Verifiable digital credentials protect data through multiple layers of security, from the cryptographic foundations that make tampering detectable, to the hardware that keeps keys inaccessible, to the encryption that protects data in transit and at rest.
Cryptographic signatures
Every credential carries a digital signature from its issuer. When the DMV issues a mobile driver's license, it applies a cryptographic signature using its private key. This signature says, in mathematical terms, "I authorize this credential and its contents."
Any modification to the credential, even changing a single character, renders the signature invalid. Verifiers can detect tampering instantly by checking whether the signature matches the credential's contents against the issuer's public key.
Device binding
Credentials are cryptographically bound to specific devices. When your phone receives a credential, it generates a unique key inside its secure element, a tamper-resistant hardware component. The credential is locked to this device key.
If someone copied the credential to another device, it wouldn't function because the required key would be missing. Device binding prevents credential theft and unauthorized transfer.
Secure element protection
The secure element is a separate, isolated computing environment within your phone (Apple's Secure Enclave, Android's StrongBox, or equivalent). Cryptographic keys generated here cannot be extracted through normal interfaces.
An attacker would need expensive lab-grade tools and multiple layers of tamper detection to defeat, making success extremely unlikely. Even if the main phone operating system is compromised, keys in the secure element remain protected.
Hardware security modules (HSMs)
On the issuer side, private keys used to sign credentials are stored in hardware security modules (HSMs), tamper-resistant devices that perform cryptographic operations in secure isolation. HSMs meet federal standards (FIPS 140-3), which require advanced physical and logical protections.
DMVs utilize layered key management, where a root key, secured in the highest-grade HSM, authorizes secondary document signer keys. These signer keys handle day-to-day issuance and are rotated frequently (sometimes every thirty days) to limit exposure in the event one is compromised.
Encryption in transit and at rest
All credential data is encrypted using industry-standard transport security protocols and modern symmetric encryption algorithms. This ensures that data remains protected, whether it's moving across networks or stored on your phone.
Biometric authentication
Before a credential can be presented, the wallet requires authentication: Face ID, fingerprint, or PIN. This ensures that even if someone has physical access to your phone, they cannot use your credentials without passing biometric or knowledge-based verification.
Protection against future threats
Well-designed systems prepare for emerging threats, such as quantum computing, through "crypto-agility," the ability to adopt new cryptographic algorithms as they become standardized. Credentials bound to session-specific challenges and encrypted during transmission minimize the value of any captured data, protecting against "harvest now, decrypt later" attacks.
Want to keep learning?
Subscribe to our blog.
