Resource Guide: Understanding the Technology, Risks, and Opportunities for Mobile Driver’s Licenses (mDLs) 

The Digital Benefits Network (DBN) at the Beeck Center for Social Impact + Innovation at Georgetown University created this resource guide to provide government agency staff and leaders a tailored overview of digital identification credentials. Today, digital ID implementation in the United States is primarily driven at the state level, in the form of mobile driver’s licenses (mDLs). Accordingly, this guide focuses on mDLs and their development and adoption in the U.S. 

mDLs are digital representations of an authoritative identification credential, making them an oft-discussed tool for improving security and ease when remotely verifying who someone is. But this type of digital credential also requires strong privacy protections. In the absence of appropriate guardrails, mDLs raise concerns about surveillance and exclusion. 

While staff at benefits administering agencies and other departments may not drive the implementation of mDLs in their state, we believe those individuals and teams should have timely information about possible advantages of digital IDs as well as potential risks in order to ask the right questions about the value of this technology, and advocate for uses that benefit and protect their clients.

Key Terms

Below, we define terms that are relevant for discussing digital IDs and mDLs.

Digital ID: An electronic representation of someone’s personally identifying information. – TSA

Verifiable credentials: A cryptographically secure, digital proof that can be shared with another party. Examples of verifiable credentials include, but are not limited to, digital employee identification cards, digital driver’s licenses, and digital educational certificates. – W3C

Digital wallet: An electronic app or tool that stores electronic credentials, often accessed through a phone. – NIST

Mobile driver’s license (mDL): A digitized version of a driver’s license, often carrying the same information (i.e. name, date of birth, address). While the credential itself is digital, it can be presented remotely over the internet or in person. An mDL is a type of digital ID or verifiable credential.  – NCCoE

• An mDL could be presented in person to verify who someone is or to verify other information about them. It could also be presented remotely over the internet for similar purposes.

Several terms are commonly used to describe parties involved in using, issuing, and verifying digital credentials, including: 

• Holder: The legitimate owner of an identity/credential.
• Relying party: The institution, website, or service that needs to confirm information about a holder.
• Verifier: The entity that confirms the authenticity, integrity and validity of a digital credential using public key cryptography.

Selective disclosure: Framework that enables the holder to decide what information from their credential they will share with a third party.  – NCCoE

Verifier-Verifier Collusion: Multiple verifiers work together and pool data to share information about holders whom they have interacted with, which presents privacy risks.

Zero-knowledge proofs (ZKP): A cryptographic method of proving the truthfulness of a piece of information about a holder without giving away additional information about them. For example, a verifier receives an answer of yes or no when verifying if a user is over 18, but not the individual’s exact date of birth.  – Computer Security Resource Center, EFF

Digital IDs in the United States: Implementation and Adoption

How States are Implementing mDLs

States across the U.S. are in various stages of implementation, from passing legislation that approves mDLs, to pilot programs and deployment. For example:

• Louisiana: Louisiana has digitized state IDs and driver’s licenses through the LA Wallet. The Louisiana Department of Children & Family Services has previously used the LA Wallet to verify people’s identities quickly when registering for Disaster Supplemental Nutrition Assistance Program (D-SNAP). (Source: “Verify Your Identity for DSNAP with the LA Wallet App”, Louisiana Department of Children and Family Services)
• California: California is currently running a pilot mDL program and held a hackathon in 2024 to further advance the adoption of mDLs. As of August 2025, California has issued 2,654,774 mDLs.  (Source: “Download California’s first mobile driver’s license (mDL) today”, State of California Department of Motor Vehicles)
• Idaho: In 2025, the Idaho state legislature passed a bill allowing the Idaho Transportation Department to issue electronic driver’s licenses and ID cards. (Source: “Digital ID card, driver’s license option bill narrowly passes Idaho House”, Idaho Capital Sun)
• New Jersey: : In 2025, the governor signed a law allowing the New Jersey Motor Vehicle Commission to create digital driver’s licenses. The New Jersey State legislature has allocated a budget of $1.5 million toward mDL implementation. (Source: “Digital driver’s licenses to debut in NJ under new law”, New Jersey Monitor)

How mDLs are Being Adopted

mDLs have to be adopted on multiple levels: by credential issuers (i.e., DMVs), by institutions, which must agree to accept mDLs as identification or evidence, and by individual users. While mDLs are gaining traction in the U.S., a lack of required reporting makes it challenging to understand full adoption rates. There is not a single national source record of mDL adoption by individual users, and not all states provide the same level of public documentation about which entities accept mDLs. Nevertheless, many efforts are currently underway to try to understand adoption trends across the U.S. 

