eIDAS 2.0 and the EUDI Wallet – the essentials

Who is this for? Readers new to eIDAS 2.0 and the EUDI Wallet. We explain what it is, who’s in scope, how it works, and how to implement it sensibly in public services and enterprises.

eIDAS 2.0 in a nutshell

• Regulatory goal: unify digital identity across the EU for fast, secure, cross-border online services.
• What’s new: mandatory acceptance of EUDI Wallets across the public sector and, in waves, selected private sectors (financial services, telecoms, large platforms, etc.).
• Business effect: shorter journeys, fewer errors, less data processed, consistent auditability.

Key milestones

→ Check the current status of implementing acts

What is the EUDI Wallet?

The EUDI Wallet is a user-controlled app/wallet using blockchain that stores verifiable credentials issued by trusted institutions. Instead of sending document scans, the user proves a specific attribute, e.g.:

• “I am 18+” (without revealing the date of birth),
• “I hold a category B driving licence”,
• “I am a resident of country X”,
• “I have entitlement Y”.

The three roles

• Issuer: a trusted entity (authority, university, bank) issuing a credential.
• Holder: the citizen/customer storing credentials in their wallet.
• Verifier: the organisation that requests and verifies attributes to make a decision.

Attributes vs documents

Rather than copying full documents, verifiers request only what is strictly necessary. This means:

• simpler and faster journeys,
• lower legal/operational risk (less personal data),
• improved GDPR alignment (data minimisation).

eIDAS 2.0 and the EUDI wallet examples – two concrete workflows

Public service onboarding (e.g., local benefit)

1. Online form → “Sign in with EUDI Wallet”.
2. The wallet asks to share attributes: “18+” and “residence” in the municipality.
3. The system verifies credentials and auto-fills the form.
4. The case proceeds – without uploading scans.

Outcome: fewer defects, shorter queues, p95 verification < 2 minutes.

Bank KYC/KYB onboarding

1. Customer selects “Verify via EUDI”.
2. The bank requests attributes: identity, tax residence, income proof if needed.
3. Credentials are pulled from issuers (administration, employer).
4. KYC decision – faster, with better auditability.

Outcome: less manual work, higher data quality, faster time to yes.

eIDAS 2.0 – what organisations must prepare

• Integration through an IdP/SSO or a dedicated relying-party gateway.
• Attribute mapping: which attributes are required per decision/process.
• Privacy/retention policies and a DPIA, including subject-rights handling.
• Auditable logs that remain privacy-preserving and exportable.
• Fallback path when wallets are temporarily unavailable.
• Performance/UX tests (incl. p95) and security hardening before the pilot.

The EUDI Wallet architecture

• Identity layer (IdP/SSO): orchestrates login, redirects to the wallet, receives attributes.
• Relying party (RP) verifier: validates signatures, validity and sources of credentials.
• Line-of-business systems: receive attributes only, not full documents.
• Evidentiary trail (optional): store hash + timestamp (off-chain/on-chain) without personal data for non-repudiation.

GDPR & security that really matters

• Minimisation: design on attributes; avoid collecting full documents.
• DPIA before go-live: data flows, retention, roles and access.
• Keys & logs hygiene: rotation, access separation, exportable audit.
• No personal data on-chain: if an evidentiary trail is needed, use a hash + timestamp.
• Security retests: before the pilot and after material changes.

eIDAS 2.0 – KPIs, risks and mitigation

KPIs:

• Completion rate,
• p95 attribute-verification time,
• abandonment during verification,
• timeliness of subject-rights handling.

Risks & fixes:

• Excess data collection → revisit attribute mapping and the DPIA.
• No fallback → define alternative and comms.
• Late hardening → schedule retests ahead of the pilot.
• Communication gaps → short user guidance and internal training.

Get your EUDI roadmap within 24 hours. One 30-minute session with an architect and an engineer and you’ll receive two mapped journeys, an IdP integration plan and a KPI set.