Google is changing how new Android 13 devices should store driver’s licenses
Carrying a wallet has become less of a necessity for me thanks to my smartphone and Google Pay, but there are a few cards that I can’t go without. A driver’s license would be one such card, though a digital driver’s license offers multiple advantages over the traditional ID card. You can’t lose it, you can wipe it remotely if your phone gets stolen which means you’re less likely to get your identity stolen, and you’ll have an easier time bringing it up on request. Google introduced the Identity Credential API in Android 11 for storing identity cards, though now it appears that devices launching with Android 13 will require additional hardware for storing digital driver’s licenses.
As reported by Esper, a recent code change suggests that chipsets launching with Android 13 must support the Identity Credential Hardware Abstraction Layer (HAL) at feature version 202201 or later. 202201 of the Identity Credential HAL introduces support for presenting multiple documents during a single transaction, such as simultaneously sharing your driver’s license and motor vehicle registration. Google can’t mandate that devices upgrading to Android 13 must support it, but new devices that launch with Android 13 will need to, as enforced through a test in the Vendor Test Suite, or VTS.
For context, the VTS is an automated testing suite that validates the vendor implementation is compliant with Google requirements. It consists of a set of testing frameworks and test cases, testing both the Android system’s core HALs and libraries, and the low-level system software such as the kernel, modules, and firmware.
The Identity Credential HAL enables the storing of identity documents in the device’s secure hardware, which is met by the inclusion of a Trusted Execution Environment, or TEE. This is a dedicated area of the main applications processor for executing sections of code in an isolated environment. Not many devices have actually introduced the Identity Credential HAL despite TEE implementations being widespread.
Interestingly, there’s also the Identity Credential Direct Access HAL too, though its implementation won’t be required. It essentially allows for direct access via NFC to the secure enclave that holds a user’s documents even when the battery is too low to boot the OS. This is only possible when the secure hardware features a CPU and storage device separated from the applications processor. Very few devices meet this criterion, and the only devices that currently implement the Identity Credential HAL itself are Google Pixel devices.
While mobile driver’s licenses are gaining traction across the U.S., Google intends for the identity credentials API to be generic and to hold other secure documents, too. Motor vehicle registration and vaccination records are two potential use cases. The TSA plans to begin recognizing mobile driver’s licenses as valid IDs for domestic travel soon, and at least 30 U.S. states have already issued or plan to issue them. We’ve already seen as well that with iOS 15, Apple announced that the TSA would accept its digital IDs for domestic travel.
There are obviously a ton of security concerns when it comes to storing personal identification on your smartphone, but Google is taking steps to make it as safe as possible. There’s definitely an upside to carrying your documents digitally instead of a physical card that can be lost or stolen, but additional hardware for storing those documents will go a long way towards convincing authorities to use the Identity Credential API when developing these applications.