ISO mDL & Core Data Format

Today, our driver’s licenses are scannable physical cards we carry around in our wallets. Conversely, in order for cryptographically signed ID documents to be machine-readable for various use cases, there needs to be a cross-industry and cross-jurisdiction approach for standardizing data formats. The Mobile Driver’s License standard (mDL, ISO 18013-5) is required by TSA for airport security with implementations by several states underway already, including California, Maryland, Arizona, and Colorado. We previously walked through the standard and its components in, but we'll briefly explain the core data format here.

Imagine a spreadsheet where all the records are stored for licensed drivers in a given state. The data are not stored in a spreadsheet but rather in a data array, similar to a spreadsheet but compact enough to fit on a device. This “spreadsheet” would require a consistent naming convention for each of the columns in that spreadsheet to ensure that if someone from another state or agency was reading the spreadsheet, they knew exactly what data attributes the specific columns were referencing. For example, consistent data formats would require universally using “birth_date” as the identifier for a person’s date of birth, not “dob,” or “date_of_birth,” and so on, as outlined in the ISO/IEC 18013-5 specification.

The following identifiers, as encoded below, are mandatory for mobile driver's licenses to adhere to the mDL ISO standard.

In addition to the fields outlined above, AAMVA furthers the mandatory data field requirements with the following additions changed from "Optional" to "Mandatory."

Next, we will explore the underlying technology utilized to ensure security and verifiable authenticity for digital credentials, like mobile driver’s licenses.