UL is uniquely positioned to support driving license issuers towards the introduction of mDL. Our colleagues possess unique mDL knowledge and expertise through their leading involvement in the development of mDL globally.
- UL experts bring experience gained through their leadership role in the working group for international standardization of the mDL (ISO 18013-5) and their advisory position with regional associations of issuing authorities.
- UL experts have hands-on experience building an mDL Proof-of-Concept, and involvement in testing mDL solutions.
- UL proudly coordinated the world’s first “mDL Prototype Interoperability Party”, a test event where the interaction between mDL and mDL Reader prototypes from multiple implementers was tried out.
How can UL help you?
UL provides advisory services to driving license issuers to guide them through all the steps necessary to implement an mDL. Our mDL strategic workshop is a great way to prepare all relevant stakeholders for the decisions to be made on strategic, technical, security and policy levels throughout the design, implementation and deployment lifecycle. Furthermore, we assist issuing authorities, ensuring that their (acquired) mDL solution is a strong fit to their needs, taking into account existing infrastructure, safeguarding interoperability, security and privacy. UL provides support in development of an mDL strategy, stakeholder analysis, requirements engineering, RFP and vendor selection.
Testing & Certification
UL is offering a suite of verification and certification services for mDL. As a testing party, we will ensure compliance of the mDL solution with the standards and specifications enforced by the governing entities and issuing states, through the following testing methods:
We will also check the non-functional aspects (performance, usability, reliability, etc.) of the mDL solution. Making sure that the mDL solutions going to market are secure and compliant is our goal.
UL provides security assurance for mDL implementations through a systematic identification and categorization of threats and associated risks; and then verifying these are mitigated with appropriate security controls and risk management strategies.
- Identification of threats, risks and appropriate controls. This entails determining what technical, organizational and operational controls are required to mitigate threats and manage risks during the design and development phase of an mDL solution.
- Verification of security controls. This entails auditing of processes and penetration testing of implementations during and after development to provide assurance that the solution meets the necessary security requirements.
- Operational testing. Once deployed testing can ensure that over time technical controls are still sufficient, and that organizational and operational controls are working effectively and achieving the requirements determined in the design phase.