EU Digital Identity Wallet

European Union (EU) and its Member States (MS) are getting closer and closer on the way of achieving one of their first milestones related to the strategic goal of enabling majority of EU citizens to access key public services online by 2030: creation of a first user-centric interoperable and secure European Digital Identity Wallet (EUDI Wallet). A digital wallet, also known as an e-wallet or mobile wallet, is a software-based application that securely stores documents or credentials (such as identity documents, driving licenses or even diplomas) in a digital way.

The journey started in 2021 as part of European Commission’s (EC) review of the existing electronic IDentification, Authentication and trust Services (eIDAS) Regulation. One of the assessment features was to put forward EU legislation, more specifically, to create a Proposal for establishing a framework for a European Digital Identity, through which the EUDI Wallet will be introduced. As eIDAS Regulation was introduced already in 2014, EC proposed to update and amend some of its elements, such as adding additional attributes (for example medical and scholar ones), in order to enhance cross-border recognition, or to elaborate on the requirement to only disclose that part of the personal data that is necessary to the service providers. One of EUDI Wallet’s objectives is to address these add-ons.

Following the setting up of the legislative Proposal, the eIDAS Expert Group focused on the technical aspects of the Wallet and thus adopted the EUDI Wallet Architecture and Reference Framework (ARF) in February 2023. ARF aims to indicate specifications based on common standards and practices to be considered should the wide-ranging interoperable EUDI Wallet be achieved by EU MS. As user-centricity is revolving substantially around the concept of EUDI Wallet, the specifications in proposed EU legislation should introduce concrete offerings speaking in the benefit of the user-centric solution. Is this so? In this article we aim to answer on this question.   

EUDI Wallet: On user-centricity

As per the proposed EU legislation, European wallet applications are envisioned to offer users three essential functionalities. Users will have the capability to utilize the application in the following ways:

1.    Electronically verify their identity.

2.    Present evidence of personal data and attributes.

3.    Electronically sign documents.

Also, the EU aims to give every EU citizen a set of strong credentials that will be recognized anywhere in Europe. Citizens will have the opportunity to securely store important documents, such as their driving license, passport, or diplomas, within their wallet.

The European wallet applications can be utilized for various other practical purposes. Some examples include:

·      Logging into government websites.

·      Filing tax declarations.

·      Verifying age.

·      Claiming medical prescriptions.

·      Opening bank accounts.

·      Checking in at hotels.

Another interesting feature is the selective disclosure, through which citizens will have the capability to selectively disclose specific data or attributes as needed. For instance, when renting a car, a citizen would only need to verify their eligibility to drive without revealing the entirety of their personal identity details to the car rental company. This selective disclosure approach allows for greater privacy and control over the information shared.

As seen in the fore-mentioned sample use cases, the EUDI objective is also to ensure that wallet applications have extensive usability across both public and private sector services. Additionally, the aim is to enable the utilization of wallet applications for verifying information in both electronic and in-person scenarios.

According to the EU's legislative proposal, public sector services would be required to accept wallet applications as a valid form of electronic identification for individuals. Furthermore, certain private sector fields of activity would also be obligated to accept wallet applications as a recognized form of electronic identification.

The proposed legislation also includes provisions for service providers who intend to integrate wallet applications with their services. These providers would be required to publicly announce their intention to support the use of wallet applications and provide information about the specific purposes for which the application can be utilized within their services.

Conclusion and next part

User-centricity is certainly one of the focal points of the European Digital Identity in the making. The more authority the user will have on what and with whom to share, the more secure the communication will be with the private providers, the more convenient, and thus attractive it will be for citizens to use their own digital identity and consequently, interesting for business to join this European-wide initiative. 

Finally, the question may occur how will the user-centric features be achieved, in a secure way? In our next article we will observe the technical aspects of the EUDI Wallet and identify the privacy-preserving techniques, which are aiming to add additional layer of security to the Wallet.