This page tries to visualize the EU Digital Identity wallet ecosystem in different ways to create an understanding of how it could work.

Table of contents

Aspects affecting the wallet ecosystem

• The regulatory aspects in eIDAS

  • eIDAS

eIDAS 2 (not finalized)

• The Architecture and Reference Framework (github)

• Wallet reference implementation

  • Being built by Netcompany and Scytales
  • Tender information for the Wallet Reference Implementation

• Large scale pilots

  • DC4EU - Digital Credentials for EU
  • EWC - EU Digital Identity Wallet Consortium
  • Potential - PilOTs for EuropeaN digiTal Identity wALlet
  • NOBID - Nordic-Baltic eID
  • VECTOR - Verifiable credentials and Trusted Organisations Registries
• Standards
  • W3C VC
  • OID4VCI
  • OID4VP
  • SIOPv2
  • SD_JWT
  • ISO/IEC 18013-5:2021

The ecosystem according to the ARF

Below picture is taken from the ARF v1.0.0. For a more detailed explanation of each role see the ARF.

End Users of EUDI Wallets

Users of EUDI Wallets use the EUDI Wallet to receive, store and present attestations (PID, QEAA or EAA) about themselves, including to prove their identity.

EUDI Wallet Providers

EUDI Wallet Provider are Member States or organisations either mandated or recognized by Member States making the EUDI Wallet available for end Users.

Person Identification Data Providers

PID Providers are trusted entities responsible to:

• verify the identity of the EUDI Wallet User in compliance with LoA high requirements,

• issue PID to the EUDI Wallet in a harmonised common format and

• make available information⁹ for Relying Parties to verify the validity of the PID.

Trusted Lists providers

The specific status of a role in the EUDI Wallet ecosystem shall need to be verified in a trustworthy manner.

Qualified Electronic Attestation of Attributes (QEAA) Providers

Qualified EAA are provided by QTSPs.

Non-qualified Electronic Attestation of Attributes (EAA) Providers

Non-qualified EAA can be provided by any Trust Service Provider.

Qualified and non-qualified certificate for electronic signature/seal Providers

Article 6a(3) of COM(2021)281 final requires the EUDI Wallet to enable the User to create qualified electronic signatures or seals.

Authentic Sources

Authentic Sources are the public or private repositories or systems recognised or required by law containing attributes about a natural or legal persons.

Relying Parties

Relying Parties are natural or legal persons that rely upon an electronic identification or a Trust Service.

Conformity Assessment Bodies (CAB) Supervisory bodies

The EUDI Wallets must be certified by accredited public or private bodies designated by Member States. QTSPs need to be audited regularly by Conformity Assessment Bodies (CABs).

Supervisory Bodies

The supervisory bodies are notified to the Commission by the Member States, which supervise QTSPs and act, if necessary, in relation to non-qualified Trust Service Providers.

Device manufacturers and related subsystems providers

EUDI Wallets will have several interfaces with the devices they are based on.

(Q)EAA Schema Providers

(Q)EAA Schema Providers publish schemas and vocabularies describing (Q)EAA structure and semantics.

National Accreditation Bodies

NABs monitor the CABs to which they have issued an accreditation certificate.

Ecosystem visualisation and examples

Wallet configuration according to the ARV v1.0.0

Simple design of the EUDI Wallet ecosystem for Verifiable Credentials (VC) and Verifiable Presentations (VP).

Slightly more detailed image showing the (Q)EAA and verifier parts of the issuer and relying party.