ISO mdoc

Learn how the ISO mDL offline protocol works in Procivis One.

ISO standards provide specifications for both the mdoc credential format and the protocols that govern how these credentials are shared and verified. Procivis One implements two key ISO standards for mdoc exchange:

• ISO 18013-5 enables secure offline credential exchanges between holders and verifiers. This is useful for in-person verification scenarios when internet connectivity isn't required.

• ISO 18013-7 extends these capabilities to online environments, allowing for remote credential verification. This includes support for unattended presentations where direct interaction between the holder and verifier isn't necessary.

This page explains the specific implementation details of these ISO mdoc exchange standards within Procivis One.

Offline exchange

Procivis One enables the offline exchange of ISO mdocs over Bluetooth Low Energy (BLE).

This allows digital wallets and mobile verifiers to connect over BLE and complete consent-based proof requests and presentations of ISO mdocs without the need for internet connection.

How it works

The digital wallet holder generates a QR code from their wallet and shares it. This QR code is scanned by the mobile verifier and device engagement is initialized. Once the connection is established, the verifier requests the needed information. The digital wallet presents the holder with the request and allows the holder to review the data to be shared. The holder can then choose to share the requested data or to reject the request.

If the holder consents to sharing, the data is transmitted to the mobile verifier. The mobile verifier device then verifies the signatures on the data elements using the public keys, also called "Signer Certificates", derived from the mobile security object (MSO). In addition to checking that the signature is correct, and that the disclosure hashes match the MSO, the Signer Certificates are checked against a "Trust List" of trusted Signer Certificates.

See also the mdocs format guide.

Implementation details

Procivis One supports ISO/IEC 18013-5:2021 offline exchange (device retrieval) using QR code for device engagement and Bluetooth Low Energy for device retrieval. Both holder and verifier devices use peripheral server mode only. The encryption algorithm used is X25519. DeviceSignature is used for authentication.

Some elements of the standard are not currently supported but are in development, including:

• Reader authentication - mdoc reader authentication is not currently supported

• Repeated requests within a single session - after a presentation has been submitted the BLE connection closes. Any further interactions require a new device engagement.

• age_over_nn logic - the standard provides a mechanism by which a verifier can ask if a holder is above a certain age and the holder's wallet generates a true/false response rather than a precise age. Currently the holder's wallet can only comply with an age_over request if it contains a data element with the precise age being requested.

Mandatory and optional claims

While the ISO mDL exchange protocol cannot express whether specific claims are mandatory or optional (all claims appear as optional to the wallet), the system still enforces mandatory claims during verification.

When verifying submitted proofs, any claims marked as required in your proof schema will cause the proof to be rejected if they are missing.

Related guides

• Present an mdoc offline
• Verify an mdoc offline

Online exchange

Procivis One implements online exchange of mdoc credentials using OID4VP following the 18013-7 standard. The flow is virtually identical to the standard OID4VP flow with a few key differences.

For details on exchanging mdocs using OID4VP, see ISO mdoc exchange via OID4VP