Several states have run pilots for digital driver’s licenses, which would allow residents to supplement plastic ID cards with smartphone apps. But as the technology becomes more of a reality, experts are worried about the privacy implications.
People with digital wallets on their smartphones, holding everything from credit cards to airline tickets, may soon be able to add a new feature: their driver’s licenses.
While many lawmakers are excited about the potential of the technology to be used in a wide variety of situations, privacy experts are wary about potential data breaches.
Gemalto, a software vendor that has piloted this kind of technology with five states, designed their app to look like a digital replication of a physical driver’s license, but with different use cases to allow users to only share the information relevant to a particular scenario. Steve Purdy, the digital license project lead for Gemalto, explained that users can select from a menu of options, including law enforcement stops, TSA checkpoints, age confirmation for liquor and lottery ticket sales, and pharmacy identity confirmations.
“In each case, you only have to authorize the information necessary for the person checking your ID,” he said. “The biggest advantage to a digital license for the user is the privacy control.”
Purdy said that one of the clearest benefits to the state is the quickness with which law enforcement can verify someone’s ID at traffic stops. “Law enforcement is our biggest stakeholder,” he said. With that new process, police officers hand a card with a QR code to the driver, who scans it with their app, sending their information to a terminal in the squad car.
Gemalto offers two different types of verification methods. With one, a 2D barcode is projected that can be scanned by another phone or a tablet. With the other, Near Field Communication is used, similar to what users display with Apple Pay, to establish an encrypted contactless information transfer. Gemalto piloted this technology over two years under the supervision of the National Institute of Standards and Technology, through partnerships with Washington D.C., Maryland, Colorado, Wyoming, and Idaho.
Renée Krawiec, the driver services deputy program manager for the Wyoming Department of State, was both the project manager and a participant in the pilot in her state. Krawiec said the state is exploring a timeline for a full rollout, where digital licenses would be optional and supplemental to physical ones. “First, we definitely want to make sure that we’ve gotten feedback from legislators, and buy-in from the rest of state government, so that when it is rolled out, the program is successful,” she said.
Legislators in Maryland have already approved electronic credentials as a valid form of identification, and Gemalto is in discussions with the state about production, making the state a likely candidate to be the first to debut the technology in the next year.
But Michele Gilman, a law professor at the University of Baltimore, questioned whether Maryland is ready to introduce a digital option when the state is still struggling to get all residents compliant with Real ID laws. “The DMV is not the bureaucracy that fuels the most comfort amongst the citizenry,” she said. “Just because digital licenses will be recognized as a valid credential doesn’t necessarily make it a reality on the ground. But one good thing with legislation is that it can always be refined and changed as we learn more.”
Gilman also worried that state legislators who are approving digital license technologies may not fully understand how they work. “The state often procures these services, and they not only contract out development and delivery, but also the knowledge of how they function,” she said.
Jay Stanley, a senior policy analyst with the ACLU’s Speech, Privacy, and Technology Project, agreed that lawmakers need to lean on the expertise of independent, disinterested technological privacy experts who can ensure that vendor systems are being built in the proper way. “If a company’s product is becoming part of a core government function, that company’s insistence on proprietary trade secrets needs to go in favor of independent evaluation,” he said.
Stanley said that location tracking is the main concern with digital licenses, but that there are different ways for a system to be set up to provide stronger user privacy. One would be to take a system offline, as Gemalto has done with theirs at the recommendation of NIST. When verifying a license offline, the app doesn’t connect to the back-end architecture, which disables the ability to track location. Another would be to use strong encryption, so that if an app pings the DMV for confirmation of the license’s authenticity, the DMV can certify the information without revealing who the license was issued to. “That type of ‘fancy math’ is here today and doable,” he said.
Stanley said the best systems would publicly release their code. “With such an important application of technology, it’s crucial that it be public so people can verify that the code is working as advertised,” he said. “That way we can see that privacy is baked in, and don’t have to take anyone’s word for it.”
Krawiec, however, said she isn’t concerned with the safety of Gemalto’s app on the front-end, since she used it firsthand throughout the Wyoming pilot. The data is stored in secure element on a user’s phone, and the app requires an additional security measure, like a passcode or a fingerprint, to be opened. “I’ve seen that the security of the digital credentials myself,” she said. “And feedback from users in the pilot was addressed, so there was a very high level of confidence in their personal security.”
Not all states in the pilot were as enthusiastic as Maryland and Wyoming, though. The Idaho DMV left Gemalto’s pilot program, choosing to focus instead on “keeping the current DMV system stable and working towards its modernization.” Jennifer Gonzalez, of the Idaho Department of Transportation, said that they are “closely monitoring other states that are piloting the program.”
Other states that didn’t participate in the pilot are also moving into the space. Virginia, Iowa, and Louisiana are at varying stages of the legislative and piloting process. In addition, the American Association of Motor Vehicle Administrators is working on standards to ensure that disparate systems conform when people cross state lines with digital IDs.
Purdy estimated that in 10 years, over 50% of the population would be using a digital ID, and one day, physical licenses may be obsolete.
Stanley agreed that digital licenses are likely to become a widespread reality soon. “Overall, if something like this is done exactly right, it could be a good thing for privacy, as users could submit the minimum amount of information needed in a given situation,” he said, citing the example that a bartender doesn’t need to know someone’s organ donor status. “But if done poorly, this could be a disaster for privacy. That’s why it needs to be done right.”