Completely re-imagining how a digital ID could work, Traficom’s Digital Driving Licence (DDL) uses custom visual elements for providing the level of security that is sufficient for daily use – removing the need for separate infrastructure for identification (such as QR readers and other backend solutions). DDL also allows faster deployment of a Driving Licence and keeps all the user information automatically up to date. It removes the manual processes related to entering user information if changes occur or when the user initially receives their first driving licence.
Identification check at Finnish postal office. Identification check at Finnish postal office.
In Finland driving licences are mainly used in two scenarios: Driving Licence validation and identification. Identification takes place in everyday situations, for example when picking up a postal package. In Finland Driving Licence is the de facto user ID for everyone who has one. However the basic concept can be expanded to any sort of an ID card.
Gyroscope Connected Watermark Gyroscope Connected Watermark
Visual Security Features
DDL has two main security levels: visual security and backend security.
The visual security level uses a gyroscope connected digital watermark combined with continuously animated dynamic OpenGL background, that supports interaction to prevent motion capture frauds. User information and image are always up to date, which makes it easier to identify the person. A barcode is generated from user information to match the barcode in a physical driving licence. Visual level security can be dynamically altered and pushed to the devices if a breach is detected.
Visual Security Features / Fig. 1 Visual Security Features / Fig. 1
Back-end Security Features
In the onboarding phase, the user is securely identified using banking credentials. Backend security includes a QR code that is generated on device and in the backend with a specified period of validity. This ensures that the information on the device matches the information in the backend and the user is not using a fake application. Backend security has some other additional security features which are not to be described here.
Back-end Security Features / Fig. 1 Back-end Security Features / Fig. 1
Prototype served as a successful proof-of-concept and was used as a base for the development of a closed iOS pilot. The app is currenly available as an invite based Beta release. In terms of actual real-life testing Posti has officially declared to be participate as a stakeholder – this means that the beta users are able to use DDL in all Posti offices as a proof of identity. Most major finnish media outlets have covered the progress and DDL has also gathered interest outside of Finland. DDL has been accepted alongside traditional licences in the finnish legislation and the app is expected to be released for both iOS and Android to all finnish citizens during H2 2019 (HiQ is not involved in the current production)