Technologies

Ditch Your Wallet: These States Let Your iPhone Be Your Driver’s License

The ID of the future is here, but only if you live in one of these states.

Getting through airport security can be one of the most stressful parts of travel, but Apple is trying to streamline the process with a new digital ID feature. In select states, you can now add your driver’s license or state ID to Apple Wallet on your iPhone or Apple Watch. That means no more fumbling for your wallet at Transportation Security Administration checkpoints — just tap your device, and you’re good to go.

We’re not too far away from a future where you can easily swipe from your flight’s boarding pass to a digital ID, right from your iPhone. If you live in certain states, that future is already here, and you can add your ID to your iPhone for a faster way through the airport security line. While this feels more like a proof of concept, it paves the way for a broader tapestry of use cases in the future.

It’s a convenient upgrade if you live in one of the supported states and have a compatible iPhone. I tested the feature in California, and the setup process was surprisingly simple. Just keep in mind that you’ll need an iPhone 8 or newer running the right version of iOS, and depending on your state’s rollout, some users may hit snags. Still, it’s a small tech shift that can make your travel day a whole lot smoother.

Right now, digital IDs are primarily used to go through TSA checkpoints in certain airports when flying domestically, but that’ll likely change in the future. Want to use your digital ID at your favorite bar or nightclub? We’re not there yet.

Below, I describe my experience, the hiccups I encountered on the way and things that you should know if you plan on adding your driver’s license to Apple Wallet. I’ll also break down how you can add your ID to your iPhone, step by step.

For more, don’t miss these low-key iOS 26 features we’re excited for.

These states support digital IDs on iPhones right now

Only a handful of states support digital IDs in Apple Wallet. One key factor is how each state implements its Mobile Driver’s License system. For instance, Louisiana, New York, Utah and Virginia all support mobile driver’s licenses but require separate apps for digital IDs.

States and regions that support digital IDs in Apple Wallet:

Arizona
California
Colorado
Georgia
Hawaii
Iowa
Maryland
New Mexico
Ohio
Puerto Rico

Some states originally announced to support Apple’s digital ID haven’t quite gotten there yet.

The number of states supported in Apple Wallet is about half of what the TSA currently allows. Collectively, it accepts digital IDs across Apple Wallet, Google Wallet, Samsung Wallet and state-based mobile apps in 15 states.

What are the iPhone requirements to add your driver’s license to Apple Wallet?

Where you live is just the start. You also have to have the right iPhone model and the right software setup.

Here are the minimum requirements that Apple lists:

An iPhone 8 or later with the latest version of iOS
Have Face or Touch ID enabled on your device
Have two-factor authentication enabled on your Apple account
A license or ID from a participating state or territory
Your device’s region set to the United States

I’ll have more to say in a bit about that iPhone 8 and iOS requirement and a catch I ran into.

My experience adding my ID to my iPhone was easy

For testing purposes, I used the iPhone 16E.

The process of adding the ID was simple. I scanned the front and the back of my ID and the next step was to verify my identity. This wasn’t nearly as nerve-wracking as I thought it would be. Instead, it took a live photo of my face for 2.5 seconds.

After that, more verification was required. This came in a series of different photos, with prompts directing me to close my eyes, open my mouth, smile and tip my head down. This verification process took about three minutes. (Or longer in my case, as I got distracted writing notes about the process and then found I had to restart the whole process.)

Then, after I submitted those photos, there was another verification step, presumably with the photos relayed to the California DMV. A screen message told me that I would receive a notification when there was an update. I expected this to take a long time, but not even 10 minutes later, a notification telling me that my ID was ready to use popped up. That was easy.

What about older iPhones?

So, not every phone you think might work will actually do so. The first time I tested adding my ID, I was using an iPhone 8 Plus. But when I arrived at the setup page within Apple Wallet, I was given eight states to choose from, and California wasn’t one of them.

That surprised me. I’d found a helpful Apple support article that explained the requirements for adding a driver’s license or state-issued ID to Apple Wallet and it seemed like I shouldn’t have any trouble.

At first, I thought the roadblock was that I hadn’t set up Touch ID yet. But no, California was still not on my list of eight states. (Equally confusing, a colleague of mine also tried this with an iPhone 8 and Apple Wallet only listed four states.)

I went back to the Apple support article and looked for fine print, and sure enough, there it was. I’d ignored the asterisk in the requirements, because California has had its Mobile Driver’s License program set up for some time now.

The fine print at the very bottom of the page states, «For California, ID in Apple Wallet requires iPhone XS or later with iOS 17.5 or later.» (For Puerto Rico, if you want to add your driver’s license or ID to Apple Wallet, you’ll need to have an iPhone XS or later with iOS 18.1.)