Key Sources

• “Digital IDs Are Here, but Where Are They Used and Accepted?”, Government Technology, 2024: People are signing up for mDLs, but only some businesses and institutions accept them, and there isn’t a standardized way to monitor adoption.
• “Where Are Mobile Driver’s Licenses Taking Off? A Data Dive”, Government Technology, 2025: Current data shows that the percentage of eligible U.S. residents signed up for mDLs is in the single digits.
• “REAL ID Mobile Driver’s Licenses (mDLs)”, Transportation Security Administration: While the TSA provides a list of states that it accepts mDLs from, the agency still strongly encourages passengers to have a physical ID with them. 
• “Government is making moves on mobile drivers licenses, GSA administrator says”, NextGov/FCW, 2025: Login.gov is planning to accept mDLs in response to user frictions during the identity proofing process.
• “National Cybersecurity Center of Excellence (NCCoE)”, NIST: NCCoE is working to standardize and spread mDL adoption by developing implementation materials for different use cases, the first of which is for establishing and accessing an online financial account.
• “Official myColorado Partners”, myColorado: Colorado has made mDLs and state IDs available through the app and also publishes a list of entities across the state that accept them.

Key Data Points

• There are at least 4.5 million people in the U.S. with mDLs—about 7 out of 100 eligible people. (GovTech, 2025).
• As of May 2025, the TSA accepts mDLs from 21 states (TSA).
• Arizona has a higher mDL adoption rate than other comparable states, with about 23 out of 100 drivers using an mDL (GovTech, 2025).
• Over 400 entities in Colorado accept mDLs (myColorado).

Technical Standards

Multiple organizations, in the U.S. and abroad, are working to create voluntary standards that promote interoperability and shared technical standards and security expectations. Interoperability across states will depend on whether state-based digital credentials conform to shared standards. 

Relevant standards:

Organizations working on verifiable credential and mDL standards include:

• International Organization for Standardization (ISO): The ISO has developed standards for mDL applications, including a recently published standard (ISO/IEC TS 18013-7:2025) focused on the presentation of mDLs via the internet.
• World Wide Web Consortium (W3C): W3C has been working on standards to define and exchange verifiable credentials online “in a way that is cryptographically secure, privacy respecting, and machine-verifiable” and an API for websites to request digital credentials. This work encompasses a wider range of credential types than the ISO standards.
• OpenID Foundation: The Digital Credentials Protocols (DCP) Working Group has defined exchange and issuance protocols, which may be used with ISO, W3C, or IETF standardized formats.
• American Association of Motor Vehicle Administrators (AAMVA): AAMVA operates the Digital Trust Service to support member jurisdictions in delivering mDLs. AAMVA also publishes implementation guidelines; their most recent update, Version 1.5, now prohibits the server retrieval method (which can allow an issuing authority to know when a holder uses their credential and what information they share, see below “Digital IDs Must Not Phone Home”) for any jurisdiction that wants to join the Digital Trust Service.

Protecting Users

While mDLs have the potential to provide more convenience and access to users, many civil society organizations and privacy experts have raised concerns about mDLs putting users at risk for privacy or rights violations.

Risks to Privacy

While voluntary standards can provide a framework for protecting privacy, in the absence of federal privacy laws or data protection, users are at a higher risk of privacy violations.

