Skip to content

EUDI - discovered, explained

EUDI & eIDAS

European Digital Identity Wallet

Digital identities are becoming increasingly important in everyday life - whether for online banking, accessing government services or proof of age. The EUDI Wallet in combination with the eIDAS Regulation 2.0 is intended to offer users a secure, trustworthy and Europe-wide recognised way to digitally manage their identity data and official documents such as boarding passes and tickets.

Eine Person hält ein Smartphone in der Hand auf dessen Bildschirm ein geschlossenes Bügelschloss zu sehen ist.

EUDI Wallet & eIDAS

The EUDI wallet (European Digital Identity Wallet) is a digital wallet that can be used throughout the EU. It stores secure identity data and official documents (e.g. ID card, driving licence, diplomas), enables authentication, digital signatures and selective sharing of this data - always under full user control. This sensitive data must be especially protected.

The legal framework is provided by the eIDAS Regulation (2014, updated in 2024 as "eIDAS 2.0") for electronic identification, authentication and trust services (e.g. electronic signatures). It ensures that national eID systems are recognised and interoperable across the EU. With eIDAS 2.0, all member states are obliged to offer or authorise certified EUDI wallets by the end of 2026. TÜViT has been one of the first companies in Germany to be accredited as an eIDAS conformity assessment body since 2016.

Special features of the EUDI wallet and the eIDAS Regulation

EUDI-Wallet

  • Digital wallet: Secure storage of identity data and official documents (e.g. ID, driving licence, certificates).
  • High level of data protection and security: users retain full control over their data.
  • Can be used throughout the EU: Cross-border use throughout the EU.
  • Reliable proof of identity when dealing with digital authorities, concluding contracts or using online services.
  • Selective sharing: Only the necessary information needs to be disclosed (e.g. proof of age without date of birth).
  • Compatibility with everyday applications: Easily manage digital boarding passes, tickest or bank cards on your smartphone.
  • Open and participatory: Involvement of administration, civil society, companies and citizens.

eIDAS Regulation

  • Legal framework for digital identities and trust services within the EU.
  • Obligation for all EU states to provide at least one certified EUDI wallet by the end of 2026.
  • Interoperability: National systems must be recognised and usable across borders.
  • Enables qualified electronic signatures, seals and time stamps with legal binding.
  • Trust service providers regulated (e.g. for certificates, website authentication and digital postal services).
  • Promotes digital sovereignty and independence from non-European platforms

We will support you – no matter what

Get started at last!

We advise you

TÜV NORD IT Secure Communication I Berlin
To the consulting services Contact us
Goal achieved?

We check that

TÜV Informationstechnik I Essen
To the test offers Contact us

Frequently Asked Questions (FAQ)

What you need to know about EUDI & eIDAS

  • Secure identification: The wallet must securely store, manage and validate personal identification data and electronic attribute certificates (e.g. driving licence, university degree) and enable user-controlled sharing
  • Online & offline use: The EUDI wallet should function flexibly in both scenarios and support combined proofs of identity.
  • Free of charge & voluntary: The wallet is available to users free of charge and without obligation.
  • High IT security & data protection: Onboarding and operation must be carried out at the "high" level of trust - including protection against tracking, untraceability (unlinkability) and complete control by users over their data.
  • Open source: The source code of the wallet components must be available under an open source licence to promote transparency and trust.
  • Embedding high security standards: Certification according to eIDAS, compliance with the European Cyber Security Act, as well as technical specifications from the Architecture and Reference Framework (ARF).
  • Transparent logging: Every data transfer is logged in the user dashboard in a traceable manner electronic-trust-services.com.

These requirements ensure that the EUDI wallet is trustworthy, robust and privacy-friendly - and gives users control over their digital identity.

The eIDAS 2.0 Regulation places high demands on IT security, data protection and the reliability of digital identities. It obliges all EU member states to provide at least one trustworthy and certified EUDI wallet that is interoperable across Europe. Systems must be highly robust against cyberattacks and guarantee the protection of personal data. Users should retain control over their data at all times. The technical implementation must also be trustworthy, transparent and secure in the long term.

  • Creation, verification and validation of electronic signatures, electronic seals or electronic time stamps and electronic registered delivery services and certificates relating to these services
  • Creation, verification and validation of certificates for website authentication
  • Preservation of electronic signatures, seals or certificates relating to these services
  • In order to ensure a successful eIDAS deployment beyond the actual conformity assessment, TÜVIT also offers accompanying services. These include, in particular, preparatory assessments, audits, coaching and support services.

  • Create an IT security concept
    Develop a robust IT security concept at a "high level of trust", including risk analysis, protective measures and emergency plans.
  • Implement data protection management
    Integrate data protection principles such as data minimisation, purpose limitation and transparency (in accordance with GDPR), including privacy by design and by default.
  • Implement technical requirements
    Comply with the Architecture and Reference Framework (ARF) and the future implementing acts of the EU Commission. This includes cryptographic procedures, identity verification, logging and interoperability.
  • Check open source requirements (for EUDI wallets)
    The source code must be publicly accessible and traceable - ideally with documented security checks.
  • Carry out internal audits
    Carry out preliminary audits to identify vulnerabilities before the official certification process begins.
  • Select a recognised conformity assessment body
    For the actual certification, an audit must be carried out by an accredited body (e.g. BSI in Germany or a notified body in accordance with eIDAS).
  • Allow time
    Preparation and certification together can take up to 24 months - timely planning is crucial.

Haven't found what you're looking for yet?

Close-up of SIM card and memory card for a smartphone.
Secure Chips & Microcontrollers
IT baseline protection
Information security for KRITIS