OpenID Foundation publishes papers on standardizing US mDLs as verifiable credentials

The OpenID Foundation (OIDF) has released two papers on standardizing the use of mobile driver’s licenses (mDL) as verifiable credentials in the U.S., where multiple state authorities issue mDLs in different digital wallets.

Digital credentials such as mDLs could be used for high-assurance use cases like opening bank accounts. But before this can be achieved, financial institutions must have standardized machine-readable trust signals that can assess the digital credential’s provenance, assurance levels and compliance indicators, says the open standards body.

As the deployment of the issuer-holder-verifier model grows, metadata and additional attributes are critical to conveying information to reduce the risk and liability of the parties involved, according to George Fletcher, a contributor and representative at the OpenID Foundation Board.

“This work is key to making deployments viable in the United States where no other trust framework exists,” he says.

The first paper, titled mDL Metadata Requirements to support Know Your Customer (KYC),  introduces a standardized metadata framework to help financial institutions meet regulatory compliance requirements, such as CIP and KYC, by providing machine-readable trust signals.

The second paper, Customer Identification Program (CIP) compliance and OIDF Extended KYC Considerations, builds on the first one, providing an implementation roadmap extending the metadata framework to regulatory and privacy requirements from different regulatory frameworks.

“Harmonizing mDL metadata with KYC and CIP requirements is critical for ensuring interoperability, regulatory compliance, and trust in decentralized ecosystems,” says OIDF.

“Without standardized metadata, financial institutions face fragmented implementations that increase operational risk, compliance audits, and undermine assurance for account opening processes.”

The OpenID Foundation says that their approach aligns closely with the National Institute of Standards and Technology (NIST) technical blueprint for mDL assurance.

Juliana Cafik, an independent Identity Standards and Solutions Architect and OpenID contributor, noted that OIDF used the blueprint as a base to align identity assurance and privacy regulations with CIP/KYC compliance requirements in the U.S. International collaboration, however, is also needed.

“International coordination is critical, as fragmented standards create exploitable gaps for synthetic identities, deepfake-driven onboarding, and AI-enabled attack surrogates,” she says. “I am looking forward to expanding this effort and collaborating with partners and stakeholders to advance secure and verifiable identity worldwide.”

Article Topics

digital ID  |  digital wallets  |  identity assurance  |  mDL (mobile driver's license)  |  OpenID Foundation  |  standards  |  United States  |  verifiable credentials