Key Sources

• “Identity Crisis”, American Civil Liberties Union, 2021: The ACLU cautions that, despite their advantages, mDLs must remain voluntary and come with strong privacy protections. Otherwise, users are at risk for government overreach, tracking, and surveillance. 
• “Mobile Driver’s Licenses and the Costs To Privacy, Safety, and Security”, National Immigration Law Center, 2023: The National Immigration Law Center outlines how mDLs are vulnerable to misuse by both governments and private companies. In particular, if verifiers and issuers create databases of holders’ personal information without their knowledge, the government could seek access to these datasets to track or target certain populations.
• “Digital IDs Must Not Phone Home”, Center for Democracy & Technology, 2025: CDT describes their rationale for signing, along with other civil liberties groups, a statement calling for digital IDs to not “phone home” every time the credential is used, to prevent the government and corporations from linking individual’s identities to specific activities and locations.
• “Digital Identification Must Be Designed for Privacy and Equity”, Electronic Frontier Foundation, 2020: EFF outlines the importance of privacy best practices, such as data minimization, auditing, transparency, consent, and choice. They also note the importance of digital identification remaining voluntary.
  • EFF argues that W3C’s recommendations for technical specs that try to enhance privacy, such as in its Data Integrity BBS Cryptosuites v1.0 and Decentralized Identifiers (DIDs) v1.1, should be the minimum.
• “Low Visibility Ahead: Mobile State IDs May Prevent Fraud in Digital Identity Verification, but Pose Threats to Privacy”, Center for Democracy & Technology, 2023: CDT explains that, while mDLs are a promising tool for fraud prevention at the government level, without  shared, required standards across states, mDLs will continue to have uneven performance and pose security and privacy risks. 
• “Digital ID State Legislative Recommendations”, American Civil Liberties Union, 2024: The ACLU’s legislative recommendations encourage privacy-respecting digital IDs. Because digital ID technology is rapidly evolving, recommendations focus on certain privacy-respecting principles and approaches that legislators should insist upon, rather than technical implementation.
• “Zero Knowledge Proofs Alone Are Not a Digital ID Solution to Protecting User Privacy”, Electronic Frontier Foundation, 2025: EFF outlines how zero-knowledge proofs, while a powerful tool for protecting users’ information and a compelling rationale for the use of digital credentials,cannot  protect user privacy on their own. Privacy-protecting policies, such as prohibiting the use of phone home practices or unmitigated data collection, is also necessary. 

Risks to Accessibility

Moving public services online undoubtedly provides convenience to many users. But for the millions with limited access to or understanding of technology, mDLs, like other digitized services, can lead to further exclusion if access needs are not considered in program designs. Ignoring or deprioritizing  accessibility can also cost government down the line. For example, the state of Oklahoma decommissioned its OK Mobile ID app after the DOJ found it did not comply with the Americans with Disability Act (DOJ, 2023).

Key Sources

• “Digital IDs Must Be Safe, Secure and Accessible”, Center for Democracy & Technology, 2025: CDT argues that overreliance on digital IDs will exclude individuals who lack access to, or are unable to use, a smart phone.
• “How Digital IDs Could Help and Harm People With Disabilities”, GovTech, 2025: This article outlines the promise of digital identity initiatives for people with disabilities, as well as the potential risks for widening the digital divide and further disenfranchising already marginalized individuals.

