Mobile Driver's License UI: mDL the Privacy-First Way
The whole point of an mDL is sharing less: prove you are over 21 without showing your name, address, or birth date.
TL;DR
A mobile driver's license (mDL), per the ISO 18013-5 standard, lets a person prove identity or age from their phone, often stored in Apple Wallet and issued by a state. Your app is usually a verifier (requesting and checking a credential) or a companion. Build it from a free VP0 design around selective disclosure, prove just the needed attribute (like over 21), request explicit consent, never store the raw ID, and design for privacy and trust first.
A mobile driver’s license (mDL) lets someone prove who they are, or just that they are old enough, from their phone, following the ISO 18013-5 standard and often living in Apple Wallet, issued by a state. The short answer: your app is typically a verifier (requesting and checking a credential) or a companion, and you build it from a free VP0 design around selective disclosure, proving only the attribute that is actually needed, with explicit consent and no over-collection. The space is growing fast, the digital identity market is projected past $40 billion, and privacy is the entire value proposition.
Selective disclosure is the point
The reason an mDL beats a plastic card is that it can prove a single fact without revealing everything else. A bar needs to know the person is over 21, not their name, address, and exact birth date, so an mDL verification should request and receive just that one attribute. So if you build a verifier, design it to ask for the minimum: over-21, or a specific field, never the whole identity by default. Every check needs the holder’s explicit, in-context consent showing who is asking and for what. And you must not store the raw credential, verify and discard. Apple’s Wallet IDs and the ISO 18013-5 standard define how this works.
Build it from a free design
VP0 is a free iOS design library for AI builders. Pick request, consent, and result designs, copy their links, and have Cursor or Claude Code rebuild them in SwiftUI. For a verifier, design a clear request (“Verify the customer is over 21”), the tap-or-scan presentation moment, an explicit consent step naming your business and the single attribute requested, and a clean verified or not-verified result, without ever displaying or keeping more than you asked for. Practice data minimization rigorously: request the least, store nothing sensitive, and log only what compliance requires. For the EU sibling, see EU Digital Identity Wallet UI template, and for the credential foundations, see wallet verifiable credential UI template.
mDL verification building blocks
Each step minimizes what is shared.
| Step | Job | Privacy rule |
|---|---|---|
| Request | Ask for one attribute | Minimum needed (e.g. over 21) |
| Presentation | Tap or scan to present | Holder initiates |
| Consent | Confirm the share | Name verifier and exact request |
| Result | Verified or not | Show pass or fail, not the data |
| Retention | After the check | Store nothing raw; minimize logs |
Common mistakes
The first mistake is over-collecting, requesting full identity when a single attribute (over 21) would do. The second is vague consent that does not show who is asking or for what. The third is storing or logging the raw credential. The fourth is treating an mDL like a photo of a license rather than a privacy-preserving credential. The fifth is ignoring the standard and Apple’s requirements. Minimization is both the law’s direction and the point of the technology.
A worked example
Say you build an age-verification app for a retailer. Your VP0-built verifier asks only “Is the customer over 21?” The customer presents their mDL (tap or scan), an explicit consent screen names your store and the single over-21 request, and the result is a clear pass or fail, no name, no address, no birth date, ever shown or stored. You log only what compliance requires, not the credential. The customer proved their age while keeping everything else private. For EU app-distribution rules, see Digital Markets Act DMA alternative app store UI Figma, and for theming the result screens, see dark mode vs light mode Figma app template.
Key takeaways
- An mDL (ISO 18013-5) proves identity or age from the phone, often via Apple Wallet.
- Your app is usually a verifier or companion; build it from a free VP0 design.
- Use selective disclosure: prove only the attribute needed, like over 21.
- Require explicit, in-context consent that names the verifier and the request.
- Never store the raw credential; minimize what you collect and log.
Frequently asked questions
What is a mobile driver’s license (mDL)? It is a digital driver’s license following the ISO 18013-5 standard, stored on the phone (often in Apple Wallet) and issued by a state, that can prove identity or a single attribute like age.
How do I build an mDL verifier UI? Build the request, consent, and result screens from a free VP0 design, request only the attribute you need (such as over 21) with explicit consent, and never store the raw credential.
What is selective disclosure in an mDL? It is proving just the attribute a verifier needs, such as being over 21, without revealing the rest of your identity. It is the core privacy advantage of an mDL over a plastic card.
Can I store the scanned ID data? No. Verify the requested attribute and discard it. Storing the raw credential is a privacy and compliance risk, so minimize what you collect and log only what is strictly required.
Frequently asked questions
What is a mobile driver's license (mDL)?
It is a digital driver's license following the ISO 18013-5 standard, stored on the phone (often in Apple Wallet) and issued by a state, that can prove identity or a single attribute like age.
How do I build an mDL verifier UI?
Build the request, consent, and result screens from a free VP0 design, request only the attribute you need (such as over 21) with explicit consent, and never store the raw credential.
What is selective disclosure in an mDL?
It is proving just the attribute a verifier needs, such as being over 21, without revealing the rest of your identity. It is the core privacy advantage of an mDL over a plastic card.
Can I store the scanned ID data?
No. Verify the requested attribute and discard it. Storing the raw credential is a privacy and compliance risk, so minimize what you collect and log only what is strictly required.
Part of the Native Apple & SwiftUI: The iOS Ecosystem hub. Browse all VP0 topics →
Keep reading
EU Digital Identity Wallet UI: Privacy by Design
The EU Digital Identity Wallet is coming. Build a privacy-first wallet UI from a free VP0 design with selective disclosure, clear consent, and secure storage.
GDPR Cookie Consent Bottom Sheet UI for Mobile
A GDPR consent bottom sheet must make reject as easy as accept. Build a compliant, honest consent UI from a free VP0 design, no pre-ticked boxes, no dark patterns.
iOS Screen Time API and Family Controls UI, Explained
A parental-control app must use Apple's Family Controls and Screen Time API. Build the dashboard and limits UI from a free VP0 design, the privacy-safe way.
How to Design an iOS App Before You Build It With AI
AI builders match references, not vague goals. Deciding your core screen, flow, data, and feel first is the cheapest hour in the whole project.
Airbnb-Style Bottom Sheet in React Native: Map Meets List
Airbnb's map-plus-draggable-sheet is a gold-standard pattern. Build a smooth bottom sheet over a map from a free VP0 design in React Native, with the right detents.
Sign in with Apple UI Guidelines, Built in Figma
Sign in with Apple has strict button and flow rules. Build a compliant sign-in from a free VP0 design, follow guideline 4.8, and cut account-creation friction.