The Short Answer
It is the single most common question people ask before they ever look at a price list. The short answer is that the scan is not magic. A door scanner reads the data printed into the barcode or magstripe on the back of a card and checks whether that data is formatted the way a real credential would be. Whether a fake "scans" depends entirely on whether that encoded data was built correctly.
This guide has what a scan actually tests explained in plain terms: the difference between the PDF417 barcode and the magstripe, why the cheapest fakes fail instantly, and what passing a scan does and does not prove. For a wider view of how checks fit together at the door, visit the ID verification hub.
What a Scan Actually Tests
When a bar or store runs a card through a reader, the device is not phoning a government database. It is decoding the machine readable layer on the card and confirming that the structure matches the AAMVA DL/ID Card Design Standard, the national format every US jurisdiction follows. The scanner looks for a valid document format, a birthdate that clears 21, an expiration date that has not passed, and fields that line up with each other.
Because the check is about data structure rather than live identity, a correctly encoded card can pass and a sloppily encoded one fails on contact. That is why two fakes that look identical to the eye can behave completely differently under a reader. For the device side of this in more depth, see how digital ID scanners work.
The PDF417 Barcode on the Back
The rectangular block of stacked bars on the back of a US license is a PDF417 barcode. It holds a defined set of fields (name, date of birth, address, document number, issue and expiration dates) in the order and format the national standard requires. Most modern scanners read this barcode rather than the magstripe.
A fake fails the barcode test when the encoded data is missing required fields, uses the wrong field order, or contains a birthdate that does not match the printed front. For the full breakdown of what this barcode encodes and why mismatches give cards away, see what the PDF417 barcode encodes.
Magstripe Reads and Older Hardware
Some older readers, hotel desks, and certain state systems still pull from the magnetic stripe. The magstripe carries a smaller, swipe-based version of the same identity data across its tracks. A card that scans cleanly on a barcode reader can still fail a swipe if the magstripe is blank or encoded incorrectly, which is why a single card sometimes passes at one venue and fails at the next.
The practical takeaway is that "scannable" is not one feature. A card has to satisfy whichever layer the venue happens to read, and high-traffic venues increasingly read both. Which state the card claims feeds into this too, because the encoding and the current template have to match. For what actually makes a card scannable, see scannable fake IDs, and for how state choice factors in, see the best state to choose.
Why the Cheapest Fakes Fail Instantly
Many bargain cards print a convincing front and back but leave the barcode either blank, copied from a template, or filled with data that does not match the printed details. A reader catches that in under a second. The mismatch between the front of the card and the decoded barcode is one of the fastest tells door staff ever see.
- Blank or garbled barcode that returns an error on scan
- Decoded birthdate that does not match the printed birthdate
- Wrong field order or missing required data elements
- Magstripe that is dead when a venue swipes instead of scans
What Passing a Scan Does Not Prove
A clean scan only confirms that the encoded data is well formed and clears the age threshold. It does not confirm that the card is genuine or that the person holding it is the owner. This is the exact gap a borrowed real ID falls into, since its data is genuine but the face is not; see using someone else's ID vs a fake ID. That gap is exactly why trained door staff still do a physical and behavioral check after the beep. For the human side of the door decision, see how bouncers check IDs, and for the manual visual tells, see how to spot fake IDs by hand.
The newest layer of verification removes the encoded-data shortcut entirely. Mobile credentials are signed cryptographically, so the data cannot simply be re-encoded onto a blank card. See how mobile driver's licenses change the math for where this is heading.
When you are ready to order, see the price list.
Frequently Asked Questions
Do scanners check a government database in real time?
FAQTypically no. A standard door scanner decodes the data stored on the card and checks its format and age, but it does not query a live state database. That is a common misunderstanding about how the scan works.
What is the PDF417 barcode for?
FAQIt is the stacked barcode on the back of a US license that stores identity fields in a national standard format. Most modern readers decode this barcode rather than the magnetic stripe.
Why does one card scan at one place but fail at another?
FAQVenues read different layers. A card may have a valid barcode but a dead magstripe, so it passes a barcode reader and fails a swipe reader. High-traffic venues increasingly read both.
If a fake scans, does that mean it is safe to use?
FAQNo. Passing a scan only means the encoded data is well formed. It does not prove the card is genuine, and trained staff still run a physical and behavioral check after the scan.
What makes cheap fakes fail the scan?
FAQUsually the barcode is blank, copied from a template, or encoded with data that does not match the printed front. A reader flags that mismatch almost instantly.
Can a mobile driver's license be faked the same way?
FAQNot by the same method. Mobile credentials are cryptographically signed, so the data cannot just be re-encoded onto a blank card the way a physical barcode can.