Mobile Driver's License Criteria

From IDESG Wiki
Jump to navigation Jump to search

Full Title or Meme

The Mobile Driver's License Criteria for a high level of Identity and Authentication Assurance.

Context

Actors

  1. Holder - the subject of the Mobile Driver's License
  2. Reader - a device that can read and verify the mDL, which is presumably hosted in a native smart phone app
  3. Issuing Authority - typically a state motor vehicle agency.
  4. Trust Authority - some sort of wide ranging list of valid participators - not well defined at this point.

Taxonomy

  • Caution on terms. mDL and mDL app get conflated in the specs. The full mDL is seldom/never released by the app to the reader/verifier.
  • Compare there terms Verifiable Credential and Presentation Exchange from the DIF folk. The VC (like the mDL or mdoc) may be in the smartphone, but only a part is "presented" to the reader.
  • Digital identity is generally recognized as the digital representation of an individual in an electronic transaction. (from RFC).
  • An mDL is a digital representation of the identity information contained on a state-issued physical DL/ID. (from RFC).
  • Authenticate means establishing that a certain thing (e.g., mDL Data) belongs to its purported owner (e.g., mDL Holder) and has not been altered.
  • A Certificate Authority issues Digital Certificates that are used to certify the identity of parties in a digital transaction.
  • Data Freshness refers to the synchronization of mDL Data stored on a mobile device to data in a DMV’s database, within a specified time period.
  • Department of Motor Vehicles (DMV) refers to the state agency or its authorized agent responsible for issuing an mDL and for maintaining mDL data in its database.
  • Digital Certificates establish the identities of parties in an electronic transaction, such as recipients or digital signatories of encrypted data.
  • Digital Signatures are mathematical algorithms routinely used to validate the authenticity and integrity of a message.
  • Identity Proofing refers to a series of steps that a DMV executes to prove the identity of a person.
  • Identity Verification is the confirmation that identity data belongs to its purported holder.
  • Issuance includes the various processes of a DMV to approve an individual’s application for a REAL ID driver’s license or identification card.
  • An mDL is a digital representation of the information on a state-issued physical DL/ID, and is stored on, or accessed via, a mobile device.
  • mDL Data is an individual’s identity and DL/ID data that is stored and maintained in a database controlled by a DMV and may also be stored and maintained on an individual’s mDL.
  • mDL Holder refers to the owner of a mobile device.
  • mDL Reader refers to an electronic device that ingests mDL Data from a mobile device.
  • Offline means no live connection to the internet.
  • Online means a live connection to the internet.
  • An mDL Public Key Distributor is a trusted entity responsible for compiling and distributing Digital Certificates issued by DMVs.
  • Public Key Infrastructure (PKI) means a structure where a Certificate Authority uses Digital Certificates for Identity Proofing and for issuing, renewing, and revoking digital credentials.
  • Provisioning refers to the various steps required for a DMV to securely place an mDL onto a mobile device.
  • Token means a cryptographic key used to authenticate a person’s identity.

Use Cases

Problems

  • REAL ID has yet to approve a single state's Mobile Driver's License (mDL) for Federal access.
  • Supply Chain for components of the mDL has not been a part of existing criteria, but needs to be included based on the Solar Winds attack of government and commercial access.

The REAL ID Act

  • The Act set minimum requirements for state-issued DL/ID accepted by Federal agencies for official purposes, including accessing Federal facilities, boarding federally regulated commercial aircraft, entering nuclear power plants, etc.
  • Full enforcement of the REAL ID regulation begins October 1, 2021 (note that his date has already been extended innumerable times.)
  • Examples of security requirements applicable to physical cards include ‘‘common machine-readable technology’’ and ‘‘security features designed to prevent tampering, counterfeiting, or duplication . for fraudulent purposes. (i.e. ISO 18013-1 plus a few embellishments.)
  • Good security practices in creating an implementing the distribution.
  • ISO 18013-5 (mDL) will need embellishments as well for the REAL ID Act. AAMVA is given official recognition in this effort.
  • For Federal agencies to accept mDLs for official purposes, an mDL ecosystem must allow for trusted and secure communications between a DMV, a mobile device, and a federal agency.
  • a system would provide functionality analogous to the physical security features required under 6 CFR 37.15 that are designed to deter forgery and counterfeiting, promote confidence in the authenticity of the DL/ID, and facilitate detection of fraud.
  • a DMV would be responsible for issuing an mDL and enabling a user’s mobile device to store and/or access mDL data.
  • An individual’s mDL Device would transmit mDL Data, or a digital ‘‘token,’’ to the reader via wireless or secure optical communication protocols.
  • the reader and mobile device would require the capability to communicate and authenticate the mDL data in at least offline (no internet connection) mode. The system would require digital security protocols to protect the confidentiality, privacy, security, and integrity of the mDL data, through its full lifecycle.
  • an mDL Holder would authorize release of relevant mDL Data from the device.
  • The communication interfaces enable the parties to exchange information and assess if the mDL Data (1) was provisioned by a trusted source (the DMV), (2) belongs to the individual asserting it, and (3) was transmitted to and received by an agency unaltered.
  • ‘Remote’’ provisioning, in contrast, does not require an individual to be physically present at a DMV location. Instead, individuals would electronically send identity verification information to the DMV to establish their identities and ownership of the target device.
  • DHS is aware of at least two notional types of solutions:
  1. A hardware-based option, where the mobile device private key and/or mDL Data would be stored in and/or secured by a mobile device’s secure hardware, and
  2. a software-based option, where the private key and/or data would reside within a third-party app installed on a mobile device, secured by the device’s key chain management interface.
  • Off-line comms needs more detail: NFC QR BLE or WiFi Aware.
  • Federal agencies cannot accept an mDL unless the agency can authenticate the identity information. This means confidence that the mDL Data came from a trusted source (the DMV), and the mDL Data was transmitted to the agency unaltered.
  • Reg establishes such ‘‘trust’’ by requiring physical DL/IDs to include physical security features on the

surface of a card that are designed to deter and detect forgery and counterfeiting. As mDLs lack a physical form they cannot overtly display physical security features. Therefore, regulatory requirements for physical security features on a physical substrate need to be updated to establish comparable mDL-specific security features.

Responses to RFC

References