HomeISO mDOC

ISO mDOC (Mobile Documents)

The ISO 18013-5 standard for mobile driver's licenses (mDL) and other mobile documents, using CBOR encoding and COSE signatures.

What is mDOC?

mDOC (Mobile Document) is a format for digital credentials defined by ISO standards. Originally designed for mobile driver's licenses (mDL) in ISO 18013-5, it has been extended to other document types via ISO 23220.

Unlike W3C VCs which use JSON, mDOC uses CBOR (Concise Binary Object Representation) for compact encoding and COSE (CBOR Object Signing and Encryption) for cryptographic security.

Key Standards

ISO 18013-5:2021mDL in Proximity

Defines the core mDL data model, security mechanisms, and in-person presentation protocols using NFC, BLE, or WiFi Aware. Establishes the Mobile Security Object (MSO) and device authentication.

ISO 18013-7:2025Online Presentation

Extends mDL for online/remote presentation scenarios. Supports REST API and OpenID for Verifiable Presentations (OID4VP). Enables browser-based verification.

ISO 23220Generic mDOC

Generalizes mDL concepts to other document types (national ID, travel documents, professional licenses). Introduces holder authentication and additional features.

mDOC Ecosystem

The mDOC ecosystem uses X.509 certificates for trust, with Issuing Authority Certificate Authorities (IACA) at the root.

Issuing Authority

Government or authorized body that issues mDOCs. Operates IACA for trust.

Wallet/Holder

Mobile app that stores mDOCs and manages device keys in secure hardware.

Reader/Verifier

App that requests and verifies mDOC presentations using trusted root certificates.

Presentation Modes

mDOCs can be presented in two main modes: proximity (in-person) and online (remote).

Proximity (ISO 18013-5)

In-person presentation via NFC, BLE, or WiFi Aware

  • Device engagement
  • Session encryption
  • Offline verification

Online (ISO 18013-7)

Remote presentation via REST API or OID4VP

  • OAuth 2.0 based
  • Browser integration
  • Remote verification

mDOC vs W3C VCDM

AspectISO mDOCW3C VCDM
EncodingCBOR (binary)JSON/JSON-LD (text)
SignaturesCOSEJOSE (JWT) or Data Integrity
Trust ModelX.509 PKI (IACA)DIDs, Web PKI, or PKI
Selective DisclosureSalted hash per claimSD-JWT or BBS+
Device BindingBuilt-in (MSO)Optional (proof in VP)
Primary UseGovernment ID documentsGeneral credentials

Real-World Implementations

mDL and mDOC standards are being deployed globally by governments and organizations.

California DMV mDL

California Department of Motor Vehicles

One of the first US states to deploy ISO 18013-5 compliant mobile driver's licenses, available through Apple Wallet and Google Wallet.

  • Over 1 million mDLs issued
  • TSA PreCheck integration
  • In-person and online verification

EU Digital Identity Wallet

European Commission

The EUDI Wallet initiative mandates ISO mDOC support for member states, enabling cross-border credential recognition across the EU.

  • 27 EU member states
  • eIDAS 2.0 compliance
  • mDL and national ID support
Growing Adoption
Over 15 US states have launched or are piloting mDL programs, with international deployments in Australia, Japan, South Korea, and the UK.

Continue Learning

CBOR Encoding Document Structure