Identity & Access Forum Fall Market Snapshot: Mobile Driver’s Licenses, Fraud Risks and Interoperability Take Focus

REDWOOD CITY, Calif., Sept. 22, 2025 (GLOBE NEWSWIRE) -- The Identity and Access Forum (IAF), an organization within the Secure Technology Alliance, today released its fall market snapshot. It provides a glimpse into how the industry is tackling rapid advancements in the digital identity ecosystem through collaboration, innovation, and regulatory development. Insights included in the snapshot were gathered during the Forum’s quarterly meeting in Atlanta, Georgia, hosted by FIME.

Digital identity reimagined
Greg Tierno, Business Development Director at Fime, opened the meeting with a call to look beyond in-person identity checks and toward an integrated future where identity, payments, and authentication operate seamlessly together. Tierno pointed to global and domestic pressures that are accelerating digital identity adoption, from eIDAS 2.0 and GDPR in Europe to the REAL ID Act and new state privacy legislation in the U.S. But he emphasized that the real transformation will happen online, where the bulk of modern transactions like e-commerce purchases, bill payments, and even healthcare access now take place. Mobile Driver’s Licenses (mDLs) and other digital credentials will play a pivotal role in simplifying online authentication flows, facilitating experiences where age-verification, authentication, and payments can happen simultaneously, with one tap or scan of your phone.

The evolution of digital identity wallets will open the door to even more integrated experiences. A single wallet could store not only an mDL but also professional qualifications (such as bar exam credentials), educational diplomas and scholarships, and proof of eligibility for government benefits, giving users complete control to verify and manage trust across physical and digital interactions.

Mobile Driver’s License adoption and challenges
Mobile Driver’s Licenses were central to many discussions at the IAF meeting. Lori Daigle of the American Association of Motor Vehicle Administrators (AAMVA) emphasized that mDL adoption is accelerating. AAMVA reports that 90% of North America is either deploying or working on mDL programs, and 40% of U.S. drivers live in states that have already launched mDLs. The Identity and Access Forum is working collaboratively with AAMVA and other member organizations to distribute information that grows the mDL Ecosystem through its mDL Connection website. Interoperability and ISO/IEC 18013-5 and ISO/IEC 18013-7 compliance are paramount to ensure that the industry builds an ecosystem where any mDL, regardless of the state it was issued in, can be used securely and effectively nationwide while realizing the privacy improvements over physical cards.

While Georgia played host to the IAF meeting, it is also home to one of the most robust mDL ecosystems in the U.S. Angelique McClendon from the Georgia Department of Driver Services shared how landmark legislation is helping drive adoption locally. One example is Georgia’s House Bill 296, which requires law enforcement to accept mDLs by July 1, 2027, provided they have the proper equipment to verify them. The legislation challenges law enforcement and the mDL community to overcome the operational challenge of training employees on mDL verification. McClendon flagged additional barriers to mDL adoption: TSA officers in Atlanta remain hesitant to operate CAT2 scanners, rural communities face spotty cell connectivity, and consumers may be reluctant to reprovision their mDLs when upgrading to new phones because they don’t have places that accept mDLs in their day-to-day lives.

To help address these challenges and accelerate adoption, the Forum invites stakeholders to attend the second annual Mobile Driver’s License Technology Showcase and Interoperability Event. It’s being held on March 2nd, 2026, at the Identity & Payments Summit in Houston, Texas. Feedback from last year’s showcase highlighted real-world lessons from relying parties, ranging from compliance implications and potential workflow or POS changes to interoperability gaps such as QR versus NFC reader mismatches, protocol variations, app restrictions, and Bluetooth variability. This year’s event offers solutions to those issues, with ISO/IEC 18013-7 compliant demonstrations and practical testing scenarios designed to give stakeholders first-hand experience with mDLs across environments.

New fraud risks emerge
Although mobile driver’s licenses offer significant security and privacy benefits compared to physical IDs, the industry must acknowledge that new technology always introduces fraud risks. Frances Zelazny, CEO of Anonybit, reminded IAF meeting attendees that a credential on a phone does not guarantee identity. Devices can be shared among family members or stolen, and phishing attacks on DMVs could trick agencies into issuing fraudulent digital credentials.

