by INATBA Identity Working Group
We have recently seen a lot of developments in the area of Digital Identity, including Mobile Driver’s Licenses or mDLs, and see it playing a significant role across many sectors in the near term. First, let’s briefly describe Digital Identity as a means to make identity claims without physical identity documents.
The concept of a digital version of a physical driver’s license has been around for about a decade but, prior to the publication of the ISO/IEC 18013 series, there was no standard way to represent and exchange driver’s license information digitally. With the release of the mDL standard we have seen increased interest in mDLs – all in the midst of other developments in the area of Digital Identity, specifically those discussed as Self-Sovereign Identity based on the Verifiable Credential Data Model created at W3C.
Self-sovereign Identity is not yet a single coherent standard, but a conceptual model for digital identity that is defining a set of core principles that make a digital identity system life up to the SSI concept. In this blogpost, we will use the term SSI based on the definition and description of an SSI system from our Position Paper “Decentralised Identity: What’s at Stake?”. In short, SSI is characterised by improved privacy and individual data sovereignty enabled by control over cryptographic keys for the individual as well as a Credential Model that minimises data exchange between issuers and verifiers to avoid tracking.
In recent debate, we see more and more cases where concepts from outside of the core community of Verifiable Credential Data Model based Self-Sovereign Identity are branded as SSI. With the ISO/IEC 18013 series, this has also happened and we want to take a moment to compare the two approaches and find out if the claim holds true.
The ISO mDL specification (ISO-compliant Driving License or IDL) is purpose driven, as its name implies, but is said to be specifically intended to:
- enable verifiers not affiliated with or associated with the issuing authority to gain access to and authenticate the information
- allow the holder of the driving license to decide what information to release to a verifier
- include the ability to update information frequently, and to authenticate information at a high level of confidence.
This is very much aligned to the core constructs of SSI which includes the concept of Issuers, Holders, and Verifiers; however, the differences are in the details. Here are some examples:
Issuers can share verifiable information with Holder
|mDL||Out of scope for ISO/IEC 18013-5 (will be covered in ISO/IEC AWI TS 23220-3 which is currently under development)|
|SSI||In-scope through secure, pairwise pseudonymous channels|
Issuers can revoke verifiable information shared with Holder
|mDL||Out of scope for ISO/IEC 18013-5 (expiry dates can be provisioned)|
|SSI||In-scope by utilising one of the available revocation methods|
Holders can selectively disclose verifiable information
|mDL||Yes because each Issuing Authority creates a unique digest for each data element where the entire digest is signed by a MDOC Security Object during the issuance process using approved (e.g., NIST, BSI, ANSI) cryptographic algorithms for authentication|
|SSI||Yes, for each Verifiable Credential from each Issuer when JSON LD BBS+ or AnonCreds are used to create a Verifiable Presentation|
Holders can prove something without sharing personal information (ZKP)
|mDL||Yes, with predetermined, pre-negotiated predicates and variables such as “age over 18” [where age is the predicate and years is the variable]|
|SSI||Yes, for each Verifiable Claim within a Verifiable Credential and without predetermined predicates or variables when JSON LD BBS+ or AnonCreds are used to create a Verifiable Presentation|
Verifiers can authenticate information
|mDL||Yes, by authenticating against each Issuer’s public key and using digests for each identity element|
|SSI||Yes, by referring to Decentralised Identifiers (containing public keys) that can be anchored both on decentralised public key infrastructures (DPKI’s) as well as with traditional centralised PKI’s|
Verifiers can interpret the information
|mDL||Yes, by referring to nameSpace(s) for each Issuing Authority; e.g., AAMVA namespace for the collaborating driving license issuers of the US and Canada|
|SSI||Yes, by referring to Schema registries maintained by groups of Issuers that collaborate in a Trust Framework or within a shared Verifiable Data Registry|
Looking at the above comparison, It is clear that both approaches strive to maintain user control of their personal data, supporting selective disclosure/data minimisation, and using cryptographic methods to prove the authenticity and integrity of identity claims. Where there are differences is: the mDL specification allows for Verifiers to interact with Issuers in the verification process (this option is not privacy preserving) and the current mDL specification calls for device binding whereas SSI builds on holder controlled private keys for holder binding. Depending on the use case and technical environment, both approaches have their benefits and shortcomings.
Looking at its prime use case for offline driving license verification, we can see great potential for the ISO mDL standard; additionally, we see the mDL standard solving challenges in the area of mDL semantics, onsite verification and compatibility with low security smartphones.
We anticipate a lot of development in both approaches including multi-protocol digital identity applications. Because of the scope of the mDL and a concentrated effort for related standards, we are likely to see good mDL adoption but are uncertain about its potential for a generalised use of mDocs that can be compared to the potential of SSI Credentials based on the Verifiable Credential Data Model. We expect that standards aligned to Decentralised Digital Identity will prevail for general digital identity applications due to its flexibility as a more generic concept and the availability of open source components in the market that provide for low adoption cost.
With the emerging legislation on, and ultimate adoption of, a European Digital Identity Wallet (EUDIW), we see a great potential in the combination of different identity domains that should be included as part of the Wallet. While we see great value in Electronic Attribute Attestations being implemented with SSI technology, due to their generic nature, we see equal value for the ISO mDL standard to be selected for the case of mDL in the European Digital Identity Wallet to ensure that all day-to-day interactions are supported by the EUDIW. This coexistence will likely result in the need for digital identity wallets to be able to support multiple protocols (how data is exchanged), formats (what data is required and how it is organised), and signatures (how trust is established and verified).