So if you’re holding onto an iPhone 8 or iPhone X and live in California, you won’t be able to add your driver’s license to your iPhone because of the lack of software support. iOS 16 is the last supported version of the operating system for iPhone 8 and X models.

How to add your ID or driver’s license to Apple Wallet

If you live in a state that supports digital IDs for Apple Wallet, it’s easy to add one. After it’s added, you’ll need to verify your identity, which can take a little longer but it’s still a straightforward process.

Open Apple Wallet.
Tap the Add button.
Tap Driver’s License or ID and select your location.
If applicable, choose whether you want to add your ID to your iPhone only or your iPhone and your Apple Watch.
Follow the steps to scan your license or ID.

(Make sure you scan your ID in a well-lit environment and that the image is in focus.)

Once it’s scanned, you’ll be prompted to confirm your identity with a selfie photo. According to Apple, you may be asked to complete a number of facial or head movements for identification purposes.

To ensure an easier verification process, Apple suggests that you:

Stand in front of a plain background with neutral, light paint.
Be in a well-lit area, ideally indoors.
Take off sunglasses, masks, hats or other accessories that could block your face.
Hold your iPhone steady.

When you’re finished, submit your information by confirming with Touch or Face ID. Your biometrics will be bound to the ID, so only you can use it.

How to transfer your digital ID to another iPhone

If you upgrade your iPhone, you’ll need to transfer your ID or driver’s license to it.

During initial setup, tap Wallet.
Select your ID.
Follow the steps.
Tap to confirm you want to move your driver’s license or ID to the new device.

So, now what?

Your digital ID isn’t just a photo of your ID that you can pull up within Apple Wallet. In fact, you don’t even see a full image of your physical ID. In order to actually view your information from your digital ID, you’ll need to tap on your ID «card» in Apple Wallet, tap the «i» at the top-right of the screen, and then tap State ID info or Card Information (the wording may be different depending on what version of iOS your iPhone is running). From there, it will show your ID photo as well as essential pieces of information from your physical ID.

TSA checkpoints that support digital IDs require a dedicated scanner, so the process may not necessarily feel like it’s faster than showing your physical ID to the agent.

Here’s a video of the process via the Maryland Department of Transportation:

The idea of a digital ID is pretty convenient but overall, it probably won’t save you a meaningful amount of time. Couple that fact with its incredibly limited use cases right now and the fact that merchant or event adoption will require investment in proper hardware and it’s pretty easy to see just how far off we are from ditching physical IDs.

Selling or trading in your iPhone? Do this first.

When you move on from a phone that has your ID on it, you’ll want to do the same thing you do with other sensitive info like credit or debit cards and passwords: Remove it.

So before you wipe your iPhone to sell or trade it in, you should manually remove your ID first. Here’s how to do it.

Go to Apple Wallet and tap your ID in the list
Tap the «i» button at the top right of the screen
Tap Remove State ID (or Driver’s License)
Read the warning that pops up and tap Remove

Digital passports are coming to Apple Wallet with iOS 26

While states are taking time to implement digital ID systems, Apple announced a feature coming in iOS 26 this year: You can add a digital passport to Apple Wallet.

When that feature is available, iPhone users will be able to scan their passports to create a digital version for identity verification during domestic travel. You won’t be able to use it for international travel and it’s not a full replacement for a physical passport (so keep your physical one on you) but it should work at the 250-plus supported TSA checkpoints.

During its WWDC keynote in June, Apple said that the digital ID made from your passport can also be used «in apps and in person» but it didn’t give any specifics.

This is essentially what can be done on Android through Google Wallet.

Verify with Wallet ID verification could make ordering alcohol easier

Also headed to iPhones this fall is an easier way for you to prove your age using your digital ID. Say you want to have a bottle of wine sent to your place via Uber Eats. Typically, when the driver arrives, you’ll need to present your ID and have it scanned to complete the transaction but with the new Verify with Wallet, your stored digital ID will be used to verify your age. (I do wonder if things might get more complicated when the delivery arrives if you’re not the one receiving it.)

Verify with Wallet will be supported by Chime, Turo, Uber Eats and U.S. Bank.

For more, don’t miss what you should know about flying domestically without a Real ID in 2025.

Technologies

An AWS Outage Broke the Internet While You Were Sleeping

Reddit, Roblox and Ring are just a tiny fraction of the 1,000-plus sites and services that were affected when Amazon Web Services went down, causing a major internet blackout.

