Mobile Driver s License Solution



Similar documents
Implementation of biometrics, issues to be solved

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Cortado Corporate Server

m Commerce Working Group

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Strong Security in Multiple Server Environments

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Arkansas Department of Information Systems Arkansas Department of Finance and Administration

CoSign by ARX for PIV Cards

Concept of Electronic Approvals

WHITEPAPER. Fraud Protection for Native Mobile Applications Benefits for Business Owners and End Users

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

The Convergence of IT Security and Physical Access Control

esign Online Digital Signature Service

Security Digital Certificate Manager

Controller of Certification Authorities of Mauritius

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

Security Digital Certificate Manager

IDENTIFICATION Morpho Driver s license Solution for governments and road traffic authorities

Weak Spots in Enterprise Mobility Management Dennis Schröder

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

Policy Checklist. Directorate of Performance and Reform. Stephen Hylands, Head of Information Technology

Smart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL

Glossary of Key Terms

API-Security Gateway Dirk Krafzig

How Secure are Contactless Payment Systems?

Electronic machine-readable travel documents (emrtds) The importance of digital certificates

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

W.A.R.N. Passive Biometric ID Card Solution

Information Technology Policy

How To Write A Mobile Device Policy

Security by Politics - Why it will never work. Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA

CoSign for 21CFR Part 11 Compliance

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

NOAA HSPD-12 PIV-II Implementation October 23, Who is responsible for implementation of HSPD-12 PIV-II?

1. The human guard at the access control entry point determines whether the PIV Card appears to be genuine and has not been altered in any way.

THE LEADING EDGE OF BORDER SECURITY

Digital identity: Toward more convenient, more secure online authentication

Understanding Digital Signature And Public Key Infrastructure

Guideline on Safe BYOD Management

IBM Endpoint Manager for Mobile Devices

Key & Data Storage on Mobile Devices

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006

Deriving a Trusted Mobile Identity from an Existing Credential

WIND RIVER SECURE ANDROID CAPABILITY

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

The Virginia Electronic Notarization Assurance Standard

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

The Convergence of IT Security and Physical Access Control

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

What is Driving BYOD Adoption? SOLUTION CARD WHITE PAPER

WHITE PAPER Usher Mobile Identity Platform

PopimsCard. Franck GUIGAN The magic card. February

Degree Certificate Authentication using QR Code and Smartphone

Minnesota State Colleges and Universities System Guideline Chapter 5 Administration

FAQs - New German ID Card. General

PRIME IDENTITY MANAGEMENT CORE

State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008

Compatibility Testing for Mobile Apps and Websites

Kony Mobile Application Management (MAM)

BRING YOUR OWN DEVICE

IDaaS: Managed Credentials for Local & State Emergency Responders

Security challenges for internet technologies on mobile devices

Derived credentials. NIST SP ( 5.3.5) provides for long term derived credentials

Neutralus Certification Practices Statement

Bootstrapping Secure Channels of Communication Over Public Networks

EMV-TT. Now available on Android. White Paper by

Consumer Device Policy (Smartphones / Tablets) BYOD (Bring Your Own Device)

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

User Manual for Version Mobile Device Management (MDM) User Manual

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

White Paper PalmSecure truedentity

Secure Web Access Solution

FAQs Electronic residence permit

Secure your Privacy. jrsys, Inc. All rights reserved.

Improving Online Security with Strong, Personalized User Authentication

Security Levels for Web Authentication using Mobile Phones

Longmai Mobile PKI Solution

Entrust Smartcard & USB Authentication

As simple as and as secure as postal mail.

Transcription:

Mobile Driver s License Solution Secure, convenient and more efficient

Improved identity protection through secure mobile driver s licenses The introduction of a mobile driver s license is a huge opportunity to improve credential security, convenience, efficiency and even expand smart services to save people s time and money. Reasons for police officers making a road-side stop include speeding and other traffic violations. Usually, the officer also checks for suspicious behavior and has to protect himself and/or his partner in such situations. Typically, road-side checks do not really allow for in-depth physical document or time-consuming background checks via radio. The mobile driver s license can help to improve verification of the driver s credentials very fast and with 100% degree of certainty. This will give officers more time to concentrate on procedure and self-protection. Ideally, the equipment to verify mobile driver s licenses also enables conventional driver s licenses to be verified, in order to minimize additional reading equipment for the officers. The verification procedure also needs to work in offline or remote scenarios in order for the officers to concentrate on their mission. Mobile driver s licenses would not only serve the above cases, they would also save time and costs for all parties by integrating smart online services such as the renewal of driver s licenses, address changes, etc. and allowing for automated online checks against several databases. Secure mobile driver s licenses tremendously improve identity protection and therefore reduce identity theft, in turn benefitting the private sector dramatically. All-in all, the issuance of mobile driver s licenses provides benefits for authorities and driver s license holders alike. Technology The mobile driver s license solution by Veridos consists of three main components: Mobile driver s license application (mdl) Mobile driver s license verification application (mdl-verify) Document Signer (DS) and Public Key Distribution System (PKD) Mobile driver s license application The mobile driver s license application (mdl) incorporates a digital identity based on the International Standard for Driver s Licenses, namely ISO 18013. This standard allows multiple data containers. Elliptic curve cryptography and hashing methods are used to secure the digital driver s license information. At a minimum, the following data containers can be found: Biographical data Applicant name, address Applicant date of birth as proof of age, isolated from other data for privacy Privileges Driving privileges and restrictions Biometric data Applicant facial image Optional: Applicant fingerprint minutiae Certificate to prove rightful issue of the digital driver s license by the issuing authority Signature over all containers, signed by the issuing authority to detect tampering The mdl can be installed as a mobile application for use on a smartphone or tablet compatible with all mobile operating systems (e.g. Android / Apple ios / Windows 10 Mobile). The following techniques are used to prevent fraud and protect privacy when the digital driver s license resides within the mobile device: The mobile driver s license data is encrypted with the applicant s PIN or fingerprint. If a defect is exploited (like rooting or jailbreaking a device) in the operating system which protects the mobile driver s license, the data is not usable as it resides encrypted in the mobile device memory. All data is digitally signed (by the issuing authority). If the data is altered in any way, the digital signature is invalidated, which is detected by the verification process.

