Digital Identity , Fraud Management & Cybercrime , Governance & Risk Management

Identity Experts Call for Mobile Driver's License Push in US

The Biden Administration Should Also Directly Assist Identity Theft Victims
Identity Experts Call for Mobile Driver's License Push in US
The White House (Photo: Kristina Volgenau via Unsplash)

Identity experts urged the Biden administration this week to accelerate the deployment of mobile driver's licenses and ensure identity theft victims get direct assistance.

See Also: Netskope FERPA Mapping Guide

The experts said four items must be added to an upcoming executive order from the U.S. government focused on preventing and detecting identity theft: mobile driver's licenses; direct assistance for identity theft victims; identity attribute validation services; and a federal digital identity framework. President Joe Biden pledged to issue the executive order on this matter in his March 1 State of the Union address (see: Sound Off: What Gaps Must ID Theft Executive Order Address?).

"These four initiatives will ensure that any EO (Executive Order) prioritizes helping Americans avoid ever becoming identity theft victims, and assure that those Americans who are victimized will be able to get the help they need to be made whole," the letter states. "They will reduce identity theft involving public benefits, protect privacy and civil liberties, and prevent bias that results in disparate outcomes."

The five-page letter was signed by the Better Identity Coalition, the Identity Theft Resource Center, the Electronic Transactions Association, the Identity Theft Resource Center, the National Cyber Security Alliance, and the U.S. Chamber of Commerce Technology Engagement Center. Better Identity Coalition Coordinator Jeremy Grant is an Information Security Media Group contributor and will keynote ISMG's virtual IAM summit on April 19 and 20.

Mobile Driver's Licenses

The mobile driver's license allows U.S. citizens to reuse a high assurance credential they already have rather than having to go through another government-run process to get a new credential. A number of states allow people to prove their identity using a digital mobile driver's license app rather than a plastic ID card, which the identity groups said will allow urgent problems in the digital world to be solved.

The groups urged the National Institute of Standards and Technology to issue guidance to accelerate the deployment of mobile driver's license apps that U.S. citizens can use to assert and protect their identity online. The U.S. government should provide grants to states to help them accelerate their deployment of mobile driver's license apps, with at least 10% of grants focused on people who can't easily get an ID.

The federal and state government can leverage mobile driver's licenses to enable more trusted digital services, cut down on fraudulent benefits claims, and protect citizen information, the groups claimed. Mobile driver's licenses could have been used to securely and remotely verify the identities of people applying for benefits, which would have prevented the vast majority of fraud at the start of COVID-19.

"Solving identity proofing will require the same shift - getting people away from knowledge-based solutions to ones that create a digital equivalent to the secure plastic ID cards they have in their wallets," the groups write in the letter.

Assisting Identity Theft Victims

There is currently no formal local, state or federal infrastructure designed to support victims of identity-related crimes, with the Federal Trade Commission providing online self-service delivery rather than direct victim assistance. Only the Identity Theft Resource Center assists victims of identity crimes for free, working with more than 3,900 reported victims of benefit related identity fraud in 2020 and 2021.

Identity crimes victims should have access to direct and free assistance that's available digitally, in-person, or via telephone, the groups said. Government and nongovernment organizations alike should receive adequate funding to offer victim assistance at a scale that matches that volume and velocity of identity crimes, and a public-private 'one-stop shop' should be developed for identity crime victims.

"Providing only digital services results in a significant portion of the victim population being denied assistance because of a lack of access, lack of skill, or lack of ability," the groups write in the letter.

Other Ways To Validate Identity

While less powerful than mobile driver's licenses, the groups said services that provide a 'yes/no' answer as to whether the name, date of birth, and social security number someone submitted match what a federal agency has on file can improve identity protection. The administration should create a unified approach to attribute validation services that enables them to be accessed with uniform fees and terms.

The electronic Consent Based Social Security Number Verification service allows financial institutions to validate identity information against Social Security Agency data helps address synthetic identity fraud. As a secondary benefit, this has helped tens of thousands of credit applications get approved that otherwise might have been rejected due to insufficient proof of identity, according to identity experts.

In addition, the General Services Administration has announced plans to create a service that enables identity verification with authoritative government sources. But the GSA's Identity Verification API won't be available to the private sector, according to the letter.

"Identity attribute validation services thus help fight fraud and improve inclusion," the groups write. "[These] can help solve identity theft challenges in both public and private sector applications - and Americans are at risk of identity theft and fraud in both."

Finally, the identity experts are urging NIST to help the government establish attribute validation and other digital identity services in a way that is standardized and sets a high bar for security, privacy and equity. The framework should serve as a guide for federal, state, and local governments to follow when providing services to support digital identity verification.

"We appreciate the Administration's consideration of our request, and offer our organizations' collective expertise should assistance be helpful as the EO is crafted," the letter concludes.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Devon Warren-Kachelein

Devon Warren-Kachelein

Former Staff Writer, ISMG

Warren-Kachelein began her information security journey as a multimedia journalist for SecureWorld, a Portland, Oregon-based cybersecurity events and media group. There she covered topics ranging from government policy to nation-states, as well as topics related to diversity and security awareness. She began her career reporting news for a Southern California-based paper called The Log and also contributed to tech media company Digital Trends.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.