The document discusses the implementation and features of mobile driver's licenses (MDLs), highlighting their use cases in various scenarios such as police stops, travel, and banking. It outlines challenges related to interoperability between multiple issuers and the modes of operation for MDLs, including attended and unattended methods. Additionally, it presents a framework for data transfer using protocols like OpenID Connect, while calling for community feedback and collaboration on developing the standards.

1. Mobile Driver‘s License | mDL online
Autor: Oliver Terbu
Klassifizierung: öffentlich
Oliver Terbu
Solution Architect
Österreichische Staatsdruckerei GmbH
e-government innovations
terbu@staatsdruckerei.at
Tenschertstrasse 7 | 1239 Wien | www.staatsdruckerei.at

2. 2
Reference: http://www.sosiphone.com/blogiphone/wp-content/uploads/2010/11/appwall.png

3. Use Cases | physical Card
3
• Police Roadside Stop
• Show or transmit Driving
Privilege
• Board a Plane
• Peer-to-Peer Data Exchange
• Check into Hotel
• Open Bank Accounts
• Purchase age-restricted
Items
• Enter a Bar/Club/Restaurant
• Vote or register to vote
• Rent a Car
• Obtain Social Services

4. The next logical Step
4
• Driver’s License on
Smartphone
– Data Minimization
– Usability
– Efficiency
– Use Cases
Oe
SD
09
:1
1

5. ISO | Driving Licence
5
ISO/IEC 18013 new Part 5

6. ISO | Core Challenges
6
• Multiple Issuers per Country (e.g. US)
• Interoperability between Relying Parties and multiple Issuers
• Not every Country will introduce an “online” mDL
• Different Modes of Operation
– Attended
– Unattended
• Face-to-Face (e.g. Vending Machine, Carsharing)
• Pure online (i.e. online Service Providers)

7. Use Cases | Modes of Operation
7
• Attended
– Face-to-Face with human
Verifier
– Signed mDL Data
– Picture Comparison
• Unattended
– Face-to-Face with non-
human Verifier, or pure
online Service Provider
– Signed mDL Data
– “Something Else”

8. ISO | Interfaces
8
• 3 Interfaces
– Engagement:
Kick-off Data Transfer
– Data Transfer: Protocol
and Data Structures
– Trust Model: Certificate
Profiles and Policy,
Trust List Format
Jurisdiction A
Trust Model
Engagement
Jurisdiction B
1
3
4
2
Data
Transfer
out-of-scope
of ISO 18013
online mDL
Holder Device
online mDL
Reader Device
Issuing AuthorityIssuing Authority

9. ISO | Interfaces
9
OpenID Connect as
ONE Option
for Data Transfer

10. Architecture | Attended Mode
10
• Face-to-Face
– RP is the Agent and acts on
behalf of the mDL Holder
– No Login needed
– No “acr” / assurance level
required
online mDL
Holder Device
online mDL
Reader Device
out-of-band
consent and/or
authentication
requests
mDL data
token
protocol id
(QR or NFC)
token request
(incl. optional
consent)
verifiable
mDL data
4
2
5
7
6
token3
verbal or NFC
request
1
Issuer

11. Architecture | Unattended Mode
11
• Face-to-Face
– Same as attended Mode
• Pure online
– Browser Agent
– “Typical” OIDC
Authorization Code Flow
online mDL
Holder Device
out-of-band
consent and/or
authentication
requests
mDL data
token
protocol id
(QR, NFC, Browser)
token request
(incl. optional
consent)
verifiable
mDL data
4
2
5
7
6
token3
Issuer
Online Service
Relying Party
Vending Machine
Relying Party
verbal, NFC,
or potentially QR
request
1

12. ISO | OpenID Connect | mDL Profile
12
• Kicked-off with “token” containing
– A tokenized, non-correlatable, time-limited identifier for the
mDL Holder
– A URL pointing to Discovery Endpoint of Issuer
• HTTPS with trusted Communication Certificates for Server
Authentication
• Based on Authorization Code Flow (Metadata, Dynamic
Client Registration)

13. ISO | OpenID Connect | mDL Profile
13
• id_token / UserInfo
– JWT is signed with dedicated “Token Signer” obtained via
Metadata
– Contains mDL related Claims
• New Claims
– licence_number
– entitlements (e.g. Vehicle Categories)
– …

14. ISO | OpenID Connect | mDL Profile
14
• Reuse IANA Claim Registry
– iat
– …
• New Scopes with Parameters (e.g. for age attestation)
• Mandatory Parameters
– login_hint to transmit mDL Holder Identifier
– acr to request and communicate back the Assurance Level

15. Conclusion
15
• First ISO Committee Draft out for Ballot (attended only)
• OIDC Profile not ready yet but Feedback already welcome
• Looking for interested People of the OIDF Community for
Peer-Review once OIDC Profile is more mature
• Collaboration / Coordination with iGov Group appreciated

16. Thank You!