Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Privacy IOS Iphone Apple

Apple Wallet Will Support IDs and Driver's Licenses In iOS 15 (appleinsider.com) 64

At WWDC today, Apple announced an update to its Wallet app that will let you add information from an ID card in certain supported U.S. states. One of the first partners to support the digital identities will be the U.S. Transportation Security Administration. AppleInsider reports: All of the information in Wallet will be stored in a secure and encrypted fashion. Like an actual ID, it will include a person's legal name, date of birth, photo, and Real ID status. In addition to the support for IDs, Apple is also expanding the types of keys that users can add to Wallet. That includes keys to a smart home lock, keys to hotel rooms, and work badges that can be scanned to gain entry to a workplace. For example, Hyatt is rolling out its support for digital keys in Wallet to more than 1,000 properties later in 2021. The company says your license or state ID will be encrypted and stored in the iPhone's secure enclave. It's also working on adding features for unlocking cars from various manufacturers using their ultra-wideband chip (UWB) found in the new iPhones and Apple Watches.
This discussion has been archived. No new comments can be posted.

Apple Wallet Will Support IDs and Driver's Licenses In iOS 15

Comments Filter:
  • A terrible idea (Score:4, Informative)

    by Powercntrl ( 458442 ) on Monday June 07, 2021 @03:56PM (#61463726) Homepage

    The first things that a cop asks for when you get pulled over for something as simple as a burned out taillight bulb is your license and registration. I’m not handing a cop my phone.

    • Oh .. I see, you were on the phone. Hm, is that your girl? What's this about 420?

      • The wallet presents cards without a full unlock. There should also be a mode where you can hand ID to cops without unlocking the rest. On iPhone today, you press the unlock button 5 times with your pin and it burns the face unlock. You have to enter your password at that point to get into the phone in the same way that a rebooted phone does. The pin unlock is considered more secure because legally they can not compel you to speak. They can only compel you to place a finger or can force a face scan.
        • On iPhone today, you press the unlock button 5 times with your pin and it burns the face unlock.

          What you need to do is hold the home and volume down buttons until you see the power off/SOS screen. You'll feel the haptic "click" as well. After that it will require the passcode to unlock.

          Pressing home five times will just open Wallet and lock the screen again. (FaceID will still work and I assume TouchID is the same.)

          • Im pretty sure it will disable Touch ID / Face ID. Read here. [macrumors.com]
            • I stand corrected. What you say does work, but not for a model 8 or newer. It doesn't work on my model X.
              • I just tried on my iPhone X and it worked fine. Press the sleep/wake button 5 times and then it gives the haptic click and brings me to the Emergency/SOS screen. I need to enter the passcode before I can unlock the phone again. Maybe you've disabled it in Settings somewhere?
    • There's a potential silver lining- Would I love it if fiddling with your phone in front of an LEO was normalized? Yes, possibly. Imagine calling up the "Show the officer my ID" app and the phone realizing it should immediately go into lockdown mode where it only shows the screen with the ID.

      • by AmiMoJo ( 196126 )

        Problem is reaching into a pocket to get your phone might get you killed. All the cop has to do is shout "gun".

        • Problem is reaching into a pocket to get your phone might get you killed

          Not if you're white.

    • let alone an UNLOCKED phone
    • by AmiMoJo ( 196126 )

      Right, you need your phone to film the cop, because your can be sure his bodycam is malfunctioning.

      Also iCloud doesn't exactly have a great reputation for security, as many celebrities will attest.

      • Hm good point. A car like Tesla, could have an I am pulled over mode.

        • Re: (Score:3, Insightful)

          by Anonymous Coward
          Teslas are a privacy nightmare! For all their good points they have embedded spyware that is constantly phoning home and are more of a telemetry snitch than Windows 10!
          • by AmiMoJo ( 196126 )

            Tesla recently enabled the driver-facing camera for driver monitoring functions too. Doubtless you attention levels are constantly logged, if not images of your face.

