Core Concepts

Core concepts for using the Rust ISO mDL library.

Devices & Readers

In the context of ISO 18013-5, a "Device" is typically the mDL holder's smartphone or other mobile device. The device stores the digital version of the driver's license (the mDL). The device runs an mDL application, such as one using Spruce's isomdl library. The device is responsible for protecting the mDL data and controlling how it is shared.

A "Reader" represents the equipment used by a verifying party to request and read information from an mDL. It could be dedicated hardware device or software running on a smartphone or tablet. Readers are used by entities that need to verify the mDL, such as law enforcement, age-restricted venues, or other service providers.

Once the Device has initialized and established a new secure engagement with the Reader, the reader initiates the data retrieval process and verifies the authenticity and integrity of the received mDL data.

  • The reader requests specific data elements from the device.

  • The device, based on user consent and its security policies, responds with the requested information.

  • This communication is secured using cryptographic protocols defined in the standard.

An Example Flow

The following sequence diagram illustrates the process of the Device initializing and establishing a session with a Reader to request information from the mDL, such as whether the user is over the age of 21.

In the next section we'll walk through how to implement this process using the Spruce isomdl Rust library.

Last updated