Safely Vetting a Digital Driver’s License
As the adoption of mobile driver licenses (mDL) evolves, the safety of law enforcement must be taken into consideration. When an officer pulls over a driver and approaches the vehicle the officer must not be distracted so that he/she can have “eyes on the driver” at all times. In these situations, the officer will eventually gather the identity credentials from the driver for verification. This gathering activity must be thorough yet not a distraction to the officer.
The vetting of a drivers license is not simple so it is not something that should be performed during face-to-face encounters when physical risk is high. During the vetting of paper/plastic driver licenses, the officer will typically return to the police car with the driver’s credentials to perform the required verification processes. Some law enforcement agencies are advocating that verification activity of mobile driver licenses should also be performed within the safe surroundings of the police vehicle. Unfortunately, there remains a disconnect between this officer safety requirement and mDL vendor solutions.
Some vendors and government agencies are advocating the use of a mDL reading device that would essentially take a picture of the credentials rendered on the driver’s mobile phone display so that the reader could transmit the image back to a DMV system for verification. This has a number of issues. For starters, this approach is not realistic when connectivity to the DMV is not possible. Additionally, taking a picture of a phone display with another device is a safety issue for the officer. Aside from the need to deal with Moire Pattern Issues and the difficultly of snapping an image when the devices are typically shaking, this gathering process significantly preoccupies an officer and thereby fails to meet the aforementioned safety requirement.
IBM Mobile Identity provides the flexibility to allow verifiers to compress or decompress the data gathering user interface tasks. During an identity challenge where the safety of a verifier is not a concern, the decompressed workflow allows the identity owner and the verifier to go through several steps of verification. First, both parties can verify that the portraits associated with the devices match the individuals participating in the challenge transaction. Second, the devices securely exchange request and response data using peer-to-peer communications.
Conversely, during an identity challenge where the safety of an officer is a concern, IBM Mobile Identity can be configured to use a compressed data exchange workflow. IBM refers to this compressed workflow as “No Eyes Off” Authentication or Neo-Authentication.. Furthermore, given the peer-to-peer communications support, the Officer can place his device in request mode, put the device in his pocket (or somewhere on uniform) and then approach the vehicle with both hands free. As a result, this approach is actually safer than the officer reaching his/her hand out to receive the plastic driver’s license.
Imagine that a citizen at a traffic stop is asked by an officer standing outside the car to present his/her Driver’s License. The citizen can simply use an App for the license on their phone and press a button for the officer to receive the officer’s request.
The citizen does not hand over their phone, the officer does not take eyes off the citizen but receives a beep and vibrate when the requested personal identification information is received. At that point the officer can return to his/her vehicle to perform verification processing. The owner doesn’t need a connection over the Internet since this solution supports peer-to-peer communications from up to 20 meters away to exchange information.
Essentially, “No Eyes Off” Authentication support within IBM Mobile Identity offers a safer driver vetting process than our law enforcement has today.