            Next time there is a Tesla accident involving autopilot expect them to produce logs showing that the driver was distracted.

      • by tlhIngan ( 30335 )

        Also iCloud doesn't exactly have a great reputation for security, as many celebrities will attest.

        The fappening was the result of hacked accounts, not any inherent security issue with iCloud. Just turned out a bunch of celebrities liked passwords like "password" and such and reusing their passwords so searching the password lists would tell you their iCloud password.

        Apple can't fix stupid, which is why we have to deal with things like 2FA and all that to our accounts.

        • by AmiMoJo ( 196126 )

          The hack happened because iCloud didn't have basic security features like rate limiting password guesses or notifying the user when incorrect guesses were made. That allowed hackers to dictionary attack accounts using only an email address.

        • by Hylandr ( 813770 )

          "hacked accounts, not any inherent security issue with iCloud. "

          I would like to invite you to read that a few times over...

    • Keep your licence and registration in the glove box or somewhere hidden, then. You'll have your ID on your phone for everything else, so no need to keep the physical license in your wallet anymore.

    • Re:A terrible idea (Score:5, Informative)

      by swillden ( 191260 ) <shawn-ds@willden.org> on Monday June 07, 2021 @09:50PM (#61464690) Journal

      The first things that a cop asks for when you get pulled over for something as simple as a burned out taillight bulb is your license and registration. I’m not handing a cop my phone.

      The cop doesn't want to touch your phone. Way too much potential liability.

      At least, that's what all of the police I've spoken with about this issue say. And I've talked to a few, since I'm the tech lead for a similar feature in Android (launched last year, though in the form of an API [android.com] that mDL apps can use, rather than a full implementation as Apple appears to be planning).

      I can't speak for what Apple is doing, but I will say that I've worked with them a lot in the context of the ISO committee that is standardizing the mDL protocol, and I know they -- as well as the rest of the committee -- understand that nobody wants to hand their phone to a police officer. User control and privacy are core goals of the standard. (And, no, the Android APIs do not provide any of the data to Google, a fact you can verify by reading the source code in AOSP, in case some slashdotters find it hard to believe that Google cares about user privacy.)

      I described the protocol in some detail here [slashdot.org]. There's a rights and user privacy-perspective analysis published by Jon Callas [wikipedia.org], while working for the ACLU, here [brookings.edu]. The ACLU has also published a less positive, but quite good analysis (if you ignore their clickbait title) here [aclu.org]. With only a few minor quibbles, I agree with everything in the ACLU report, and Android's feature is designed along the lines that the ACLU recommends (and was before we spoke with the ACLU, though they did make a couple of good suggestions). I expect Apple's will be as well.

    • To me it depends on the implementation. If I have to fully unlock my phone, essentially giving them unfettered access, hell no. Not a chance. You do not hand an unlocked phone to a cop.

      Anything else and I really don't see the issue, however, so long as it's opt-in. The state already has all of that info—after all, they issued me the license—so it's not like they're getting anything more in that regard. My physical wallet is already "unlocked": anyone with their hands on it can pull my license ou

    • And this is a general problem with 'ID' and phone being the same thing.

      Over the last few years I've noticed airline check-in desks wanting to see a digital 'boarding pass'. And when the phone is held up they simply grab the phone out of the passengers' hands to scroll through it out of reach.

      Have seen this so many times at airports I make sure to hold up the phone/tablet firmly with both hands to make sure they can't do this.

      Sometimes it ends up as a literal tug-of-war, as the clerk is unprepared f
    • Of course, no one with a whit of sense would ever hand their unlocked iPhone over to any cop. But the devil's in the (implementation) details. If privacy protections similar to ApplePay are applied, it would be something more like: "Cop pulls you over for speeding. You touch your iPhone to his ApplePay reader. A little green light informs him that you do, in fact, have a valid license to drive, you have insurance, and your registration and smog check are up-to-date; and he gets absolutely NO other infor

  • I would love to not have to carry my wallet when driving, so the idea of a digital driver's license is great. (I do have a photo of my license stored, but it's not legally the same as having the real license.) One side effect is pushing people to finally switch to Apple Pay and the like, as everything moves to the phone. I'm already used to my phone as my car key, which is wildly convenient with a Tesla Model 3.

