MOTUS + FreightProof

The government built identity verification. We built proof of compliance. Together, they're the full stack.

On May 28, 2026 — exactly two weeks after the Supreme Court's Montgomery v. Caribe Transport II decision — the U.S. Department of Transportation launched MOTUS, a new carrier registration system that replaces decades of legacy infrastructure with biometric identity verification, business validation, and modern fraud detection.

This is a significant step in the right direction. But it's only half the solution.

What MOTUS Does Well

MOTUS replaces the old Unified Registration System — a system so weak that all a fraudster needed was "an email, name, and physical address" to get a DOT number. The new system introduces:

Biometric Identity Verification (IDEMIA)

FMCSA partnered with IDEMIA Public Security — the same identity-proofing technology used by TSA at U.S. airports. New applicants and existing registrants must complete identity verification through government-issued ID scans and facial biometric matching. IDEMIA ranked #1 in the March 2026 DHS benchmark for selfie-to-document matching accuracy.

Business Validation (Thomson Reuters CLEAR)

Thomson Reuters CLEAR provides third-party business verification — validating legal names, principal places of business, ownership structures, and company officials. This targets "chameleon carriers" that shut down to escape penalties and reopen under new names.

Federated Authentication (Login.gov)

All MOTUS accounts link through Login.gov, the federal government's shared authentication service. One identity, one login, tied to a verified individual.

Scale

Approximately 800,000 existing registrants must re-verify through MOTUS. Several thousand suspicious registration numbers tied to fraudulent carriers have been identified for review.

Transportation Secretary Sean Duffy: "The lack of accountability is disturbing, and it's killed American families on our roads."

Where MOTUS Stops Short

MOTUS is identity proofing at registration time. It answers one question: "Is this carrier who they claim to be?" That's necessary. But it's not sufficient.

Here's what MOTUS doesn't do:

No Cryptographic Records

FMCSA still does not cryptographically sign their safety data. A carrier's operating status, crash history, safety rating, and BASIC scores are delivered as database entries — not as signed, verifiable documents. There is no way to prove what the data showed at a specific moment.

No Dispatch-Time Verification

MOTUS checks you once, at registration. It doesn't check you at the moment a broker dispatches a load to you. A carrier verified through MOTUS today could have:
  • A fatal crash tomorrow
  • An insurance lapse next week
  • An unqualified driver behind the wheel on Friday
  • A conditional safety rating by next month

    • None of that is captured at the point where it matters most — the dispatch decision.

    No Driver-Level Identity

    MOTUS verifies the company. It does not verify the specific driver who will be behind the wheel on a specific trip. Post-Montgomery, brokers need to know not just that the carrier is legitimate, but that the driver is qualified and the vehicle is fit.

    No Trip-Level Evidence

    There is no connection in MOTUS between "this carrier is registered" and "this specific load was dispatched to this carrier with this driver and this truck at this time." That per-trip evidence is exactly what a court will demand under Montgomery.

    No Offline Verification

    When FMCSA went offline for weeks during the MOTUS migration, nobody could verify anyone. A centralized database is a single point of failure. Cryptographic proof works offline — the math doesn't need a server.

    The NIST Zero Trust Gap

    The federal government's own cybersecurity standards — specifically NIST SP 800-207 (Zero Trust Architecture) — require:

  • "Never trust, always verify" — no implicit trust, even for federal databases
  • Cryptographic attestation of state at every access
  • Continuous verification, not one-time enrollment
  • Data provenance — traceability of origin, history, and integrity

    • MOTUS meets the enrollment standard. It does not meet the zero-trust standard. The trucking industry is now operating with 2026 identity proofing but 2005-era data verification.

    That gap is exactly what FreightProof closes.

    FreightProof: The Proof Layer on Top of Government Identity

    RequirementMOTUSFreightProof
    Carrier is who they claim to beYes — biometric + business verificationInherits MOTUS verification status
    Safety data is current at dispatch timeNo — static databaseYes — snapshot hashed at dispatch moment
    Data is cryptographically signedNoYes — SHA-256 + optional blockchain anchor
    Driver is verified for this tripNoYes — driver wallet with CDL, medical, certs
    Vehicle is fit for this tripNoYes — vehicle wallet with inspections
    Evidence is independently verifiableNo — must check FMCSA websiteYes — anyone recomputes the hash
    Works when FMCSA is offlineNoYes — proof is self-contained
    Per-trip audit trail existsNoYes — Trip Wallet seals carrier + driver + vehicle + route

    MOTUS is the foundation. FreightProof is the building.

    The government verifies who you are. FreightProof proves what the data showed about you at the exact moment a dispatch decision was made. One is identity. The other is evidence.

    The TCG Parallel

    This architecture mirrors exactly how hardware security has worked for twenty years. In the Trusted Computing Group (TCG) model:

  • The TPM (Trusted Platform Module) is the hardware root of trust — it proves the device is genuine at boot time. This is MOTUS: identity at enrollment.
  • Remote attestation proves the device's current state — what software is running, whether it's been tampered with, what its configuration is right now. This is FreightProof: proof of state at runtime.

    • One without the other is incomplete. A genuine device running compromised software is still dangerous. A registered carrier with a deteriorated safety record is still a liability.

    The trucking industry is getting its TPM (MOTUS). It still needs its attestation protocol (FreightProof).

    Working With the Government

    FreightProof is not competing with MOTUS. We're completing it.

    FMCSA has signaled with MOTUS that they take identity and fraud seriously. The next logical step is extending that identity verification from registration time to transaction time — from "this carrier is genuine" to "this carrier was safe to dispatch to at this specific moment."

    Areas for Collaboration

  • Cryptographic attestation of FMCSA data — enabling the government to sign its own safety records so they're verifiable without checking a website
  • Per-transaction compliance proof — extending MOTUS identity into per-dispatch evidence
  • SBIR research — "Cryptographic attestation layer for MOTUS-verified carrier data"
  • Continuous monitoring — using the FreightProof data wallet model to create ongoing, verifiable compliance documentation between registration events

    • The FIPS/NIST Alignment

    FreightProof's cryptographic architecture aligns with federal standards:

  • SHA-256 — FIPS 180-4 approved hash function
  • Timestamping — RFC 3161 compatible
  • Data integrity — NIST SP 800-175B guidelines for cryptographic standards
  • Zero trust — NIST SP 800-207 architecture principles

    • The technology is government-grade. The application is freight-specific. The opportunity is to bring the two together.

    The Timeline That Created This Moment

    DateEventImpact
    May 14, 2026Montgomery v. Caribe Transport II — Supreme Court rules 9-0Brokers can be sued for negligent carrier selection
    May 19, 2026FMCSA begins MOTUS migrationRegistration system offline for transition
    May 28, 2026MOTUS launches with IDEMIA biometricsCarrier identity verification modernized
    June 2026FreightProof Proof of Good Care goes livePer-dispatch cryptographic evidence available

    In six weeks, the industry went from no liability, no identity verification, and no proof — to full liability, government-grade identity, and cryptographic evidence. The pieces are all on the board. The question is who assembles them.

    > "MOTUS verifies who you are. FreightProof proves what you knew. Together, they're the zero-trust stack for American freight."

    Learn more: How FreightProof Works · The Economics of Proof · For Owner-Operators