[dwaite]

Typically if presenting in person (such as airport security) you would need to also release your picture, which would show up on the TSA agent's terminal next to a big green checkmark for the valid cryptographic signature.

Without the picture? My understanding is that release does require authentication, and the message could disclose whether that was done with say the fingerprint used when the license was added to the phone.

The use of cryptographic signatures means the weakest link would likely be the identity verification process of the issuing DMV (or their app).