Tuesday, December 7, 2021
Tuesday, December 7, 2021
The International Organisation for Standardisation (ISO) has published ISO/IEC 18013-5 which, amongst other things, specifies the interface between the Mobile Driving Licence (mDL) and mDL reader and the interface between the mDL reader and the issuing authority infrastructure.
Publication clears the way for global ID and driving licence issuers to confidently deploy mDL solutions, and for validators around the world to implement or adopt mDL readers, says ISO. Businesses, federal and state agencies and other public entities verify government-issued ID documents to quickly approve transactions every day. mDL gives the holder control of their ID data on their mobile device while allowing acceptance via a tap or scan.
This global mDL standard was the result of over six years of effort through an open collaboration of issuers, technology providers, regional authorities such as AAMVA, EReg, AustRoads, and the African Tripartite, and businesses that accept identity documents to approve transactions.
Face-to-face quarterly meetings were held on every continent to ensure inclusivity and transitioned to fully virtual for 2020 and 2021.
SO/IEC 18013-5 overcomes the insecurity of showing a card on a phone screen and offers a host of benefits for cardholders and the validators who accept ID cards and driving licences.
The document establishes interface specifications for the implementation of a driving licence in association with a mobile device. It specifies the interface between the mDL and mDL reader and the interface between the mDL reader and the issuing authority infrastructure.
The standard also enables parties other than the issuing authority (eg. other issuing authorities, or mDL verifiers in other countries) to:
use a machine to obtain the mDL data
tie the mDL to the mDL holder
authenticate the origin of the mDL data
verify the integrity of the mDL data.
However, ISO is clear that how mDL holder consent to share data is obtained and requirements on storage of mDL data and mDL private keys are outside the scope of the document.
On the matter of safety and security, the standard gives guidance on making the mDL resistant to tracking as there is no unique identifier to see where the mDL has been used. It also touches on the means of making the mDL difficult to forge, as stored and shared documents are cryptographically protected against counterfeiting, reinforcing the resistance to the creation of fake IDs.
Chrissy Nizer, Chair of the American Association of Motor Vehicle Administrators (AAMVA) Board of Directors said: ‘this standard will provide the necessary components to support mDL security and interoperability across the globe while ensuring the privacy and safety of the mDL holder.’
‘Transportation Security Administration (TSA) considers ISO standards for personal identification documents to be a cornerstone for greater security and privacy,’ said TSA Administrator David Pekoske. ‘The new standard for mobile driver’s licenses represents a significant step forward and will eventually help ensure a more touchless and efficient airport screening experience for all travellers.’
The eagerly anticipated ISO/IEC 180135 international standard is now available for purchase 1.
1 - www.iso.org/standard/69084.html