Digital Identities - Mobile Driver’s License (mDL)

The National Cybersecurity Center of Excellence (NCCoE) is helping to accelerate the adoption of mobile driver’s license (mDL) standards and best practices. In collaboration with technology vendors, government agencies, regulators, standards bodies, and organizations seeking to adopt mDLs, the NCCoE is building a reference architecture demonstrating real world use cases:

1. Customer Identification Program/Know Your Customer (CIP/KYC) Onboarding and Access which will demonstrate the use of an mDL and/or Verifiable Credentials (VC) for establishing and accessing an online financial account.

2. U.S. Federal Government Credential Service Provider (CSP) and Federation which will demonstrate the use of an mDL and/or VC for establishing a CSP account to access federated agency systems.

3. Healthcare and Electronic Prescribe which will demonstrate the use of an mDL and/or VC for provider access and prescription uses.

NCCoE is currently implementing our first use case to demonstrate how mDLs can be deployed to meet CIP/KYC requirements of financial institutions. To learn more about this project and the industry collaborators who have partnered with NIST to solve this challenge, please visit our project web page. To gain a better understanding of the technology and standards the NCCoE will be implementing as part of this project, please consider reading our blog series. The page you are currently on will be used to publish additional content for the NCCoE mDL Project to include project criteria and a sample bank mDL information page.

As part of this project, the NCCoE will be deploying the “NCCoE Bank”, a fictitious bank that will demonstrate how mDLs might be implemented at a real financial institution. Currently, we have published our Draft CIP/KYC use case criteria, which will be used when deploying our architecture for the NCCoE Bank. Additionally, we have created videos and flows implemented as wireframes to provide a visual representation of a customer navigating a sample bank site. These wireframes illustrate the step-by-step process in a browser on a laptop or desktop device. We have also published a SAMPLE Bank mDL Information Page that mimics information pages currently in use by financial institutions and highlights the benefits that mDLs might provide customers of those institutions.

If you wish to provide comments on any of the content on our NIST pages site, please do so here: Submit comments

Project Participants:

Organizations participating in this project submitted their capabilities in response to an open call in the Federal Register for all sources of relevant security capabilities from academia and industry (vendors and integrators). The following respondents with relevant capabilities or product components (identified as “Technology Partners/Collaborators” herein) signed a Cooperative Research and Development Agreement to collaborate with NIST in a consortium to build this example solution.

• 1Password

• American Association of Motor Vehicle Administrators (AAMVA)

• California Department of Motor Vehicles

• Capital One

• Department of Homeland Security (DHS), Science and Technology Directorate

• Georgia Department of Driver Services

• Google

• Idemia

• iLabs

• JP Morgan Chase

• Maryland Department of Transportation

• MATTR Limited

• Microsoft Corporation

• New York State Department of Motor Vehicle

• OpenID Foundation

• PNC Bank

• Raymond James

• SpruceID

• Synchrony

• US Bank

• Wells Fargo

• Yubico