Demystify Mobile Driver Licenses (a.k.a mDLs)
Disclaimer: While I certainly do not consider myself an expert in this area, I have based this article on my secondary research and analysis. If you have any updates on the information provided in this blog, please feel free to send me a message.
What is a mDL?
A mobile driver's license or CDL is a digital version of your physical driver's license that can be stored on any digital device, such as smartphones, wearables, or laptops. It contains the same personally identifiable information as a physical driver's license but with added convenience, security, and control over privacy. By presenting your mDL, you can confirm your driving privileges, legal age, name, or contact information while enjoying the benefits and flexibility of having your license stored digitally
In which situations or places are mDLs accepted?
TSA has started accepting mobile driver licenses (mDLs) at select airports! You can easily purchase age-restricted products by scanning a QR code at retail locations using your mDL. Even credit unions are adopting mDLs for identity verification! And that's not all, states (mDL tracker) are currently in talks with businesses and government agencies to enable mobile identity credentials.
What are the advantages that people can enjoy by using mDLs?
Imagine never having to carry a physical wallet again! With mobile driver's licenses (mDLs), your phone becomes your all-in-one solution for identification and payment. Long lines at the DMV will be a thing of the past, as mDLs are automatically updated and kept current. Plus, mDLs provide a completely contactless verification process, which is not only convenient but also crucial for health and safety.
The best part? Say goodbye to the security issues with physical driver's licenses, like the risk of theft, loss, or forgery. With mDLs, your personal information is kept safe and secure through encrypted communication and biometric authentication. The data is only ever viewed by the person who added the ID to their device, providing total peace of mind.
Not only are mDLs more secure, they also offer greater privacy. Regarding age-restricted items, mDLs allow you to share only the necessary information, keeping the rest of your data completely private. You control the information you share, empowering you to make informed decisions about your privacy. So, go ahead and ditch your physical wallet - mDLs are the future!
Are mobile driver's licenses (mDLs) considered secure and reliable?
Mobile driver's licenses (mDLs) are more secure than physical licenses because:
1. Data storage is secure: Personal data is encrypted and stored in a dedicated hardware area, making it inaccessible if the device is lost or stolen.
2. Data access is restricted: Access to mDL data is only granted with biometric authentication so only you can unlock the application with your face or fingerprints or PIN, preventing unauthorized access.
3. Data transmission is secure: The required data and transmission channel are secured to prevent man-in-the-middle attacks.
4. Approved verifying applications: Only approved identity readers can verify the authenticity of the signed mDL data and confirm the identity of the person.
5. Secure authentication: Instead of showing sensitive data, the mDL application creates a QR code that triggers secure data transmission. The shared data is displayed only on the authorized device, protecting the security and privacy of your data.
How can I provision mobile driver's licenses (mDLs) on my iPhone?
The steps below are for Apple device users only:
- Add your driver's license or state ID to your Wallet app.
- Tap the + button on the app screen and follow the instructions.
- Scan the front and back of your physical license or ID and take a selfie.
- The issuing state will verify the card data against its database and provision your license onto your phone.
- The mDL data is signed by the DMV and encrypted securely on your device for your privacy.
How can I use mobile driver's licenses (mDLs)?
Mobile driver's licenses (mDLs) can be used in two main ways.
Firstly, tap your mDL on a reading device, such as TSA's Credential Authentication Technology reader at airports.
Secondly, prove your age or identity when buying age-restricted products or when pulled over by a law enforcement officer.
#1 Using the Wallet app, once you add your driver's license or state ID, you can easily present it to the TSA by tapping your iPhone or Apple Watch on the identity reader. The device will display a prompt with the required information. You can then authorize the release of this information from your device using Face ID or Touch ID. This ensures that only the required information is shared, and only the person who added the driver's license or state ID to the device can present it.
#2 If someone asks you to provide your identity, select the data you want to share and hit the share icon in the Wallet application. This generates a 2D barcode that triggers the data transmission. The reader on the other side will read the barcode and will display the shared data on the other screen for authentication.
