← All field notes
VERIFIABLE IDENTITYJAN 2026 · 3 MIN READ

What a mobile driver's license actually is, and why my state got me paying attention

Malik Warren
Malik Warren
Identity and access engineer · login.gov / NIST 800-63
GitHubLinkedIn

Most people think a mobile driver's license is a photo of their license living in their phone. It is not. That distinction turned out to be the whole thing, and once it clicked I could not stop pulling on the thread.

A real mDL is a cryptographically signed credential. Your state issues it, signs it, and puts it in your wallet, whether that is Apple Wallet, Google Wallet, or a state app. When someone checks it, they are not looking at a picture they could photoshop. They are checking a signature that traces back to the issuing authority, and they only receive the specific fields you agree to share.

That last part is the one that matters. The point of an mDL is that you can prove one thing without revealing everything.

I pay attention to this partly because it is my job now, and partly because it started at home. Maryland ran a digital driver's license pilot back in 2017, and when Apple launched licenses in Wallet in 2021, Maryland was in the first handful of states to go live. It later became the first state to support both Apple and Google Wallet. My state was early, and that is part of why this landed on my radar before it was my day job.

Here is why the model matters. Think about what happens when a cashier checks your physical license to confirm you are over 21. They see your address. Your exact birthday. Your license number. Your height. All of it, to answer one yes-or-no question. An mDL flips that. The verifier asks "is this person over 21," and the answer that comes back is yes or no, signed, verifiable, and nothing else. Your address never leaves your phone.

That is called selective disclosure, and it is the difference between "show me your papers" and "answer the one question you are actually allowed to ask."

Once you see it, you start seeing it everywhere. It is already showing up at:

  • TSA airport checkpoints, where mDLs are accepted at a growing list of security lines
  • age-restricted purchases: alcohol, cannabis, stadium concessions, and increasingly online checkouts
  • financial onboarding, where a bank can verify a new customer to a high assurance level without a shoebox of document scans, which is exactly what NIST is now writing the practice guide for
  • car rentals for overseas visitors, and roadside checks with law enforcement

By 2025 more than a dozen states were issuing standards-compliant mDLs, and a large and growing share of Americans live somewhere that offers one. This is not a someday technology. It is quietly becoming infrastructure.

Here is what got me. The thing we have spent a decade trying to fix on the web, sharing the minimum instead of the maximum, is being solved in the most mundane object in your wallet. Your driver's license, of all things, is turning into a privacy-preserving credential.

I did not fully appreciate any of that until I built something with it myself. That is the next post.

~ Malik

0 HEARTS
Tap it if this one landed. It grows.

Comments

Loading comments...

Field notes on digital identity.
mDL, login.gov, and access control. 1-2 emails a month. Real engineering detail, no fluff.

Shipping AI or digital credentials and want help designing this layer? I run a 30-day Identity & Access Blueprint. Details on the homepage →

MORE IN VERIFIABLE IDENTITY