Steering Toward Mobile Driver’s Licenses The NCCoE Buzz: Mobile Security Edition is a recurring email on timely topics in mobile device cybersecurity and privacy from the National Cybersecurity Center of Excellence’s (NCCoE’s) Mobile Device Security project team. Have you ever thought about having your driver’s license on your mobile phone? In the last two decades, mobile devices have revolutionized the way we live, work, and connect with each other across the globe. From communication and information access to productivity and entertainment, the prevalence of mobile devices in our everyday lives is undeniable. As the world rapidly evolves and technology redefines how we interact with our surroundings, a significant innovation that holds the potential to transform our daily lives is the Mobile Driver’s License (mDL). This digital evolution of the traditional physical driver’s license brings numerous benefits and conveniences to drivers but can also present security and privacy challenges that we must address. mDL Definition An mDL is a digital representation of a driver’s license on a mobile device. It contains all the essential information found on a physical driver’s license, including the driver’s name, photo, date of birth, and driving privileges. An mDL also has the capability to be updated in real time. Learn More: mDL Project at the National Cybersecurity Center of Excellence (NCCoE) Experts at the NCCoE are working with industry, government agencies, and academic institutions to research and implement international standards (ISO/IEC 18013-5 and ISO/IEC 18013-7) on mDLs. These standards are being developed to provide improved usability, convenience, and stronger security in digital identity management. The mDL project will define and facilitate one or more reference architectures that protect privacy, provide secure implementation, enable equity, allow widespread adoption, and facilitate ease-of-use by: Building an open-source reference implementation that will retrieve digital driver’s license information from the mobile device Demonstrating different use cases to access the ID stored on the device Developing a practice guide that includes mDL design, architecture, and leading practices If you would like more information on the Digital Identities – mDL project, visit the mDL webpage. The NCCoE Mobile Device Security Team NIST Cybersecurity and Privacy Program Questions/Comments about this notice: [email protected] NCCoE Website questions: [email protected] |