In 1863, Franklin Thompson, a soldier who fought for the Union during the Civil War, abandoned his regiment. Having fought in multiple battles — including First Bull Run — and serving in roles ranging from field nurse to mail carrier and even Union spy, a case of malaria ultimately caused Thompson to flee the army. That’s because Thompson’s real name was Sarah Edmonds, a woman who was afraid that her true identity would be revealed if admitted to the hospital. Edmonds’ desertion charge was ultimately expunged. She received a military pension, became the first female admitted to a Civil War veterans’ group known as the Grand Army, and was buried with military honors when she died in 1901.In most cases where people present false identities, however, the motivation is typically nefarious — a reality that keeps the banking industry perpetually scrambling to keep up with identity theft measures. This could become even more challenging as mobile driver’s licenses (mDLs) become a reality. The Expansion of mDLsFirst tested in Mexico in 2007, electronic driver’s licenses became a reality in the US in 2016. Colorado became the first state to launch a pilot program for a digital driver’s license, which was made available through the state’s DMV and could initially be used through a mobile phone app. Since then, multiple states have followed suit and more are preparing to do so, such as California, which recently announced that the state is working with Apple to bring digital licenses to the state’s residents that will be accessible through iPhones or Apple Watches. At present, mDLs are available in 13 states: Arizona, California, Colorado, Delaware, Georgia, Iowa, Louisiana, Maryland, Mississippi, Missouri, New York, Ohio, and Utah; four of which have been incorporated into digital wallet offerings from Apple, Google, and Samsung. All but six states are either in the process of implementing mobile IDs or driver’s licenses, or they have either already legalized them or are working on legislation to do so. The use of digital IDs and licenses as an alternative to physical identification credentials is also being explored by governments throughout the world. In Europe, regulation passed by the European Commission has charged the countries that comprise the European Commission with implementing a European Digital Identity Wallet. The Convenience of mDLsEase of use and accessibility for individuals makes digital licenses an appealing option and opens the door for use in multiple ways. Unlike security features on traditional driver’s licenses such as microprint, holograms, and other tactile features necessitate physical examination that lose their effectiveness when examined remotely through online software, mDLs are equipped with biometric features and cryptography to help secure them against fraud and identity theft. Additionally, mDLs can be programmed so that the information shared with third parties is limited solely to what needs to be provided. With 60% of consumers actively using mobile wallets as of 2023, according to a recent PYMNTS Intelligence report, the foundation for their use already exists. The Security Concerns of mDLsNonetheless, concerns regarding security and privacy remain, particularly given the weak security of many people’s mobile devices. According to data from data security company Lookout, 60% of mobile devices run on operating systems that are outdated and susceptible to being breached. In light of such threats, the New York Civil Liberties Union’s Surveillance Resistance Lab recently highlighted many of the risks it believes mDLs pose, including the possibility of law enforcement using them to track people. Additionally, the group has warned that widespread usage of mDLs could marginalize people without smartphones, specifically low-income individuals, the elderly, and people living in rural areas. A national mobile driver’s license initiative designed to enhance anti-fraud controls is underway by the National Institute of Standards and Technology. Their latest guidelines incorporate feedback from federal agencies, private industry, civil rights and advocacy groups, among others. Overall, however, there is widespread sentiment that the benefits of mDLs far outweigh the risks. How Financial Institutions Can PrepareGiven the security and privacy risks that come with the rise in mDLs, financial institutions need to know how they can prepare for the increased controls that will need to be created from both a risk perspective and a customer identification perspective.The following are a few key areas to focus on:
- Security enhancements. As mDLs become more common, criminals may develop more sophisticated methods to access sensitive data, making it essential to strengthen security around the servers that store customer identification information.
- Onboarding upgrades. Your institution’s onboarding process should be updated to accommodate customers with mDLs, ensuring a smooth experience with minimal disruption. This could involve implementing automatic acceptance of digital IDs or even creating two distinct integration paths for customers — one for those using digital driver licenses and another for those with physical IDs.
- Biometric authentication. Using advanced methods for identifying customers with digital driver licenses can reduce fraud, and biometric authentication plays a crucial role in enabling faster and more accurate verification of both identities and payment transactions.
Mobile driver’s licenses and IDs are quickly gaining traction around the world. While regulators continue to grapple with the ins and outs of how they will be handled, particularly regarding issues such as security and data privacy, CFIs may want to begin ensuring that their technologies can seamlessly interact with these new forms of identification.
