verification. If you are a website interested in performing identity verifications online, you will want to implement the W3C’s Digital Credentials API, and associated request and response handling logic.”

E-passports will work at TSA checkpoints but don’t replace physical document

As to the e-passport capability, it comes with the usual proviso that it is not a replacement for your physical passport. But TSA will accept mobile driver’s licenses (mDL ) or digital travel documents in Apple Wallet for identity verification or age assurance in 10 states plus Puerto Rico.

For travelers, Wallet also has a new link to Find My, allowing users to check the boarding pass to track the progress of their AirTagged luggage, as well as Live Activities integration enabling users to share flight status with friends in real-time.

Article Topics

Apple  |  Apple Wallet  |  digital ID  |  digital travel credentials  |  digital wallets  |  identity verification  |  interoperability  |  mDL (mobile driver's license)  |  mDoc  |  verifiable credentials  |  W3C standards