I reach for certain things when I leave the house. A wallet and my cell phone are usually the key items. We know that mobile payments will soon allow me to leave the cash and credit cards behind, as my phone will take the place of my wallet in allowing me to make purchases. But will that be enough to leave my wallet home forever?
Sadly, no. One key function of my real world wallet will not be available on my phone: my driver’s license. What would it take to allow me really leave my wallet behind forever and have a viable identification document on my phone?
Putting my driver’s license on my phone shares a number of challenges with the emerging mobile payments infrastructure today. It also has the additional complication of dealing with the government, which can be complicated and slow-moving in the adoption of new technologies.
Let’s look at some of the obstacles which would need to be overcome to be ready for the digital driver’s license (DDL):
- Issuing of credentials – The process would begin at your local DMV, in much the same way as you get your driver’s license today – with a small twist. You would need to associate your phone account with the DDL. Note that you are not associating your phone, but your phone account and its secure element, which could be a SIM or another secure account ID. It’s likely that there would be an application that you would need to download, and a transfer of the credentials, and an authentication process which would take place. But once done, you are out the door.
- Managing of credentials – While getting your digital driver's license may have seemed simple, creating a network to support digital driver's licenses would be very complex. Each DDL would need to be created in a database and provisioned in the phone via an over-the-air activation platform. That platform would also need to support the management of DDL changes such as losing a phone or migrating to a different mobile network operator and management of user profiles and PINs.
- Security of credentials – A DDL would need to be at least as secure as a plastic driver's license is today. It would require the use of PIN authentication and scanable barcodes or QR codes. Potentially biometric authentication could be used also with a fingerprint reader being part of the solution. In addition, a trusted service manager platform would need to reside in the network to assure the maximum level of security when credentials are used. Credentials would need to be accessed via secure networks. All of these elements are available today, and would be expensive but possible to deploy.
- Support in the field – A DDL would have a complex network behind it, as well as the requirement that it be accessible in the real world. That means authorized users would need to be able to view and verify a DDL, either visually from the user's smart phone or, ideally, via a smart device of their own. They would also have access to the network and additional ways to verify the credentials, preferably with dual form authentication. So a police officer might not only scan your driver’s license, they might also ask you to input a PIN on their device.
It’s clear that there is a great deal of work which needs to be done to create a DDL. But the good news is that there are already secure credentials being used today in passports, which feature secure chip technology. These passports are more secure, and capable of holding additional data not visible in the passport. This makes forgery much, much more difficult.
Will the driver’s license join the passport? Only with the concerted efforts of a lot of people who really want to make the wallet a thing of the past.
Greg Coogan is the Field Marketing Lead for Morpho Cards USA, and premier provider of secure identity solutions. He has been working on mobile payments since 2005.