In our recent live podcast, Richard Esplin (Dock Labs) spoke with Andrew Hughes (VP of Global Standards, FaceTec) and Ryan Williams (Program Manager of Digital Credentialing, AAMVA) about the rollout of mobile driver’s licenses (mDLs) and what comes next.
One idea stood out: derived credentials.
mDLs are powerful because they bring government-issued identity into a digital format.
But in practice, most verifiers don’t need everything on your driver’s license.
A student bookstore doesn’t need your address, it only needs to know that you’re enrolled.
That’s where derived credentials come in.
They allow you to take verified data from a root credential like an mDL and create purpose-specific credentials:
- A student ID for campus services.
- An employee badge for workplace access.
- A travel pass or loyalty credential.
Andrew put it simply: if you don’t need to use the original credential with everything loaded into it, don’t.
Ryan added that the real benefit is eliminating unnecessary personal data entirely, only passing on what’s relevant for the transaction.
Derived credentials also make it possible to combine data from multiple credentials into one, enabling new use cases.
For example, a travel credential could draw on both a government-issued ID and a loyalty program credential, giving the verifier exactly what they need in a single, streamlined interaction.
This approach flips the model of identity sharing.
Instead of over-exposing sensitive details, derived credentials enable “less is more” identity verification: stronger assurance for the verifier, greater privacy for the user.
Looking ahead, Andrew revealed that the ISO 18013 Edition 2 will introduce support for revocation and zero-knowledge proofs, enhancements that will make derived credentials even more practical and privacy-preserving.
Bottom line: mDLs are an important foundation, but the everyday future of digital ID lies in derived credentials.
