Idemia is among fifteen organizations that the National Institute for Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) has engaged to collaborate on the first use case for its Mobile Driver’s License (mDL) project.

According to an announcement from the NCCoE, those selected to develop digital credential architectures also include digital identity providers Mattr Limited and SpruceID, as well as the OpenID Foundation, Microsoft, iLabs, a handful of state transportation agencies, major banks JP Morgan Chase, US Bank and Wells Fargo, and the Department of Homeland Security’s (DHS) Directorate of Science and Technology.

According to the announcement, “staff will work with the NCCoE to accelerate the adoption of digital identity standards and best practices by creating reference architectures, representative workflows and implementation guides to address the real-world cybersecurity, privacy and usability challenges that arise when adopting mDL in the financial sector.”

Initially, the work will focus on the financial sector and the implementation of mDLs for identity verification, KYC and other digital ID concerns in financial services.

The NCCoE selected its team from respondents to a notice in the Federal Register. Based on the match of capabilities with the “desired solution characteristics,” the 15 organizations were each offered a joint research and development agreement (CRADA) binding them to the consortium.

Although key contributors to the joint standards project have been finalized, NCCoE is still open to contributions. A note at the end of the announcement invites anyone who would like to be part of the “mDL Community of Interest (COI) to lead this project and provide feedback” to send an email to [email protected].

Visions for the direction of mDLs across the government

Establishing comprehensive – and understandable – standards for digital IDs and mDLs is something of a holy grail for a sector faced with a web of sometimes conflicting, overlapping standards and protocols, each owned by different organizations.

At an Identiverse roundtable discussion on mDLs hosted by the OpenID Foundation in June, Ryan Galluzzo, director of the Digital Identity Program in the Applied Cybersecurity Division at NIST, named the NCCoE as a key player in the effort to provide verifiable credentials, along with OpenID, the World Wide Web Consortium (W3C), and the International Standards Organization (ISO/IEC).

Galluzzo noted that the NCCoE is “very concerned with understanding these kinds of mobile driver’s license standards, where they exist today and how they fit into that broader context next.”

The formation of the Digital ID Super Council can be seen as the next important step in this effort. Within the committees involved, many are already neck-deep in the discussion of mDLs (for example, the California Department of Motor Vehicles and the New York State Department of Motor Vehicles) and interoperability is a common goal.

Even the White House is getting involved. The Biden administration has circulated a draft executive order on digital identity, and although it has not yet been signed, it says it should “strongly encourage the use of digital identity documents” and support government issuance of mDLs.

To date, thirteen states have issued mDLs, and a similar number are considering legislation or otherwise working toward the adoption of digital credentials.

Article topics

Biometrics | digital ID | IDEMIA | Idemia Public Security | ISO standards | Mattr | mDL (mobile driver’s license) | NCCoE | NIST | US government