NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

New NIST NCCoE Mobile Drivers Licenses Project Resources Now Available!

Share

The NIST NCCoE is excited to announce and accept comments on three new draft publications under its Mobile Driver Licenses (mDL) Project. These releases include resources on mDL assurance, mDL data flows, and a privacy risk assessment. 



What are mDLs?

Today, mDLs function much like a traditional driver's license—carrying information such as name, date of birth, and address—but in a digital format accessible through a mobile application, often referred to as a digital wallet. Compared to physical driver’s licenses, mDLs are based on public key cryptography and can be presented digitally during online transactions, offering the potential to improve both security and usability for people using online services.

To help realize the value of mDLs, the NCCoE is working with stakeholders from across the mDL ecosystem to build a reference implementation demonstrating real world business use cases, integrating mDLs with commercially available technology and into business processes. It is releasing relevant security and privacy artifacts on an iterative basis as the project work continues.

New Resources to Support mDL Adoption by Financial Institutions

As part of its first mDL use case working with the financial sector, the NCCoE has released the following resources that can aid financial institutions with mDL implementations:

  • Building Assurance in the mDL Ecosystem - This document highlights security and trust considerations related to the enrollment, issuance and presentation of mDLs and includes NIST 800-63-4 controls that can be applied to the MDL issuance.
  • mDL Interaction Diagrams - These diagrams correspond to our previously published wireframes videos and illustrate how data flows between different components when a user interacts with our simulated bank using their mDL.
  • Privacy Risk Assessment Methodology (PRAM) - This tool is designed to help organizations assess and prioritize privacy risks associated with mDLs. It provides a tailored version of the NIST PRAM, a widely used methodology for managing privacy risk, based on the NCCoE mDL architecture.

How Can You Get Involved

 The NCCoE invites you to review these new resources and provide feedback. Your input will help shape the future of secure mDL development and implementation. To submit comments, please visit our project website and follow the instructions in the “Submit Comments” section.

 

Submit Comments

View this on the NCCoE website

Information technology and Cybersecurity and privacy
Released September 4, 2025, Updated September 9, 2025
Was this page helpful?