ClickCease
Don't miss out! Join us at
2024 featuring Fraud Fight Club on April 25th
arrow icon
Blog

‍‍JULY NIST ANNOUNCEMENT: A watershed moment for mobile driver’s licenses or another false start?

Post by:
Tim Brown
July 26, 2023
Post by:
No items found.
July 26, 2023
‍‍JULY NIST ANNOUNCEMENT: A watershed moment for mobile driver’s licenses or another false start?

Last week, the National Cybersecurity Center of Excellence (NCCoE) and NIST (National Institute of Standards and Technology) held a briefing on the upcoming mobile driver's license project. Read on to get up to speed on the current state of mobile driver’s licenses (i.e., what’s taking so long), and then learn the latest news about an exciting and potentially major breakthrough announced by NIST that has the potential to change everything. 

Mobile Driver’s License: Historical Context 

A mobile driver's license (mDL) offers numerous potential benefits that enhance convenience, security, and efficiency in the realm of identification and driving privileges. Firstly, mDLs provide a digital and easily accessible format on smartphones, reducing the need to carry physical cards, streamlining interactions with law enforcement, and simplifying age verification processes at various establishments. Secondly, mDLs can incorporate biometric authentication, enhancing security measures and reducing the likelihood of identity fraud. Additionally, the dynamic nature of mobile licenses allows for real-time updates, ensuring accuracy and immediate reflection of any changes, such as addresses or endorsements. Overall, mobile driver's licenses have the potential to offer a modern, secure, and user-friendly solution to traditional identification, driving privileges, and authentication processes.

Despite their obvious value, mDLs have experienced slow adoption for several key reasons. Primarily, there hasn't been enough coverage in the US (e.g., not enough states issuing them, not enough consumers downloading them) to excite national or global relying parties to fund integration to the multiple providers of mDL. Further, no comprehensive standard exists to enable or integrate multiple providers, so again, you have large companies not wanting to spend money to integrate many different providers. Finally, the REAL ID Act didn't contemplate driver's licenses on mobile phones (hello! 2005 called and it wants the flip phone back). 

Having said all of that, this announcement from NIST, along with the work that's happening at the international standards (ISO) level, illustrates that there are collective pushes to standardize both the API interfaces and online use cases for mobile driver's licenses. I don't believe it will happen quickly (e.g., I’m hearing that ISO expects to have part 7 of the ISO driver's license spec released in 2024 - ISO/IEC 18013-7), but at some point, mDL will be a big part of the online identity verification landscape. Relatedly, we’ve seen the Department of Homeland Security working on a subset of REAL ID rules to enable the acceleration of mobile Driver’s License adoption. 

Here's a quick recap of the session as shared with the FIDO (Fast Identity Online) Alliance working groups:

NIST walked attendees through the project goals. The project will:

  • Develop an open-source reference implementation of ISO/IEC 18013-7 mDL specification for unattended use cases.
  • Build prototypes in the lab using products and services from participants.
  • Develop security and privacy guidance for implementations 

Additionally, the project will set up sandbox environments and participants can build demos of different transaction types, including:

  • Attended use cases
  • Identity Proofing
  • Attribute presentation
  • Authentication
  • Single sign-on

The NCCoE and NIST are looking for mDL application providers, issuing authorities, verifiers to bring use cases and business processes, identity service providers to provide mDL readers, and third-party trust lists.

Conclusion: 

It’s difficult to overstate the potential benefits of mDLs for the general public. Equally difficult to overstate how onerous and complex adoption has proven to be. The recent actions taken by the NCCoE and NIST have me feeling optimistic. It’s too early to say for sure but it appears that we are fast approaching a world where efforts such as ISO/IEC 18013-7, and NCCoE/NIST efforts will provide a framework to accelerate the integration of mDL use cases, and modifications to REAL ID regulations will lead to market saturation of digitized driver’s licenses in the US. With active participation from industry leaders and guidance from NIST, I believe that the United States can craft an mDL-based solution that enables remote identity proofing, improves public safety, protects privacy, and saves everyone a whole lot of trips to the DMV.

Create secure frictionless customer experiences using modern identity solutions

Join over 1,000 businesses that rely on Prove across multiple industries, including banking, FinTech, healthcare, insurance, and e-commerce. Contact us today.

Prove: the world’s most accurate identity verification and authentication platform

Trusted by 1,000+ leading companies to reduce fraud and improve consumer experiences. Contact us today to learn how you can frictionlessly secure your digital consumer journey — from onboarding to ongoing transactions.

Keep Reading...Read our latest white-paper on this subject!

Tap the button below to read our latest white-paper on the subject as industry leaders.

Accelerate your onboarding

Contact us to learn how leading companies are using Prove Pre-Fill to modernize the account creation process by shaving off clicks and keystrokes that kill conversion.

Create frictionless customer experiences

Get in touch to find out how we can help you identify your customers at every stage of their journey and offer them seamless and secure experiences.

Schedule a demo

Let our expert team guide you through our identity verification and authentication solutions. Select a date and time that works for you.

Schedule a demo

Find out how we can help you deliver seamless and secure customer experiences that comply with PSD2/SCA. Select a date and time that works for you.

Interested in more information about Prove Pre-Fill?

Download the Report

Download Aite-Novarica Group’s full report about Prove Pre-Fill, including a product overview, customer results, and how the product works.

Interested in more information about MFA?

Download the guide now to learn how you can improve security, cut down on fraud, and create the best possible customer experience.