Scytáles ISO-Compliant Products
Scytáles ISO/IEC 18013-5 Compliant Solutions
A mobile driving licence (mDL) that is secure, accurate, interoperable, and protects privacy is here and is changing the identity landscape
Successfully passed the conformity assessment against the ISO 18013-5
Scytáles mobile driving licence (mDL) and mobile ID (mID) applications for iOS and Android have successfully passed a conformity assessment against ISO 18013-5 carried out by the Identity Management & Security division of UL, the global safety science leader. The conformity assessment is used to evaluate compliance with voluntary consensus standards or technical regulations. With conformity in an open mDL/mID ecosystem, we have the same level of trust as a traditional biometric passport. In addition, with the mobile ID solution, those that rely on conventional DL/ID cards can reach a higher quality of services.
Get Updates on the ISO Development
If you're interested in knowing more about the developments of the ISO 18013-5 and how you can benefit from this standard, subscribe to our monthly newsletter and receive the news directly in our inbox (you can unsubscribe at any time).
The importance of being interoperable in a mobile identity solution
There are infinite use case scenarios in a mobile identity ecosystem. As such, an mDL and an mDL validator will not only run on different operating systems but also be designed and developed by different vendors.
This is why interoperability, enforced by the ISO 18013-5, is one of the key factors in opting for and achieving a functioning mDL ecosystem so that, for example, a Malaysian citizen with a driving privilege can be validated online by a rental officer in the same way upon renting a car in Sweden, Finland or any other place in the world.
Scytáles ISO mDL/mID and validation products ensure full interoperability and are passing the various ISO 18013-5 tests.
What is the ISO/IEC 18013-5?
The ISO/IEC 18013-5 standard defines an mDL as a driving licence that resides on a mobile device or requires a mobile device as part of the process to gain access to the driver licence. This Global standard is being developed by the members of the International Organization for Standardization (ISO/IEC JTC1/SC17/WG10), ultimately serving billions of mDL holders and the mDL relying party community.
Scytáles’ role in the ISO 18013-part 5 working group
Scytáles is a strong driving force in the ISO working group for the mDL and we are fully compliant with this standard as of today.
We are representing Sweden (SIS) as an expert through the Standardization Body and Task Force 14 on mDL within ISO/IEC JTC1/SC17/WG10.
CASE STUDY
Utah Mobile Driving Licence Pilot
The Utah Department of Public Safety’s Driver License Division (DLD) is taking the first steps toward moving Utahns’ identities out of their wallets and into the 21st century with the initiation of a mobile driving licence (mDL) and identification card pilot program with Scytáles, together with our international partner GET Group North America.
In addition to the convenience aspect of adding the primary form of identification to Utahns’ mobile phones, the primary benefit the mDL will offer Utahns is enhanced privacy by minimizing the amount of personal data they share, in contrast to what they now share when handing over a physical card.
Utah’s mDL will be the first in the US that will incorporate the industry standards established for privacy, security, interoperability, and authenticity. The pilot program is now ready to begin with approximately 100 select participants and will expand to 10,000 participants including the broader public until the end of 2021.
Much more than a copy of a physical document
An mDL/mID provisions in the mobile phone the same data as the physical DL/ID, signed by the respective issuer authority, but it is not just a photo or a digital representation of a driving licence.
An mDL/mID can not be fully trusted only by showing it to a validator on the Holder's phone since, for instance, it is so easy to take a screenshot of the displayed ID and alter it.
This is why it is so important to adopt an ISO 18013-5 compliant solution: it ensures the interchange of trustworthy identity data between an mDL and a Reader device. The data can be transmitted between the two devices and then cryptographically verified to be authentic and untampered.
Selective data sharing
Besides offering convenient availability of your identity without requiring access to a physical credential, an ISO-compliant mobile Identity / Driving Licence also allows you to share only the necessary attributes for the transaction, rather than all ID/DL attributes.
For example, a bar employee verifying your age does not need to know your name or address., and with the Scytáles mID/mDL you can share only your age and photo.
Scytáles ISO-compliant solutions additionally supplements controlled access to your identity information and protection against unauthorized use, supported by capabilities of the smart device platform, like the usage of a PIN code and/or biometrics.
Include additional data from other licenses or documents, like Covid-19 testing and vaccination
With the Scytáles ISO mDL/mID you can connect to other trusted data sources and provide additional attributes or licences. One of the main advantages of being digital is that you can have your different IDs on your mobile wallet and keeping control at all times of the information you want to share.
If you want to start with one ID and afterwards scale-up adding other IDs/Licences to your Mobile Identity Ecosystem, you must choose an ISO 18013-5 compliant solution. This is the case of Covid-19 testing and vaccination data, which is already mapped out in the “ISO/IEC 18013-5 mdoc for eHealth” document, which defines an international standard protocol for vaccination certificates or “Green Pass”.
This ISO is the standard that not only models how to build these solutions but also ensures that different vendors can communicate seamlessly between them.
Contactless validation
An mDL/mID Holder does not have to hand over their device at any point of the verification process and has complete control over the data shared with a Validator.
The ISO 18013-5 defines principles for data privacy and security by design. By enabling tap, nearby and distance data communications, the Holder always handles their mobile device and controls which of their data is shared. The closest your phone gets to a Validator device is when is tapped for an NFC connection, similar to payment implementations today.