Empowering mobile driver license Trust and interoperability
Driver license issuing authorities across North America are beginning to issue mobile driver licenses (mDLs) to customers. In September 2021, the International Organization for Standardization (ISO) published the Personal Identification – ISO Compliant driving license – Part 5: mobile driving license (mDL) application (ISO/IEC 18013-5) standard defining how mDLs should interoperate with mDL reader devices used by relying parties (any entity that relies on the security of a mobile identity). The standard also details the components of a verified issuer certificate authority list (VICAL) through which a list of legitimate issuing authority public key certificates can be shared with relying parties.
AAMVA's mDL Digital Trust Service (DTS) is the system that enables the VICAL to support all member jurisdictions in delivering successful mDL programs to their stakeholders. Providing a single, safe, secure, and resilient means through which relying parties can easily obtain the public keys of each issuing authority will drive the success of mobile driver license programs.
When an issuing authority begins issuing mDLs, they generate a pair of keys that uniquely identifies who they are: a public key and a private key. The private key is securely kept by the issuing authority and is used to sign their customer’s mDL data. The public key is made publicly available to those needing to authenticate an mDL provided by the issuing authority. Relying parties must have the public key to provide assurance that the mDL data they are interacting with was issued by the issuing authority and that the data hasn't changed since issuance.
The primary objective of the mDL DTS is to maximize the trustworthiness of mDLs issued by AAMVA jurisdictions. The solution provides relying parties with the simplest means to obtain all participating jurisdictions' public key certificates. Verifying the public key certificates allow relying parties to be confident that the mDLs they are presented with have been created by a legitimate issuing authority. The centralized availability of the keys through the DTS will enable widespread support for mDLs.
mDL DTS Minimally Viable Product
AAMVA has launched a minimally viable product (MVP) of the DTS which is governed by AAMVA's Identity Management Steering Committee. The pilot allows AAMVA to offer the system with minimal cost and time to market bringing real-world feedback into the development cycle. By implementing only the essential elements, AAMVA and stakeholders can observe the solution in action.
Participating issuing authorities will share the public key certificates used to issue their mDLs. The public key certificates will be assembled into a list that can be downloaded by relying parties and used to verify the authenticity of the mDLs with which they interact. MVP participants will interact with the solution, share their observations, and offer suggestions for ongoing improvements.
The mDL DTS does not receive, store, share, or otherwise interact with the personally identifiable information of any mDL holders.
Learn more about the mDL DTS by listening to the podcast below.
Stakeholders
AAMVA
AAMVA is the provider and operator of the mDL DTS. We bring North American state, territorial, and provincial motor vehicle and law enforcement agencies together to define and implement standards and best practices. AAMVA also serves as a critical technology solution provider to member jurisdictions that support driver license issuance and vehicle solutions.
mDL Holders
mDL holders are persons who are provisioned mDLs by the issuing authority from the jurisdiction in which they reside. The mDL ecosystem is designed to ensure that individuals can safely and securely make their identity claim with relying party reader technologies. The mDL DTS does not receive, store, share, or otherwise interact with the personally identifiable information of any mDL holders at any time.
mDL Solution Vendors
mDL solution vendors are companies contracted by the issuing authorities to provide mDLs to their driver license and ID card holders.
mDL Issuing Authorities
Issuing authorities are government agencies responsible for issuing driver licenses, identification cards, and mDLs.
For more information and to become an issuing authority as part of the MVP, please visit here.
Relying Parties
Relying parties are any organizations that accept mDLs as proof of identity. Relying parties may be public sector, private sector, retail, not-for profit, and others.
For more information and to access VICAL, please visit here.