Personalization of the mdl Mobile DL App from store Previously sent password and instructions via Mail / email Read 2D barcode from online issuance screen, letter with card or post-issuance letter Mobile DL ready for use Personalization of the mdl A mobile driver s license can be issued using any one of several models, depending on whether the license was delivered to the applicant during an in-person visit to a driver s license office, by mail, or through an online process restricted to certain groups. Mobile driver s license verification application (mdl-verify) Veridos mobile driver s license verification application (mdl-verify) is the key component for verifying the mdl data presented by the driver s license holder. The mdl data can be transmitted to the mdl-verify application via barcode, Bluetooth LE, Wi-Fi or Google Nearby technology. mdl-verify can be installed as a mobile application for use on a smartphone or tablet. The application recalculates the data received and decrypts the signature using the issuing authority s public key. It also verifies the rightful issue of the received driver s license holder data. Mobile driver s license verification application (mdl-verify) Individual / Person Inspecting Device with Camera (e.g. Smartphone) Inspection Device Display Verifier Presents digitally sealed ID, portrait image and credentials using 2D barcode displayed on smartphone or physical document Camera captures 2D barcode encodes barcode, checks data integrity, security & authenticity of transmitted electronic document Display of biographic data, credentials and biometric data (e.g. image) Checks image with individual to be verified Physical DL Mobile DL on Smartphone Inspection Device Inspection Device Inspecting Officer

Document Signer (DS) & Public Key Distribution System (PKD) PKD Drivers License Bridge Certificate Authority (CA) Juristication 1 CA Juristication N CA Document Signer (DS) Document Signer (DS) Signed DL data Signed DL data verify verify mdl mdl-verify mdl mdl-verify Document Signer (DS) & Public Key Distribution System (PKD) The document signer (DS) is the component responsible for signing the driver s license holders data digitally with the issuing authority s private key. The result is the digital driver s license data. The inspection device uses the public key to verify the signed data. Implementation of ISO 18013 encourages cross-jurisdiction application and ease-of-use in applications installed on desktop and mobile computers and hand-held readers. It is a proven approach for high security and privacy and is used all over the world. The European Union applies ISO 18013 for its 300 million driver s licenses in circulation. A driver s license bridge certification authority holds all public key certificates of the various jurisdictions and organizes their distribution. Such a setup is extremely lean and efficient. Since the mobile inspection devices are frequently updated or even have internet access, an out-of-state or out-of-province driver s license can easily be verified in a matter of seconds. A similar setup is also used with electronic passports.

Advantages Fast processing time Lightweight reading/verification equipment (e.g. to be carried by law enforcement or private sector) Reading equipment processes document security for genuineness within milliseconds Physical contact between mobile driver s license holder and reading equipment carrier is limited to minimize liability issues and to improve operational procedures The mobile driver s license is independent of user device, which results in ease of use if phone is broken or a new one bought No involvement of Trusted Service Manager (TSM) or Mobile Network Operator (MNO) needed Checks against certificate revocation lists, blacklists, driver databases and merit point systems Allows additional online smart services (renewal, address change, etc.) Seamless integration into existing driver s license issue and verification processes Features at a glance Smart combination of mobile devices and communication channel security Interoperable across population s smartphone base / BYOD (Bring your own device) On-/Offline verification capable Not dependent on special features of the smartphone (e.g. Secure Element (SE), Trusted Execution Environments (TEE)) Compliant with international driver s license standard ISO 18013 Drop-in expansion/replacement into existing driver s license processes Data minimization concept to protect privacy Mobile driver s license holder has control over information released Attribute-driven use case (e.g. age verification in private sector) Use by both state and federal authorities possible thanks to PKD (cross-jurisdiction use) New revenue stream and business models for authorities and private sector possible (e.g. additional fee for mobile driver s license option) Use of strong cryptography based on recommendation of major IT security bodies like BSI, NIST, ANSSI, CSE NLNCSA Smart services for driver s license holders (e.g. online renewal service) People across the world are increasingly turning to mobile technology as their main source of news, information and connecting with others. The Veridos mobile driver s license solution has picked up this trend and developed it into a secure, convenient and more efficient method of driver s license verification and smart services.

Veridos GmbH info@veridos.com www.veridos.com Veridos GmbH, 2016 All technical data subject to change.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information