    But there is risk in all this. If you have to unlock your phone to show your ID to a police o

    • by 93 Escort Wagon ( 326346 ) on Monday June 07, 2021 @04:04PM (#61463768)

      You don't have to unlock your iPhone to access the Wallet.

      • But you may do it inadvertently or out of habit.
      • You don't have to unlock your iPhone to access the Wallet.

        But I'd have to look at the phone to choose the driver's license. And with FaceID the phone will unlock automatically. And if by some chance it didn't, the officer could point the phone towards my face whilst "examining" the license and wait until it unlocks.

        • If you care that much about privacy, don't enable FaceID. I didn't. I have zero problems unlocking my phone with a code. You could brute-force it, maybe relying on fingerprints for a hint, but mine is unforgettable (to me) and not easily guessed by anyone who doesn't know me surpassingly well. It has nothing to do with my birthday, my anniversary, etc.
      • If the app is designed correctly, no, you don't. But it has to be designed to do it in some fashion, AFAICT.

        I say this purely as a user. American Airlines' app pushed boarding passes to my lock screen correctly. Hawaiian Airlines' app did not, although they were in my Apple Wallet.
      • That doesn't quite make things better, considering Apple is also expanding the types of keys that users can add to Wallet. That includes keys to a smart home lock, keys to hotel rooms, which people then only need your phone for...
    • But there is risk in all this. If you have to unlock your phone to show your ID to a police officer, that means if you're being arrested, the police have full access to everything on your phone.

      Given that business with the FBI a few years back, the fact that there's already a shortcut to temporarily disable face/fingerprint unlocking and the big deal Apple made about privacy today I think there's a good chance they've already thought about this.

    • It'll be better if the car itself had the info and could transmit or display it to the officer. Maybe a fingerprint auth on the steering wheel to enable that .. on condition that it was ID info only and didn't allow the officer to retrieve info from the car on how and where you were driving.

      • by crow ( 16139 )

        In a traffic stop, the officer usually runs the plates and pulls up the license information on the owners before walking up to the window, so if you look like your photo, the officer already knows who you are.

    • But there is risk in all this.

      You drop your non-waterproof phone in a puddle?

    • I store my DL in my phone using a 3rd party app that stores loyalty cards.

      I have a front and back image of the actual DL, including any scannable bar code info as well as (of course) my picture.

      Some places accept this form of ID and some don't.

      I would love to only carry one thing. I wish places would get on board with allowing your stored info to be a valid form of identification.

    • by vux984 ( 928602 )

      ". I'm already used to my phone as my car key, which is wildly convenient with a Tesla Model 3."

      "But there is risk in all this."

      The bigger risk is your smartphone fails or runs out of battery though.

      I had some skip-the-dishes guy knock on my door a few weeks ago asking for help, wifi access, etc because his phone app wouldn't connect to his tesla which was sitting in the middle of the street in front of my neighbors house, and he'd been trying for half an hour...

      (Why didn't he knock on the door at my neighb

      • I keep a "power bank" charger in my car, since if my phone runs out of juice when I'm away from home, and I need its GPS or something, I need a way to charge it up. I don't know how long I could charge my phone for, but a lot longer than my bladder or even my stomach would go.

  • by King_TJ ( 85913 ) on Monday June 07, 2021 @04:26PM (#61463832) Journal

    I'm more concerned with the overall trend of concentrating so many things in one place; the smartphone.

    I drive a Tesla Model 3 myself and sure, it's cool that I can use my phone as the car key. But I still keep one of the RFID card keys in my wallet and bring that with me because you never know when the phone will become an issue. (For example, I've parked in underground garages before where there's no cell signal.)