The industry must prepare for existing fraud techniques to migrate into the mDL ecosystem. It will be important to adopt a layered fraud defense model that combines strong binding of credentials to the rightful holder, phishing-resistant authenticators, and secure recovery processes. Privacy safeguards are equally critical, since fragmented regulations and inconsistent Relying Party practices can compound the risks.

Interoperability and trust frameworks
The market is trending toward consumer choice for identity wallet applications, raising questions about interoperability and trust. In a session moderated by David Kelts, CEO of Decipher ID, with Elizabeth Garber of the OpenID Foundation, panelists underscored that interoperability must extend well beyond technical specifications. Kelts listed the trust relationships between multiple software components in the ecosystem and noted that upcoming versions of ISO standards will need to include ways for readers to verify whether a wallet itself is trustworthy before accepting an mDL or another digital credential.

Garber stressed that interoperability should be considered at multiple layers. Not just standards, but also contractual agreements, liability regimes, record-keeping, and incident management across regions. She pointed to findings from the OpenID Foundation’s global research showing there is significant common ground across countries when it comes to defining roles, levels of assurance, and risk management approaches. At the same time, she acknowledged that the U.S. remains at a relatively low level of maturity when it comes to trust frameworks, citing examples such as knowledge-based authentication still being used to replace birth certificates.

Progress in interoperable trust will be critical to ensuring adoption scales across borders, particularly as digital wallets and mDLs become tied to high-value use cases like payments and online authentication.

Unpacking updated NIST guidance
Industry constituents are mulling over the newly revised NIST SP 800-63-4 Digital Identity Guidelines, which provide the baseline requirements federal agencies use to manage digital identity. During the IAF meeting, Teresa Wu of IDEMIA Public Security, who also chairs the IAF’s Steering Committee, highlighted that the update is significant because it responds to today’s more complex threat environment, where risks span from fraud and privacy to mission delivery and even public safety.

Key changes include the addition of subscriber-controlled wallets to hold mDLs, new flexibility to tailor assurance levels to organizational needs (with policies to justify changes), and a stronger emphasis on customer experience and continuous improvement metrics such as fraud rates, redress times, and user feedback. The guidelines also modernize authentication by defining phishing-resistant authenticators, permitting synced authenticators (passkeys) at AAL2, and reinforcing the removal of outdated practices like knowledge-based authentication.

Wu explained that these changes make it easier for agencies and organizations to assess risks before deploying digital identity systems, choose the right assurance level, and align proofing and authentication methods with real-world use cases, from in-person kiosks to remote, unattended digital onboarding.

Resource recap
The Identity and Access Forum provides a platform for solving cross-industry challenges and promoting innovation. This is achieved through the development of educational resources. Recent publications include:

• Mobile Identity Use Cases in Age Verification for Alcohol Purchase: A resource that helps alcohol retailers, delivery services, and technology providers understand how to verify customer age using ISO/IEC compliant mDLs.
• Mobile Identity Use Cases in Financial Services: A white paper offering banks and other financial institutions guidance on the benefits of mDLs as a secure digital solution to improve customer experience, safeguard interactions and ensure compliance.

Several additional projects are currently in development, including the following:

• A white paper comparing government and derived credentials by the mDL Banking and Financial Working Group.
• A use case document by the mDL Retail Payments Working Group.
• A list of mDL Readers for the website mdlconnection.com
• Direct guidance and tools for Alcohol Beverage Control agencies

Organizations, associations, government agencies and individuals interested in participating in upcoming Identity and Access Forum projects are encouraged to join the Secure Technology Alliance. By joining the Alliance, members gain access to activities within the Identity and Access Forum, the U.S. Payments Forum and additional Alliance working committees.  The Identity and Access Forum is particularly interested in expanding education and social outreach efforts to build the identity ecosystem.

About the Identity and Access Forum
The Identity and Access Forum is a cooperative, cross-industry body dedicated to advancing the adoption and development of secure identification including physical and logical access. Through the collaborative efforts of a diverse group of stakeholders and the publication of educational resources, the Forum advocates for market adoption of trusted, user-centric, privacy-enhancing and interoperable digital identities to ensure safe and seamless access to services across all interactions. Areas of focus are identity credentials such as mobile drivers’ licenses and IDs for provisioning, IoT security and access control, among others. The organization operates within the Secure Technology Alliance, an association that encompasses all aspects of secure digital technologies.

Contact:
Sherlyn Rijos-Altman
Montner Tech PR
Srijos@montner.com

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.