Jeremy Grant, Coordinator of the Better Identity Coalition, urged the US government to task the National Institute of Standards and Technology (NIST) with establishing security and privacy guidelines for mobile driver’s license apps in a hearing this week.
The hearing was concerned with innovations in identity management, and featured discussion about the impending implementation of the REAL ID Act in 2025, which is meant to impose new security standards for state-issued IDs. Just a little more than half of US citizens possess REAL ID-compliant credentials, prompting Rep. Carlos Gimenez, R-Fla., Chairman of the House Homeland Security Subcommittee on Transportation and Maritime Security, to predict “utter mayhem” at US airports when the REAL ID deadline arrives.
Another problem, according to Grant, is that the Department of Homeland Security made implementation of REAL ID the responsibility of the Transportation Security Administration. The TSA has indicated that it plans to follow the International Standards Organization’s lead on digital ID before setting guidelines for setting its own standards for REAL ID-compliant digital ID. Jay Stanely, a policy analyst with the American Civil Liberties Union, told the hearing that the ISO sets standards “behind closed doors” through “a secretive committee”, adding that it would not sufficiently protect Americans’ privacy.
Grant emphasized that the NIST has longstanding expertise in digital identity and mDL technology. “While DHS does not create standards, DHS – or even better, the White House or Congress – should request that NIST lead a timeboxed, one-year effort to create the standards and guidance needed to accelerate the deployment of secure, privacy-protecting mDL apps that Americans can use to protect and assert their identity online,” he said.
Of course, several states have already rolled out mDLs, in some cases based on technology platforms designed by IDEMIA, a France-based multinational. As for American pioneers of mobile IDs, Apple established itself as a leader early on, though the pace of its rollouts has been gradual. For its part, the TSA has been working to deploy new ID-scanning kiosks that are able to read the mDLs circulating in parts of the US.
Source: GovInfoSecurity
–
December 7, 2023 – by Alex Perala
Follow Us