Do people still need to carry their physical driver's license if they have set up their mobile driver's license?
According to the TSA and other authorities, people must carry their physical driver's license along with their mobile driver's license (mDL). This is because there may be certain scenarios where TSA is unable to obtain a match through biometric technology, in which case the TSA officer will use standard passenger identity verification procedures. Therefore, it is important to have both your physical DL and mDL with you at all times while traveling.
What if I change or lose my phone?
If someone loses their phone, they can still access their mobile driver's license (mDL) by downloading the wallet app on their new phone and provisioning the mDL on it. This means that the mDL can be transferred from the old device to the new device without any hassle. The process of provisioning involves verifying the identity of the user and ensuring that they have the necessary permissions to use the mDL.
Once the mDL is successfully provisioned on the new device, it is wiped off from the old device automatically. This ensures that the mDL is not accessible from the lost or stolen device, providing an added layer of security. This process helps to safeguard the personal information of the user and prevents unauthorized access to their mDL
What are the reasons for the slow adoption of mobile driver licenses?
Have you ever wondered why mobile driver's licenses (mDLs) are not as popular as they should be? Well, let me tell you, it's not just one thing but a combination of factors contributing to their slow adoption.
First, the stakeholders in the mDL ecosystem have different needs, making it challenging to establish a universal system. These stakeholders include DMVs (issuing authorities), merchants (replying parties), vendors (building mDLs software and hardware applications), standard bodies, privacy watchdogs, and users.
Moreover, each state has different regulations and requirements, making it hard to establish a consistent system. Even though mDLs are based on ISO, each region has its standards, such as AAMVA, W3C, and Open ID, which adds to the system's complexity.
Another issue is the fragmented wallet ecosystem, where different airlines, states, tech giants, and technology providers have launched or announced their plans to launch digital wallet apps for mDLs. This has confused people about which app to use; some have resorted to using multiple apps.
Furthermore, security and privacy concerns surrounding sensitive personal data have made people hesitant to entrust their information to tech companies. The rise in data breaches and cyberattacks has also contributed to these concerns.
The transition from legacy identity verification methods to mDLs for replying parties, such as merchants, is also a significant issue. Merchants and organizations need to upgrade their infrastructure and train their staff to adopt mDLs, which can be very expensive, especially for small or medium businesses.
Additionally, evolving standards and criticism by privacy groups, such as ACLU, CDT, EFF, and EPIC, have slowed down the adoption of mDLs. These groups have been pushing DMVs and state governments to slow the adoption of mDLs due to concerns about inequality, data mismanagement, and government surveillance.
Despite all these challenges, my research shows that the adoption and future of mDLs will depend heavily on the complex interplay of these factors. Governments and replying parties will play a significant role in pushing for adoption and setting standards. As the standards evolve, hardware and software costs will reduce, which will make mDLs more accessible and accelerate their adoption.
Why is Apple investing in this space?
Exciting news! After Apple announced support for IDs in Apple Wallet at WWDC 2021, the company has been working hard with TSA to bring mobile driver's licenses (mDLs) to various states. And let me tell you, digital identity verification is a game-changer for Apple!
Why is it so crucial, you ask? Well, it gives Apple Wallet and Apple Pay a stronger value proposition. It allows the company to build deeper partnerships with TSA and local authorities, giving them more control over mobile identity credentials.
Managing physical and digital wallets can be such a hassle. But with mDLs incorporated into Apple Wallet, users can now work their digital identification and payment methods together, creating a seamless and convenient user experience. Plus, it aligns perfectly with Apple's vision of expanding into financial services.
Even more exciting is that Apple and TSA have collaborated to give Apple control over the IP for using mDLs in various applications, including "Know Your Customer" checks, transactions, medical records, and voter identification. And with their partnership with local and state authorities, Apple can now transfer the responsibility of issuing mDLs to DMVs, making life easier for everyone involved.