    And if I get used to bringing nothing but my iPhone with me everywhere, it'd be my luck I'd get pulled over and asked for my license the one time my phone had just been dropped and broke, or it had a hardware failure of some sort, or ?

    I mean, I've had a non-functional iPhone before when one decided to flake out on me (defective flash memory, I was told when it was diagnosed). A physical drivers' license or insurance card doesn't need charged up batteries and working flash storage for someone to read it.

    • And if I get used to bringing nothing but my iPhone with me everywhere, it'd be my luck I'd get pulled over and asked for my license the one time my phone had just been dropped and broke, or it had a hardware failure of some sort, or ?

      This already happens with people who forgot/lost their wallet or had it stolen, so the police have protocols for dealing with it. It happens often enough that usually it's not too intrusive.

      Well, if you don't have much melanin in your skin. If you do, then God help you.

      • by qubezz ( 520511 )
        The protocol is a citation for driving without a license, driving without insurance, possibly having the car towed...
        • Depends on the laws of your state/country. In many, you have a certain number of days to present your license to the police if you're stopped and don't have it on you.

    • you never know when the phone will become an issue. (For example, I've parked in underground garages before where there's no cell signal.)

      I think battery dying is a larger issue. For the aforementioned model 3 it stores the keys offline and doesn't require internet.

      • you never know when the phone will become an issue. (For example, I've parked in underground garages before where there's no cell signal.)

        I think battery dying is a larger issue. For the aforementioned model 3 it stores the keys offline and doesn't require internet.

        For Android we're addressing that issue (at least, making it addressable -- the APIs allow it though no device yet supports it) by making it possible to use your mDL even when the phone is powered off. For privacy, this mode will only work if the reader authenticates itself with an appropriate key, so only law enforcement will be able to read with the phone off, and only if the hardware can support and the user enables it. That may be such a long chain of "ifs" that the feature is useless. Anyway, that's

  • Physical or virtual, not needed. You give the cop your name and address. He/she looks it up in the system, checking that the details and you mug match your photo. Done.

    And I fail to understand why you are not allowed to have more than one copy of your license? My healthcare insurer will give me as many as I want, they are not exactly known for making things easy or convenient.

    • Physical or virtual, not needed. You give the cop your name and address. He/she looks it up in the system, checking that the details and you mug match your photo. Done.

      Does this work in Los Angeles?
      Asking because... if I didn't need to carry it I might not. One of the most annoying cards to replace is a lost DL. When I inquired, a couple of officers I know let me know that it's an offense that can lead to bigger issues... and didn't recommend driving without it.

    • There is a extra layer of verification when you actually present a doc that is hard to fake. Otherwise you could give the info of your friend or relative who looks a lot like you.

    • by crow ( 16139 )

      Needed, no. Required, yes.

      An officer told me that when someone says they left their license at home, there's a 90% chance it means their license was suspended. Yes, normally an officer will already have run the plates and pulled up the driver's license for the owner or owners, so it's really redundant.

      The digital wallet version would also be useful in cases where people can't easily look up your license, like for purchasing alcohol.

  • I don't mind this idea, but I hope it comes with multiple levels of "unlock"; I can easily see a situation where I want to provide my ID and insurance, but I do not want to receiving party to be able to look through the rest of my phone.

    A multi-tier unlocking mechanism would solve this I think.

  • I only got this in a glimpse from the presentation today, but one thing I noticed was that it seems to show you all of the data items you were handing over when you were presenting that ID to scan.

    It's great to educate people on exactly how much information they are giving away when they let someone scan a drivers license.

  • Use the voice command "Show Police my ID."

    That sends the police your ID for police to verify without even touching your phone to verify Identity.

    Maybe

  • I posted s.t. like this over at the appleinsider forum, but I'll try here too:

    Does anyone know which states are implementing this soon (like this year or next)?

    What happens if you get pulled over in a state that hasn't implemented this yet?

Fast, cheap, good: pick two.

Working...