MAG Insights

The retail landscape is constantly evolving, driven by consumer demand for convenience, speed, and privacy. For merchants, the challenge is balancing operational efficiency with compliance and security. A crucial new technology at the intersection of these needs is the Mobile Driver's License (mDL).

While the concept of a digital ID may no longer be novel, its rapid deployment ^[1] across states and countries ^[2] has moved it from a future concept to a reality. The question for merchants is evolving from "What is an mDL?" to understanding the practical capabilities and considerations for potential adoption. This article explores the objective benefits of mDL, clarifies key misconceptions, and explains how this new technology can integrate into modern commerce, particularly eCommerce and delivery models.

Understanding mDL Security: The Foundation of Digital ID

Before exploring potential use cases, it is helpful to review the security architecture that forms the basis of mDL. Unlike a simple photo of a physical ID, a true mDL, based on the international ISO/IEC 18013-5 standard, is inherently more accurate and tamper-proof. Customers use their mDL by tapping or scanning to have it read and cryptographically verified, rather than simply showing the credential.

• Legally Compliant: Each state issuing mDLs has ensured their laws make the mDL legally equivalent to physical cards, maintaining reciprocity between states.
• Definitive Authenticity: Unlike physical cards that rely on easily duplicated features like microprint or UV ink, mDLs use digital signatures. They’re endorsed or signed by the issuing authority (e.g., a state DMV). This cryptographic verification provides a higher level of confidence in authenticity and accuracy compared to physical ID verification.
• Fast Cryptographic Verification: mDL data is cryptographically signed and updated regularly, making the signature instantly verifiable by a merchant’s mDL Reader. This verification confirms the data is accurate and the card status is current.
• Reduced Handling of PII: mDLs minimize data sharing by allowing selective disclosure. A liquor store merchant, for example, only needs "over 21" confirmation, not the customer's birthdate, photo, or address. This ability to request only the necessary data directly mitigates a merchant's data liability concerns.

With this foundation of trust established, and given the rapidly increasing adoption across 22+ U.S. states, a look at the operational and strategic advantages of accepting mDL is compelling.

Evaluating the Potential Benefits of mDL Adoption

Operational and Security Benefits

1. Faster Transactions and Higher Throughput: Digital data transfer is faster and more accurate than manual entry or scanning. Even a small reduction in transaction time at high-volume checkouts can yield operational savings and improve customer satisfaction due to shorter lines.
2. Lower Fraud Rates: mDLs' cryptographic security and real-time verification substantially reduce the acceptance of fake IDs, mitigating a key risk in age-restricted sales and decreasing legal liabilities from non-compliance.
3. Reduced Training for Authentication: Since the mDL reader verifies authenticity cryptographically, employee training can focus on business process rather than subjective determination of ID fraud probability by eyeball.
4. Parallel Processing: The holder of the mDL can tap to run their own verification, potentially reducing the time an employee spends evaluating an ID document.
5. Accuracy in Data Capture: For merchants requiring data capture (e.g., for loyalty, returns, or account creation), the direct, verified data transfer from the mDL prevents keystroke errors, resulting in cleaner databases and more accurate customer profiles.

Strategic Business Considerations

1. Meeting Evolving Customer Expectations: Consumers increasingly anticipate and use digital IDs on their smartphones, paralleling their adoption of digital payments and digital tickets. Acceptance of mDL aligns with a superior, friction-free experience.
2. Enabling New Business Channels: mDLs support new, high-growth models. For grocery delivery of age-restricted items (e.g., alcohol), the option for remote, secure mDL verification (18013-7) simplifies legally compliant expansion, while in-person re-verification (18013-5) remains possible at the time of delivery.
3. Acknowledging Your Customer’s Values: Partnering with the DMV to enhance your privacy has been a strong message that brings customers to launch events on mDL. Your state DMV will work with you ^[3] to promote mDL acceptance.
4. Be Positioned Early as a Thought Leader: Using new technology to make better customer experiences is something that has staying power with consumers.
5. Standardization and Interoperability: Adopting the international ISO 18013-5 standard now future-proofs merchant hardware and software for a globally interoperable system, independent of the adoption pace across all 50 U.S. states. Europe ^[4] has a timeline for mandatory acceptance of the EU Digital Identity by large private-sector entities.

Addressing Core Merchant Concerns

Merchants have raised several primary concerns regarding mDL technology. Objectively addressing these points is essential for informed decision-making.

1. Data Liability: Capture Only What is Needed

Merchants can fear unnecessary data capture and liability. mDL’s selective disclosure is designed to address privacy and security. Reader applications are configured to request only the minimum necessary data (e.g., "Over 21: Yes/No") so that they do not receive or store superfluous or risky information (like full address or DL number) unless required (e.g., hotel check-in). Proper mDL implementation protects merchants by limiting their liability.

2. Scenarios When Commerce Has to Happen Offline

Merchants worry about the reliability of centralized systems and the failure of connectivity.

