mDocs

mDocs are based on the ISO/IEC 18013-5 standard and 18013-7 technical specification. They are digital identity documents designed to be stored on the holder’s mobile device, and can be verified either in-person or remotely (online).

The key strength of mDocs over other digital credential technologies lies in their ability to provide strong authentication and strong identification, supporting digital interactions that were previously impossible due to high security risks. By offering increased levels of security for both offline and online verification workflows, mDocs allow for seamless integration into a variety of use cases across industries. They are particularly ideal for high assurance identity credentials such as passports and national identification cards, as they offer added protection against forgery, cloning, eavesdropping and impersonation.

Designed to be stored in a digital wallet on a mobile device, mDocs allow for a secure binding between the mobile device and the credential, as well as a tighter native integration with iOS and Android. This means credential verification workflows can leverage close proximity technologies such as Bluetooth Low Energy (BLE).

The following sub-sections detail the standards and technologies which mDocs are based on, as well as the key capabilities they offer across MATTR platforms:

• Core Capabilities: Reviews the core capabilities available for mDocs, setting the ground for the following subsections who explain how these capabilities are enabled.
• Standards and Technologies: Describes the ISO/IEC standards mDocs are based on, as well as some key concepts and technologies that would help you better understand mDocs.
• From Structure to Function: Reviews the structure of mDocs and mDocs presentations, and how that structure enables the key functionalities offered by mDocs.
• mDocs across MATTR Platforms: Introduces key capabilities that are available across MATTR platforms when you embed mDocs into your network.

Frequently asked questions

What is an mDoc?

An mDoc is a digital identity document designed to be stored on a holder's mobile device and verified either in person or remotely. mDocs are based on the ISO/IEC 18013-5 standard and the ISO/IEC 18013-7 technical specification. They are particularly suited to high assurance identity credentials such as passports, national identification cards, and mobile driving licenses.

What is the difference between an mDoc and an mDL?

An mDL (mobile driving license) is a specific type of mDoc that represents a driving license, defined by ISO/IEC 18013-5. mDoc is the broader category of credential format defined by the same standard, which can also be used for other high assurance identity documents such as passports or national identification cards.

How are mDocs verified?

mDocs are verified by checking the cryptographic signature applied by the issuer, the binding between the credential and the holder's device, and the credential's status. Verification can be performed in person using close proximity technologies such as Bluetooth Low Energy, or remotely over the internet. Most verification steps can be performed offline because the signature does not require a live lookup against the issuer.

Are mDocs more secure than other digital credential formats?

mDocs are designed for high assurance use cases. They support strong authentication and strong identification through device binding, session encryption, and protections against forgery, cloning, eavesdropping, and impersonation. Other formats may be more appropriate where these protections are not required or where the credential is primarily about information assurance rather than identity assurance.

Do mDocs support selective disclosure?

Yes. mDocs use a salted hashed claims structure that allows the holder to present only the attributes a verifier needs, without revealing the rest of the credential. This means a verifier can confirm a specific fact, such as proof of age, without learning unrelated personal data.