Perspectives on the mDL Trust Framework
Two digital identity experts discuss what the mDL trust framework needs in order to work and what the future holds for the technology.
Taking Care of People
Chris Goh, Department Lead Architect for Identity and Enterprise Capability for the Department of Transport and Main Roads in Queensland, Australia
The mobile driver’s license (mDL) trust framework is a triangle of trust between those who issue credentials like a DMV, those who rely on it to make sure people are who they say they are, and most importantly, customers whose identity is the key that unlocks services, proves competence and shows compliance. The mDL trust framework is about ensuring that these parties can be assured that all identities have a high level of integrity and assurance when they transact, and those transactions are secure and private.
The driver’s license was once seen as evidence that one was competent to drive. Today, it allows bank accounts to be opened, allows you to rent a home, bring a pet into your home and sometimes, allows you timely access to services in times of disaster. These are only a small sample of cases the mDL framework enables when we trust in a digital identity.
With all major global industry leaders in identity adopting the mDL, the opportunity of the technology to make a difference in all aspects of our community is incredible. As a person who grew up in public housing, I know that ID is less about identity and more about enabling individual dignity. Which is why, as we build digital pathways, it’s critical that we don’t build social bias into them.
What really excites me about the mDL framework, if we get it right, is that it can provide policy levers that can also help people and the economy like never before. Imagine in disasters where a family has lost their home and has no income. Because we know who they are, we can make sure they have a meal that night, a roof over their head and diapers for a newborn. The future of mDL technology is not the technology itself, but what sits at the end of it: people.
Arjan Geluk, Lead Principal Advisor at UL Identity Management & Security in Leiden, The Netherlands
Before I began working with mobile driver’s licenses (mDLs), I worked on chip-based payments, which, similar to mDLs, is something that requires global interoperability as well as agreement between the different stakeholders on what is considered trustworthy. These days, it doesn’t matter where you go in the world, you can trust that your chip-based payments will work, whether its San Francisco, Sydney, Singapore or Sao Paulo.
This is the same type of thing we envision for mDLs as well—that, eventually, wherever you go, they will be accepted and they will be trusted to be genuine. And this is why an mDL trust framework is critical.
A trust framework is important because it allows parties that didn’t previously know each other to now trust each other. In the case of mDLs, one that is issued in the United States needs to be trusted in Europe, for example, and vice versa. Anyone can have a credential on a mobile phone, but it doesn’t necessarily tell you anything. I can create the nicest visual effects on my screen, but that doesn’t bring trust. It is important to have agreement between all parties across the world. There needs to be agreement on policies and practices on how to create and manage mDLs so that those accepting them can actually trust them to be authentic.
If an American law enforcement officer, for example, needs to verify a digital driver’s license issued in Europe, the only way to trust it is if there are global standards already in place. If everyone had their own mDL, it may be a nice local convenience, but it wouldn’t provide any value as a license anywhere else. If we’re going to use them, everyone needs to adhere to the same standards. And we need to keep talking to each other.