The White House has issued a sweeping executive order that includes measures to promote the adoption of digital ID solutions and mobile driver’s licenses in the United States. Framed as part of a broader initiative to combat cybercrime and identity fraud, the executive order emphasizes the importance of secure, privacy-preserving digital identity verification systems for accessing public programs and services.
Section 5 of the executive order encourages federal agencies to explore how grant funding can support states in developing and issuing mobile driver’s licenses. These digital credentials are expected to comply with principles of privacy, interoperability, and data minimization.
“Digital identity documents accepted as verification evidence must ensure that only the minimum information required for a transaction—often a simple ‘yes’ or ‘no’ response—is disclosed,” the order stipulates.
Federal agencies are also directed to consider accepting digital identity documents, such as mobile driver’s licenses, for identity verification in public benefits programs. The executive order underscores the need to preserve accessibility for vulnerable populations and protect users from surveillance or tracking by issuers, device manufacturers, or third parties. Within 270 days, the National Institute of Standards and Technology (NIST) is tasked with issuing practical implementation guidance to support the secure use of digital identity documents in these scenarios.
To further bolster the security and usability of digital identity documents, the order highlights the role of interoperability and trust frameworks. Digital identity solutions must be compatible with standards-compliant hardware and software across various devices and systems.
In addition to its focus on digital ID, the executive order promotes advanced methods to reduce identity fraud, such as privacy-preserving “Yes/No” validation services. These services allow verification of identity information without requiring the sharing of complete personal records, safeguarding users’ privacy. Federal agencies operating identity verification systems are encouraged to integrate these services to enhance fraud prevention while maintaining compliance with data protection principles.
The executive order is a welcome development for many working in the digital and mobile identity space. “Digital identity should be a bipartisan win given that it strengthens identity verification of our US residents, and also enables government agencies to provide services in a more efficient manner,” commented Tyson Moler, VP, Identity & Biometric Solutions at Thales North America. “We expect that mobile driver’s license growth will continue, in part from secular demand and expectations of citizens to move more of their daily lives to mobile devices, but also in part because it creates efficiency, security, and assurance for the verifying parties, government and industry, that will use these identities to support their mission.”
The executive order’s provisions on digital ID and mobile driver’s licenses are part of a broader cybersecurity strategy outlined in the document. It emphasizes the adoption of modern security architectures, including zero trust principles, endpoint detection and response (EDR) solutions, and phishing-resistant authentication technologies like WebAuthn. Federal Civilian Executive Branch agencies are instructed to accelerate deployments of these technologies to mitigate risks and improve network security.
The order also calls for a transition to post-quantum cryptography (PQC) to prepare for future threats posed by quantum computing. Agencies are required to prioritize encryption updates and ensure that cryptographic standards remain resilient to quantum computing advancements.
In addition to identity and authentication enhancements, the executive order mandates improvements in software supply chain security, open-source software management, and cloud security. Agencies must integrate cybersecurity into their acquisition processes, ensuring that vendors meet rigorous security standards. The federal government also plans to establish updated guidance for encrypted communications and secure email protocols, further strengthening its digital defenses.
Source: The White House
–
January 16, 2025 – by Cass Kennedy and Alex Perala
Follow Us