• Decentralization is Key: mDLs are designed for resilience, allowing decentralized verification. The customer's phone can verify the ID directly with the merchant's reader via Bluetooth, NFC, or WiFi Aware. This eliminates the need for central server access, ensuring transactions proceed during internet outages or in remote locations.
• Privacy Enhancement: Merchants can rely on cryptographic proof from the consumer's device, which functions in an offline setting, rather than central online checks that could create opportunities for transaction surveillance.

3. Transaction-Based Pricing Model

Some merchants are concerned about a potential transaction-based pricing model ("callback pricing") associated with checking a central server for data or revocation status. However, mDLs are decentralized, and DMVs have generally approached this as Digital Public Infrastructure ^[5]. The operational business model should remain similar to existing physical cards, where merchants choose and purchase equipment for scanning physical driver’s licenses and IDs.

4. Hardware Upgrades: Scaling Across Thousands of Devices

The thought of upgrading thousands of point-of-sale (POS) terminals, handheld scanners, and back-office systems is perceived as a significant operational hurdle.

• Leverage Existing Infrastructure: Many modern POS systems already have the necessary NFC, Bluetooth, or network capabilities to read mDL. The primary investment is often software updates to enable the mDL reader protocol, not wholesale hardware replacement.
• Phased Rollout: A successful strategy involves a phased rollout, prioritizing high-value, high-risk, or low-volume areas first (e.g., self-checkout lanes for age verification, or the delivery fleet). This approach spreads capital expenditure over time and provides time for organizational learning and calculation of ROI.

mDL Capabilities: eCommerce and Split Transactions

A key capability of the mDL standard (the 18013-7 standard) covers online commerce with "over-the-internet" presentation of ID and "split online then in-person" transactions, like Buy Online Pickup in Store (BOPIS). Multiple states and countries currently support remote presentation to websites through a wallet or app, and commercial plug-ins are available.

ISO/IEC 18013-7 adds identity verification standardized for remote transactions, which is important for any merchant with an eCommerce platform where abandoned transactions cost money. This allows a customer buying restricted items online to perform a secure, even anonymous, age or ID check on the merchant’s website. The customer uses their phone to authorize the release of only the necessary data (e.g., "Over 21") to the merchant’s system, all remotely and cryptographically verified. This is ideal for restricted content and regulated online sales.

mDL remote presentation leads directly to the concept of the split online-in-person transaction, ensuring identity verification across the digital and physical commerce divide. For example:

1. Online: The customer places an order and performs the initial remote age verification using their mDL (ISO 18013-7).
2. In-Person (Delivery): The delivery driver uses a handheld mDL reader to perform a second, in-person verification of the customer's mDL (ISO 18013-5) to confirm the recipient matches the online order, ensuring compliance at the point of hand-off.

This split-verification model ensures a seamless, compliant, and fraud-resistant experience that integrates physical and digital commerce, solving challenges faced by modern retailers.

Implementation Considerations for Merchants

For Merchant Advisory Group (MAG) members, integrating mDL technology is manageable through a structured approach:

• Structured Rollout: A successful approach involves an iterative rollout, starting with pilot locations, specific high-risk transactions, or targeted locations to facilitate learning, fine-tune procedures, and ensure systems are responsive to real-world deployment.
• Liability Management: Staff training should heavily emphasize the principle of selective disclosure, ensuring employees understand how the mDL reduces their burden of PII handling while increasing the reliability of identity verification.
• Targeted Efficiency: mDL can streamline and accelerate numerous merchant processes. Apply mDL to operational pain points and measure the results.
• Enabling New eCommerce Channels: The mDL provides the foundation for strong identity verification for high-value or regulated digital transactions (e.g., BOPIS for controlled goods). It bridges the gap between the digital transaction and the physical pickup/delivery, securing the crucial "last mile" of eCommerce.
• Age-Verification Modernization: For regulated transactions (alcohol, tobacco, cannabis), the simple, unambiguous "Yes/No" age verification feature eliminates human error and enables consistent regulatory compliance with maximum efficiency.

Conclusion

The Mobile Driver's License (mDL) provides a verifiable, standardized, and privacy-enhancing digital identity credential for the merchant ecosystem. By objectively evaluating the security advantages, understanding the expanded capabilities like eCommerce verification (ISO 18013-7), and addressing common operational concerns, merchants can make an informed decision on how and when to integrate mDL technology into their operations.

References

1. In early 2026, there are 7.9M mDL holders across 22 U.S. states. 46% of the U.S. population could get an mDL today and would do so if they had places that accept it. https://www.mdlconnection.com/implementation-tracker-map/
2. Denmark, Australia, New Zealand, Japan, and EU wallets along with several South American countries are noted in https://regulaforensics.com/blog/mobile-drivers-license-verification/ and other market research.
3. AAMVA and state DMVs will directly work with relying parties: AAMVA Digital Trust Service for Relying Parties.
4. https://www.truvity.com/blog/eudi-wallet-timeline-why-starting-implementation-now-is-low-risk
5. https://www.gatesfoundation.org/ideas/digital-public-infrastructure — What is Digital Public Infrastructure?