Why Digital Identity Credentials Need to Work Across State Lines, And How to Make It Happen

A registered nurse completes her Virginia license verification in February. By April, she's accepted a position in Maryland. Before she can start work, she must re-verify her identity with Maryland's nursing board, the state's new background check vendor, and the hospital's credentialing office.

Each requires original documents.
Each operates a different system.
None can consume the verification that Virginia already completed eight weeks earlier.

This isn't a corner case.

According to the National Conference of State Legislatures, nearly one in four U.S. workers requires an occupational license, and differences in state licensing rules often make it difficult for professionals to move and work across state lines. Every move can trigger duplicate verification work. Every re-verification introduces delay, friction, and opportunities for transcription error.

The infrastructure needed to reduce this duplication already exists. The barrier is not technology alone, it's how credentials are structured and how jurisdictions decide to trust one another's attestations.

Why Current Systems Fail at the Border

Most state identity verification systems were built to serve residents within a single jurisdiction. They were designed around local databases, local vendors, and local administrative workflows.

That model worked when people typically lived and worked in one place for decades. It struggles in a labor market where mobility is common. Three technical issues appear repeatedly:

Proprietary Data Schemas

Verification data is usually stored in vendor-specific systems with custom database structures. A licensing board in one state might store verification status in a relational database with internal status codes and vendor-defined fields. Another state may use a completely different schema.

Even if both agencies verified the same person using similar processes, there is often no shared data format for expressing “this person has been verified.”

Limited Trust Infrastructure

Even if two states could technically read one another's records, they still need a reliable way to confirm that the information is authentic and unaltered.

Most current systems rely on direct database access, API integrations, or manual document exchange. Without a cryptographic verification mechanism, receiving agencies cannot independently validate credentials issued elsewhere.

As a result, they repeat the verification process rather than relying on external attestations.

Incomplete Reciprocity Frameworks

Some professional domains have built interstate recognition frameworks. Driver's licenses are widely accepted across states, and professions such as nursing and medicine operate under interstate compacts. But these agreements typically recognize the license itself, not the underlying identity verification or credentialing process that produced it.

The result is a familiar pattern: even when states accept each other's licenses, they often still repeat identity verification and background checks.

What True Portability Requires

Making credentials portable across jurisdictions does not require a national identity database. In practice, portability depends on three foundational components working together.

Open Credential Standards

Credentials must be expressed in formats that independent systems can read and verify. Two standards are particularly relevant:

W3C Verifiable Credentials (VCs) provide a cryptographically verifiable data model for expressing claims about a person, organization, or device. When a credential is issued as a verifiable credential, another system can confirm its authenticity using the issuer's public key, without contacting the issuing agency directly.

This approach enables interoperability across vendors and jurisdictions. It also reduces reliance on proprietary integrations. More on this in Interoperability Without Lock-In: Why Standards Matter.

ISO/IEC 18013-5 mobile driver's license (mDL) defines how identity credentials can be presented from mobile devices with selective disclosure and offline verification. Several U.S. states have already implemented this standard for digital driver's licenses.

When credentials follow shared standards, portability becomes technically feasible without requiring every state to adopt the same software platform.

Policy Alignment Between Jurisdictions

Technical interoperability alone does not establish trust.

States still need policy frameworks that determine:

• Which credentials can be recognized across jurisdictions
• How recent a verification must be to remain valid
• What minimum standards issuing jurisdictions must follow
• What liability protections apply when relying on external credentials

These questions are inherently policy decisions. As discussed in Interoperability Is a Policy Decision, Not Just a Technical One, technical infrastructure can enable portability, but governance frameworks ultimately determine when and where it can be used.

Trust Infrastructure

Once standards and policy alignment are in place, jurisdictions still need a mechanism to verify credential issuers. Trust registries solve this problem by publishing:

• Authorized credential issuers
• Their public cryptographic keys
• Revocation information

A verifying system can check the registry to confirm that a credential was issued by a legitimate authority and remains valid. Some trust registries are centralized databases. Others use decentralized infrastructure that distributes authority across multiple participants. The key requirement is that verifiers can confirm issuer legitimacy without depending on direct system integrations.

This allows jurisdictions to maintain control over their own credential issuance systems while still enabling cross-jurisdiction verification.

Mobility and State Sovereignty

Credential portability raises a legitimate tension. States have the authority to set their own verification standards. At the same time, residents and businesses benefit when credentials remain usable after crossing jurisdictional boundaries.

This tension becomes visible in everyday situations:

• Teachers relocating between states may wait months before they can begin working.
• Healthcare workers moving for new jobs often repeat background checks and credential verification processes they completed weeks earlier.
• Companies transferring employees across state lines must navigate redundant administrative processes.

Addressing these challenges does not require states to surrender their authority. Instead, portability often emerges when jurisdictions agree on shared standards and minimum requirements while retaining control over their own credential issuance processes.

How Open Standards Strengthen State Digital Identity Governance explores how this balance can work in practice.

How Credential Portability Typically Emerges

Historically, cross-jurisdiction interoperability rarely appears all at once. It tends to develop gradually through smaller agreements that expand over time. Early efforts often begin with limited collaborations between jurisdictions that already share operational relationships. These projects usually focus on credential types where duplication costs are clearly visible.

Common examples include:

• Professional license verification
• Background checks conducted recently in another jurisdiction
• Educational credentials issued by public university systems

When early efforts prove reliable, they sometimes expand through regional cooperation frameworks. The United States already has numerous examples of regional policy coordination, including environmental regulatory programs and higher-education partnerships.

Over time, successful regional models can inform broader interoperability frameworks as standards mature and trust relationships deepen.

What This Means for Identity Infrastructure

For organizations responsible for building identity and credentialing systems, portability has architectural implications. Systems designed around proprietary data formats or tightly coupled vendor integrations tend to make cross-jurisdiction interoperability difficult. Systems built on open standards can more easily support portability when policy frameworks evolve. This distinction affects long-term flexibility.

Credential systems that issue credentials using widely adopted standards such as W3C Verifiable Credentials and ISO mDL can interoperate with future ecosystems without requiring large-scale system replacement.

Architectures that separate identity proofing, credential issuance, and verification components can also adapt more easily as policy frameworks evolve. Framework vs. Credential: Choosing the Right Model for State Identity explores these architectural considerations in more detail.

The Direction of Travel

Credential portability is not a futuristic concept. In several domains (driver's licenses, healthcare licensing, and digital identity standards), the building blocks already exist.

What remains uneven is how those building blocks are combined across jurisdictions.

As workforce mobility increases and digital credentials become more common, the ability for credentials to move across systems and jurisdictions will likely become more important. The technical infrastructure to support that interoperability is already emerging.

The remaining work lies in aligning standards, governance models, and trust frameworks so that credentials issued in one place can be reliably understood and verified somewhere else.

SpruceID works with governments to build the infrastructure that enables credential portability, from verifiable digital credentials and digital wallets to secure verification systems that work across agencies and jurisdictions. If your team is exploring how to modernize credential issuance or verification, get in touch with us to start the conversation.

About SpruceID: SpruceID builds digital trust infrastructure for government. We help states and cities modernize identity, security, and service delivery — from digital wallets and SSO to fraud prevention and workflow optimization. Our standards-based technology and public-sector expertise ensure every project advances a more secure, interoperable, and citizen-centric digital future.