TSA Seeks mDL Exemption to REAL ID Rule

The Transportation Security Administration is seeking public comment on a “Notice of Proposed Rulemaking” that would allow the continued use of mobile driver’s licenses even after the Real ID requirement takes effect in May of 2025.

Nok Nok Labs has launched the latest version of its flagship S3 Authentication Suite, delivering four new capabilities for the platform. One of the new features is designed to help organizations adapt to the emergence of passkeys, an authentication innovation that essentially turns an end user's smartphone into a passcode vault for their various online accounts, and locks it behind their device's biometric sensors. The S3 Suite now enables organizations to configure authentication rules to detect when new devices are being used for passkey authentication and verify that the end user is the legitimate account holder. The platform also now enables organizations running e-commerce sites to let their customers easily sign in with a passkey, helping to reduce friction and prevent cart abandonment. Also of interest to online retailers will be a new payment verification mechanism that lets the customer confirm a transaction with their device's biometric systems. Support for this W3C Secure Payment Confirmation (SPC) has been added to the EMVCo 3D Secure specification, which is widely used for online card-based payments. Finally, the upgraded S3 Suite also features a system to let organizations track the physical security keys they have issued to their employees, enabling them to ensure that a given user is trying to log in with the key they were provided and not a third-party device. Nok Nok is positioning this capability as one that will be of particular interest to organizations in highly regulated industries such as healthcare and insurance. "We co-founded the FIDO Alliance to make it easier to implement strong, passwordless authentication solutions for consumers and enterprises," said Nok Nok CEO Phil Dunkelberger. "Now, we are expanding our offering to companies in key regulated sectors that need to be able to quickly and efficiently respond to the evolving regulations coming from the US and foreign governments." Beyond the commercial sector, Nok Nok has also indicated a growing interest in bringing its authentication and identity security solutions to the public sector. Toward the end of last year, the company established a strategic partnership with UberEther, a provider of identity and access management tools to the federal government, explaining at the time that it would deliver "innovative cybersecurity capabilities" to UberEther's AIM Advantage platform.

REAL ID is a federal ID standard that will be required from US travelers seeking to board domestic flights or access certain federal facilities. But with the TSA now experimenting with accepting mDLs such as Apple’s digital ID, the organization wants to make sure that such innovation isn’t stifled when REAL ID takes effect.

“TSA fully supports the integration of digital identity technology, including mobile driver’s licenses, as part of our transportation security framework,” explained TSA Administrator David Pekoske. “This incremental approach balances security and passenger experience, encourages digital identity innovation and investment and ensures that we honor the intent of the REAL ID Act.”

The mDLs approved for use in pilots by the TSA are compliant with the new CAT-2 terminals that the agency has been deployed at airports across the country. The terminals are equipped with face-scanning technology designed to match travelers to their physical IDs, but also feature the ability to read mobile IDs on travelers’ smartphones.

Biometric identity verification still comes into play in these transactions. Apple’s mDL, for example, involves an elaborate registration process asking the end user to undergo a selfie video involving certain head movements to verify liveness, with facial recognition matching the user to their physical ID. Once that process is complete, the user can then access their mDL with a biometric scan on their iPhone, and share its data with the TSA’s readers.

In its request for comment, the TSA noted that is has approved multiple mDLs for testing purposes: Apple mDLs issued in Arizona, Colorado, Georgia, and Maryland; GET Group’s mDL in Utah; Google’s mDL in Maryland, IDEMIA’s mDL in Iowa, and a Spruce-made solution that is now being piloted in California.

The TSA will accept comments until October 16, 2023.

Source: Transportation Security Administration

–

August 30, 2023 – by Alex Perala

Partners

FaceTec’s patented, industry-leading 3D Face Verification and Reverification software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ finally make trusted, remote identity verification possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for 3D Liveness and Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

Oz Forensics is the independent private vendor of robust, technology-based, and AI-powered liveness detection and face-matching solutions founded in 2017 and headquartered in Dubai, UAE. We confirm the security level of our solution by certifying the ISO-30107 Level 1 and 2 standards. https://ozforensics.com/

AuthenticID provides 100% automated identity verification and fraud detection solutions that are leveraged by companies worldwide, including 2 of the top 3 U.S. Banks, 8 out the top 10 wireless providers in North America, and 2 of the 3 credit bureaus. Using proprietary computer vision and machine learning technology, these solutions help companies accurately verify the identity of their users across retail, digital and call center environments for onboarding and ongoing re-authentication events; KYC, IAM, and more. The solutions are easy to integrate and provide customers a large ROI by stopping fraud losses, increasing customer conversion at onboarding, reducing operational costs and allowing quick and cost-effective operational scalability, all while ensuring global privacy regulations are complied with. https://www.authenticid.com/

Founded in 2007, Lakota Software Solutions is an American company with a world-renowned reputation for developing robust biometric software and systems. Our vendor-agnostic products are tailored to ensure compliance with ANSI/NIST-ITL standards and EBTS specifications, facilitate seamless integration with other biometric systems, and optimize accuracy, cost-effectiveness, and scalability. https://lakotasoftware.com/

Identity Week aims to be a significant identity industry catalyst. It’s our mission is to help accelerate the move towards a world where trusted identity solutions enable governments and commercial organisations to provide citizens, employees, customers and consumers with a multitude of opportunities to transact in a seamless, yet secure manner. All the while preventing the efforts of those intent on doing harm. https://identityweek.net/

The Biometric Digital Identity Prism is a market landscape framework designed to help influencers and decision makers understand, innovate, and implement digital identity technologies and solutions. This innovative framework for understanding and evaluating the rapidly evolving biometric digital identity marketplace is the only market model that is truly biometric-centric based on the foundational conviction that in the age of digital transformation the only true, reliable link between humans and their digital data is biometrics. https://www.the-prism-project.com

Related News & Articles

Footer

Follow Us