Sources

• AAMVA mDL Implementation Guidelines. (2025). American Association of Motor Vehicle Administrators. https://www.aamva.org/getmedia/bb4fee66-592d-4d39-813a-8fdfd910268a/MobileDLGuidelines1-5.pdf  
• Alms, N. (2025, July 14). Government is making moves on mobile drivers licenses, GSA administrator says. Nextgov/FCW. http://www.nextgov.com/digital-government/2025/07/government-making-moves-mobile-drivers-licenses-gsa-administrator-says/406704/
• American Civil Liberties Union. (2024, October). ACLU Digital ID State Legislative Recommendations. https://assets.aclu.org/live/uploads/2024/10/ACLU-Digital-ID-State-Legislative-Recommendations-version-1.0-October-2024.pdf 
• Bernstein, G., Burnett, D., Chadwick, D., Cohen, G., Jones, M., Longley, D., Sporny, M., Steele, O., Thibodeau Jr. , T., & Zundel, B. (2025, August 25). Verifiable Credentials Overview (I. Herman, Ed.). World Wide Web Consortium. http://www.w3.org/TR/2025/NOTE-vc-overview-20250825/.
• Bernstein, G., & Sporny, M. (2025, April 3). Data Integrity BBS Cryptosuites v1.0. http://www.w3.org/TR/vc-di-bbs/
• CA DMV Wallet & mDL Pilot. (n.d.). California DMV. Retrieved November 5, 2025, from http://www.dmv.ca.gov/portal/ca-dmv-wallet/
• Caceres, M., Cappalli, T., & Yosef, M. A. (Eds.). (2025, August 27). Digital Credentials. http://www.w3.org/TR/2025/WD-digital-credentials-20250827/
• Davidson, N. (2024, March 12). Digital IDs are here, but where are they used and accepted? GovTech. http://www.govtech.com/biz/data/digital-ids-are-here-but-where-are-they-used-and-accepted
• Davidson, N. (2025a, July 1). Where are mobile driver’s licenses taking off? A data dive. GovTech. http://www.govtech.com/biz/data/where-are-mobile-drivers-licenses-taking-off-a-data-dive
• Davidson, N. (2025b, July 2). How digital IDs could help and harm people with disabilities. GovTech. http://www.govtech.com/gov-experience/how-digital-ids-could-help-and-harm-people-with-disabilities
• Digital credentials protocols (DCP) working group – OpenID Foundation. (2023, August 9). OpenID. http://openid.net/wg/digital-credentials-protocols/
• Digital Identities – Mobile Driver’s License (mDL). (n.d.). NIST | NCCoE. Retrieved November 5, 2025, from http://www.nccoe.nist.gov/projects/digital-identities-mdl
• Digital IDs must be safe, secure and accessible. (2025, April 11). Center for Democracy and Technology. http://cdt.org/insights/digital-ids-must-be-safe-secure-and-accessible/
• Doty, N. (2025, June 2). Digital ids must not phone home. Center for Democracy and Technology. http://cdt.org/insights/digital-ids-must-not-phone-home/
• European digital identity wallet. (n.d.). European Digital Identity. Retrieved November 5, 2025, from http://eu-digital-identity-wallet.github.io/eudi-doc-architecture-and-reference-framework/2.4.0/architecture-and-reference-framework-main/
• Fisher, B., & Galluzzo, R. (2024, November 13). Digital identities: Getting to know the verifiable digital credential ecosystem. National Institute of Standards and Technology. http://www.nist.gov/blogs/cybersecurity-insights/digital-identities-getting-know-verifiable-digital-credential-ecosystem
• Gosrani, C., Finn, A., Vogel, E., Pak, S. K., & Broder, T. (2023, December). Mobile Driver’s Licenses and the Costs to Privacy, Safety, and Security. Surveillance Resistance Lab and the National Immigration Law Center. http://www.nilc.org/wp-content/uploads/2024/01/Mobile-Drivers-Licenses-and-the-Costs-to-Privacy-Safety-Security-2023-1.pdf
• Hancock, A. (2020, August 31). Digital identification must be designed for privacy and equity. Electronic Frontier Foundation. http://www.eff.org/deeplinks/2020/08/digital-identification-must-be-designed-privacy-and-equity-10
• Hill, E. (2024, February 8). Press Release: OK Mobile ID app decommissioned. Service Oklahoma. https://oklahoma.gov/service/newsroom/ok-mobile-id-app-decommissioned.html 
• International Organization for Standardization. (2021, September). ISO/IEC 18013-5:2021.
• International Organization for Standardization. (2025, May). ISO/IEC TS 18013-7:2025.