The internet kicked off the week the way that many of us often feel like doing: by refusing to go to work. An outage at Amazon Web Services rendered huge portions of the internet unavailable on Monday morning, with sites and services including Snapchat, Fortnite, Venmo, the PlayStation Network and, predictably, Amazon, unavailable for a short period of time.

The outage began shortly after midnight PT, and took Amazon around 3.5 hours to fully resolve. Social networks and streaming services were among the 1,000-plus companies affected, and critical services such as online banking were also taken down. You’ll likely find most sites and services functioning as usual this morning, but some knock-on effects will probably be seen throughout the day.

AWS, a cloud services provider owned by Amazon, props up huge portions of the internet. So when it went down, it took many of the services we know and love with it. As with the Fastly and Crowdstrike outages over the past few years, the AWS outage shows just how much of the internet relies on the same infrastructure — and how quickly our access to the sites and services we rely on can be revoked when something goes wrong. The reliance on a small number of big companies to underpin the web is akin to putting all of our eggs in a tiny handful of baskets.

When it works, it’s great, but only one small thing needs to go wrong for the internet to come to its knees in a matter of minutes.

How widespread was the AWS outage?

Just after midnight PT on October 20, AWS first registered an issue on its service status page, saying it was «investigating increased error rates and latencies for multiple AWS services in the US-EAST-1 Region.» Around 2 a.m. PT, it said it had identified a potential root cause of the issue, and within half an hour, it had started applying mitigations that were resulting in significant signs of recovery.

«The underlying DNS issue has been fully mitigated, and most AWS Service operations are succeeding normally now,» AWS said at 3.35 a.m. PT. The company didn’t respond to request for further comment beyond pointing us back to the AWS health dashboard.

Around the time that AWS says it first began noticing error rates, Downdetector saw reports begin to spike across many online services, including banks, airlines and phone carriers. As AWS resolved the issue, some of these reports saw a drop off, whereas others have yet to return to normal. (Disclosure: Downdetector is owned by the same parent company as CNET, Ziff Davis.)

Around 4 a.m. PT, Reddit was still down, while services including Ring, Verizon and YouTube were still seeing a significant number of reported issues. Reddit finally came back online around 4.30 a.m. PT, according to its status page, which was then verified by us.

In total, Downdetector saw over 6.5 million reports, with 1.4 million coming from the US, 800,000 from the UK and the rest largely spread across Australia, Japan, the Netherlands, Germany and France. Over 1,000 companies in total have been affected, Downdetector added.

«This kind of outage, where a foundational internet service brings down a large swathe of online services, only happens a handful of times in a year,» Daniel Ramirez, Downdetector by Ookla’s director of product told CNET. «They probably are becoming slightly more frequent as companies are encouraged to completely rely on cloud services and their data architectures are designed to make the most out of a particular cloud platform.»

What caused the AWS Outage?

AWS hasn’t shared full details about what caused the internet to fall off a cliff this morning. The likelihood is that now it’s deployed a fix, its next step will be to investigate what went wrong.

So far it’s attributed the outage to a «DNS issue.» DNS stands for the Domain Name System and refers to the service that translates human-readable internet addresses (for example, CNET.com) into machine-readable IP addresses that connects browsers with websites.

When a DNS error occurs, the translation process cannot take place, interrupting the connection. DNS errors are common are common internet roadblocks, but usually happen on small scale, affecting individual sites or services. But because the use of AWS is so widespread, a DNS error can have equally widespread results.

According to Amazon, the issue is geographically rooted in its US-EAST-1 region, which refers to an area of North Virginia where many of its data centers are based. It’s a significant location for Amazon, as well as many other internet companies, and it props up services spanning the US and Europe.

«The lesson here is resilience,» said Luke Kehoe, industry analyst at Ookla. «Many organizations still concentrate critical workloads in a single cloud region. Distributing critical apps and data across multiple regions and availability zones can materially reduce the blast radius of future incidents.»

Was the AWS Outage caused by a cyberattack?

DNS issues can be caused by malicious actors, but there’s no evidence at this stage to say that this is the case for the AWS outage.

Technical faults can, however, pave the way for hackers to look for and exploit vulnerabilities when companies’ backs are turned and defenses are down, according to Marijus Briedis, CTO at NordVPN. «This is a cybersecurity issue as much as a technical one,» he said in a statement. «True online security isn’t only about keeping hackers out, it’s also about ensuring you can stay connected and protected when systems fail.»

In the hours ahead, people should look out for scammers hoping to take advantage of people’s awareness of the outage, added Briedis. You should be extra wary of phishing attacks and emails telling you to change your password to protect your account.

Technologies

A New Bill Aims to Ban Both Adult Content Online and VPN Use. Could It Work?

