SSI Orbit Podcast
Mobile Driving Licence (mDL): Exploring ISO 18013-5&7 (with Andrew Hughes)
By Mathieu Glaude
January 27, 2023

>>  Listen to this Episode On Spotify

>>  Listen to this Episode On Apple Podcasts

About Podcast Episode

There has been quite some traction behind the ISO Mobile Driver’s Licence (mDL) recently. Many US States have opted to deploy them, it has recently been suggested in the EU digital identity guidance as an initial use case to be supported, and the mDL mdoc format is starting to be supported by other transport protocols such as OIDC4VC.

We talk a lot about various flavours of verifiable credentials on this podcast. Verifiable credentials aim to give broad expressive capacity to digital credentials for a variety of use cases, while the Mobile Driver’s Licence (mDL) addresses the particular use case of mobile driving licenses.

One of the things that resonated the most to me in this conversation with Andrew was the fact that mDL has the opportunity to be a powerful tool in credential transformation. What does that mean? 

Governments today aren’t accustomed to issuing verifiable data to their citizens.  And because mobile driver’s licenses are an issuer-oriented standard today, and governments (issuers) are members of the organization that is defining these standards (ISO), there is a clear appetite for them. The thought is that once a use case-specific credential such as a mobile driver’s licence gets issued into the wild, then the next logical step for government issuers is to begin thinking: “Hey! What if I don’t have to issue digital representations of physical documents, but instead start issuing specific claims or attestation?” This is the credential transformation.

Another thing that resonated with me in this conversation was the fact that we need to make sure we separate standard work from implementation work in our discussions, regardless of the standard. Certain features such as privacy, interoperability and security can be built-in, or rather suggested by the standards. It however comes down to implementers to build their solutions around them in the right manner. This also includes how mDL issuers determine how they interact with the large mobile hardware and software vendors (e.g., Apple and Google), who pose risks of walled gardens and control.

In this podcast episode with Andrew Hughes, we discuss,

  • Distinguishing the mobile driving licence (mDL) credential type from a verifiable credential (VC).
  • How the mDL standard is working towards being consumed by other credential transport protocols (e.g., DIDComm, OIDC4VC)
  • Can the same ISO standard for mDL be used to issue non-driving licence credentials? And should it?
  • Do issuers of driving licences consider mDL it as a driving licence credential, or an identity credential?
  • What does the ecosystem look like for mDL vs the one for physical driving licences? Who are some new participants that aren’t involved in physical DL production and governance?
  • Why implementation supersedes the standard work.
  • What are some interesting use cases around mDL that are gaining traction?
  • How ISO works and how the relevant mDL sub-committees are evolving the standard.
  • Are there concerns with the mobile hardware and OS providers gaining too much control over the mDL credentials?

 

About Guest

Andrew Hughes CISM CISSP is Director of Identity Standards at Ping Identity. He is a digital identity strategist contributing to international standards development. He works with international associations and standards bodies as a domain expert, developing standards and related conformity assessment materials. Andrew serves on the Board of Directors of Kantara Initiative, and as the Chair of the Kantara Leadership Council. As a national expert delegate for Standards Canada on digital identity, he contributes to development of international standards at ISO SC 27 for identity management and ISO SC 17 for mobile driving licenses and mobile eID. Andrew is currently investigating how the worlds of Government Issued Photo ID can co-exist with the emerging Verifiable Credentials models, in a mobile-first manner.

Related Episodes

Want to Be a Guest?

Come Onto the Show

Stay Connected to Get The Latest Podcast Alerts

Introducing our groundbreaking Trust Registry platform

The ultimate solution for forging resilient trust ecosystems in today's digital landscape.

Trust Registry

Products

 

Orbit Enterprise

Establish your own trusted digital interactions ecosystem with your customers, partners and suppliers

Orbit Edge Wallet

Hold and manage issued verifiable credentials securely and in a privacy-preserving way

Orbit Trust Registry

Empower your organization to establish credibility, verify identities, and foster secure interactions with confidence and ease.

Updates

 

Product Updates

Solutions

 

Verified Person

Receive a verifiable credential from Northern Block

OpenID4VC

Try our new OpenID4VC demo

Energy and Mines Digital Trust

Organizational Wallet and Credentials

Receive, store and exchange organizational credentials within your ecosystem

 

 

 

OpenID4VC Demo

Exchange verifiable credentials over OpenID4VCI and OpenID4VP.

 

Resources

 

SSI Orbit Podcast

Self-sovereign Identity, Decentralization and Digital Trust

Blog

Insights and News from the Forefront of Self-sovereign Identity

Latest Content

 

The Global Acceptance Network (GAN) (with Darrell O’Donnell)

The Global Acceptance Network (GAN) (with Darrell O’Donnell)

🎥 Watch this Episode on YouTube 🎥🎧   Listen to this Episode On Spotify   🎧🎧   Listen to this Episode On Apple Podcasts   🎧 About Podcast Episode What if there was a way to establish a new trust layer for the internet, enabling secure digital interactions and unlocking...

read more