• Johnson, A. (2024, September 23). The Path to Digital Identity in the United States. Information Technology and Innovation Foundation | ITIF. http://itif.org/publications/2024/09/23/path-to-digital-identity-in-the-united-states/
• Jurisdiction Data Maps. (n.d.). American Association of Motor Vehicle Administrators. Retrieved November 5, 2025, from https://www.aamva.org/jurisdiction-data-maps
• Leason, M. (2025, July 24). Digital driver’s licenses to debut in NJ under new law. New Jersey Monitor. https://newjerseymonitor.com/briefs/digital-drivers-licenses-to-debut-in-nj-under-new-law
• mDL for Technology Developers. (2024, March 27). California DMV. http://www.dmv.ca.gov/portal/ca-dmv-wallet/mdl-for-technology-developers/hackathons-2024/
• Mobile driver license digital trust service. (n.d.). American Association of Motor Vehicle Administrators. Retrieved November 7, 2025, from https://www.aamva.org/identity/mobile-driver-license-digital-trust-service
• Official myColorado Partners. (n.d.). myColorado. Retrieved November 5, 2025, from http://mycolorado.gov/partners
• Pfannenstiel, K. (2025, March 11). Digital ID card, driver’s license option bill narrowly passes Idaho House. Idaho Capital Sun. https://idahocapitalsun.com/2025/03/11/digital-id-card-drivers-license-option-bill-narrowly-passes-idaho-house/
• Press Release: Justice Department Finds Oklahoma Mobile App Inaccessible to People with Vision Disabilities. (2023, November 16). United States Department of Justice. http://www.justice.gov/archives/opa/pr/justice-department-finds-oklahoma-mobile-app-inaccessible-people-vision-disabilities
• Privacy-enhancing cryptography. (2017, January 3). NIST Computer Security Resource Center. http://csrc.nist.gov/projects/pec/zkproof
• public key cryptography (PKC) – Glossary. (n.d.). CSRC. Retrieved November 7, 2025, from https://csrc.nist.gov/glossary/term/public_key_cryptography
• Quay-de la Vallee, H., & Yang, M. (2023, April 7). Low visibility ahead: Mobile state IDs may prevent fraud in digital identity verification, but pose threats to privacy. Center for Democracy and Technology. http://cdt.org/insights/low-visibility-ahead-mobile-state-ids-may-prevent-fraud-in-digital-identity-verification-but-pose-threats-to-privacy/
• REAL ID mobile driver’s licenses (mDLs). (n.d.). U.S. Department of Homeland Security Transportation Security Administration. Retrieved November 5, 2025, from http://www.tsa.gov/real-id/real-id-mobile-drivers-license-mdls
• Sporny, M., Longley, D., Chadwick, D., & Herman, I. (2025, May 15). Verifiable Credentials Data Model v2.0 (T. Thibodeau Jr., G. Cohen, & M. Jones, Eds.). World Wide Web Consortium. http://www.w3.org/TR/2025/REC-vc-data-model-2.0-20250515/
• Sporny, M., Longley, D., Sabadello, M., Reed, D., Steele, O., & Allen, C. (2025, January 28). Decentralized Identifiers (DIDs) v1.1 (D. Zagidulin, Ed.). https://w3c.github.io/did/ 
• Stanley, J. (2021). Identity Crisis: What Digital Driver’s Licenses Could Mean for Privacy, Equity, and Freedom. American Civil Liberties Union. https://www.aclu.org/wp-content/uploads/2021/05/IDENTITY-CRISIS-ACLU-report-on-digital-drivers-licenses-May-2021.pdf
• Verify Your Identity for DSNAP with the LA Wallet App. (n.d.). Louisiana Department of Children & Family Services. Retrieved November 5, 2025, from http://www.dcfs.louisiana.gov/page/-dsnap-la-wallet
• W3C Verifiable Credentials Working Group. (n.d.). World Wide Web Consortium. Retrieved November 5, 2025, from http://www.w3.org/2017/vc/WG/
• What are digital IDs and mobile driver’s licenses? (n.d.). U.S. Department of Homeland Security Transportation Security Administration. Retrieved November 5, 2025, from http://www.tsa.gov/travel/frequently-asked-questions/what-are-digital-ids-and-mobile-drivers-licenses
• Zero knowledge proofs alone are not a digital ID solution to protecting user privacy. (2025, July 25). Electronic Frontier Foundation. http://www.eff.org/deeplinks/2025/07/zero-knowledge-proofs-alone-are-not-digital-id-solution-protecting-user-privacy