Michigan representatives just proposed a bill to ban many types of internet content, as well as VPNs that could be used to circumvent it. Here’s what we know.

On Sept. 11, Michigan representatives proposed an internet content ban bill unlike any of the others we’ve seen: This particularly far-reaching legislation would ban not only many types of online content, but also the ability to legally use any VPN.

The bill, called the Anticorruption of Public Morals Act and advanced by six Republican representatives, would ban a wide variety of adult content online, ranging from ASMR and adult manga to AI content and any depiction of transgender people. It also seeks to ban all use of VPNs, foreign or US-produced.

Don’t miss any of our unbiased tech content and lab-based reviews. Add CNET as a preferred Google source.

VPNs (virtual private networks) are suites of software often used as workarounds to avoid similar bans that have passed in states like Texas, Louisiana and Mississippi, as well as the UK. They can be purchased with subscriptions or downloaded, and are built into some browsers and Wi-Fi routers as well.

But Michigan’s bill would charge internet service providers with detecting and blocking VPN use, as well as banning the sale of VPNs in the state. Associated fines would be up to $500,000.

What the ban could mean for VPNs

Unlike some laws banning access to adult content, this Michigan bill is comprehensive. It applies to all residents of Michigan, adults or children, targets an extensive range of content and includes language that could ban not only VPNs but any method of bypassing internet filters or restrictions.

That could spell trouble for VPN owners and other internet users who leverage these tools to improve their privacy, protect their identities online, prevent ISPs from gathering data about them or increase their device safety when browsing on public Wi-Fi.

Read more: CNET Survey: 47% of Americans Use VPNs for Privacy. That Number Could Rise. Here’s Why

Bills like these could have unintended side effects. John Perrino, senior policy and advocacy expert at the nonprofit Internet Society, mentioned to CNET that adult content laws like this could interfere with what kind of music people can stream, the sexual health forums and articles they can access and even important news involving sexual topics that they may want to read. «Additionally, state age verification laws are difficult for smaller services to comply with, hurting competition and an open internet,» John added.

The Anticorruption of Public Morals Act has not passed the Michigan House of Representatives committee nor been voted on by the Michigan Senate, and it’s not clear how much support the bill currently has beyond the six Republican representatives who have proposed it. As we’ve seen with state legislation in the past, sometimes bills like these can serve as templates for other representatives who may want to propose similar laws in their own states.

Could VPNs still get around bans like these?

That’s a complex question that this bill doesn’t really address. When I asked NordVPN how easy it would be track VPN use, privacy advocate Laura Tyrylyte explained, «From a technical standpoint, ISPs can attempt to distinguish VPN traffic using deep packet inspection, or they can block known VPN IP addresses. However, deploying them effectively requires big investments and ongoing maintenance, making large-scale VPN blocking both costly and complex.»

Also, VPNs have ways around deep packet inspection and other methods. CNET senior editor Moe Long mentioned obfuscation like NordWhisper, a counter to DPI that attempts to make VPN traffic look like normal web traffic so it’s harder to detect.

There are also no-log features offered by many VPNs to guarantee they don’t keep a record of your activity, and no-log audits from third parties like Deloitte that, well, try to guarantee the guarantee. There are even server tricks VPNs can use like RAM-only servers that automatically erase data each time they’re rebooted or shut down.

If you’re seriously concerned about your data privacy, you can look for features like these in a VPN and see if they are right for you. Changes like these, even on the state level, are one reason we pay close attention to how specific VPNs work during our testing, and make sure to recommend the right VPNs for the job, from speedy browsing to privacy while traveling.

Correction, Oct. 9: An earlier version of this story incorrectly stated how RAM-only servers work. RAM-only servers run on volatile memory and are wiped of data when they are rebooted or shut down.

Technologies

AWS Outage Explained: Why Half the Internet Went Down While You Were Sleeping

Reddit, Roblox and Ring are just a tiny fraction of the hundreds of sites and services that were impacted when Amazon Web Services went down.

The internet kicked off the week the way that many of us often feel like doing: by refusing to go to work. An outage at Amazon Web Services (AWS) rendered huge portions of the internet unavailable on Monday morning, with sites and services including Snapchat, Fortnite, Venmo, the PlayStation Network and, predictably, Amazon, unavailable for a short period of time.

AWS is a cloud services provider owned by Amazon that props up huge portions of the internet. As with the Fastly and Crowdstrike outages over the past few years, the AWS outage shows just how much of the internet relies on the same infrastructure — and how quickly our access to the sites and services we rely on can be revoked when something goes wrong.

Around 4 a.m. PT, Reddit was still down, while services including Verizon and YouTube were still seeing a significant number of reported issues.