Accelerate Adoption of Digital Identities on Mobile Devices

0

Seeking Feedback

The National Cybersecurity Center of Excellence (NCCoE) has published for comment a draft project description, Accelerate Adoption of Digital Identities on Mobile Devices.

The organisation is seeking feedback from all stakeholders in the digital identity sector.

The NCCoE is especially interested in hearing from Issuing Authorities, digital identity solutions providers, Verifiers, and trust service providers.

The public comment period is open until March 31, 2023.

Project Description Abstract

Over the last two decades, mobile devices have become a commodity technology with users of all economic backgrounds and ages across the globe.

These devices have become convenient platforms for many uses, including ordering a ride, making payments, checking in to a flight, accessing the gym, storing concert tickets, etc.

More recently, demand has surfaced to use mobile devices to replace physical identification cards, such as government issued driver’s licenses, with a digital equivalent.

Standards for new digital credentials are emerging that can support both greater individual control of identity attributes and immediate validation with issuing sources.

This provides the potential for both improved usability and convenience for the end user and stronger assurance in identity for organizations. The advent of international standards ISO/IEC 18013-5, use of mobile driver’s licenses (mDL) in attended mode, and ISO/IEC 18013-7, use of mDLs in unattended (online) mode, are a digital credential model that shows promise.

The NCCoE, in cooperation with industry, government agencies, and academic institutions, will study, evaluate, implement, and test interoperability and security claims of the international standards, ISO/IEC 18013-5 (published), ISO/IEC 18013-7 (currently a working draft), and the ecosystem surrounding these standards.

Specific outcomes of this project will be:

  1. an open-source reference implementation for this new technology,
  2. prototypes and demonstrations in the lab, and
  3. leading practices for secure, resilient and interoperable mDL deployment.

Further, there will be an outreach and engagement effort that will champion, socialize, and help to spread the word externally with the goal of getting as much involvement as possible.

NOTE from NCCoE: While these standards address the needs of mDLs, most parts of these standards apply to mobile documents (mdoc) and verifiable presentation in general. Accordingly, this effort will include presentation of documents other than mDLs using the mdoc and OpenID for Verifiable Presentation schemes defined in these standards.

Share.