Skip to content

Ecosystem Vision & Fundamentals

EUDI Wallet Ecosystem Overview

The EUDI Wallet ecosystem comprises various roles and systems essential for delivering value to users, organizations, and society. While inherently complex, the ecosystem also interacts with external actors and systems that serve as core enablers or supervisory entities. Figure 1 provides an overview of the EUDI Wallet ecosystem, illustrating its key roles along with adjacent roles and systems. For authoritative and legally binding definitions, please refer to the EU eIDAS 2.0 Regulation.

EUDI Wallet Ecosystem Overview.

Figure 1: EUDI Wallet Ecosystem Roles and Components

German eID Card (Outside German EUDI Wallet Ecosystem)

The German eID Card (nPA) serves as a primary PID source, enabling the PID provider to provide PID data to the EUDI Wallet upon the user's request. The eID system encompasses the eID for German citizens, the Unionsbürgerkarte for EU citizens, and the elektronischer Aufenthaltstitel for non-German and non-EU citizens. The Architecture for the German electronic Identity Card and electronic Resident Permit is specified in the BSI Technical Guideline TR-03127.

EUDI Wallet Ecosystem Orchestrator

The ecosystem orchestrator is responsible for overseeing the development, implementation, and operation of the EUDI wallet ecosystem, while coordinating and consulting with both public and private stakeholders. In addition, the orchestrator facilitates testing environments, supports ecosystem onboarding, and ensures transparency regarding activities within the EUDI Wallet ecosystem.Further details can be found in the EGOM section of this concept.

PID Provider

A PID Provider is a trusted entity responsible for: - verifying the identity of the user in compliance with LoA high requirements, - issuing a PID to the Wallet, and - making available, in a privacy preserving way, information for Relying Parties to verify the validity of the PID.

The PID Provider ensures that person identification data, such as name and date of birth, is securely generated, validated, and seamlessly provided. The PID provider is part of the infrastructure of the German EUDI Wallet ecosystem. In the future, additional PID issuance methods that meet the functional and security requirements may be evaluated as part of the German EUDI Wallet project. The EUDI wallet ecosystem envisions a single PID provider.

EUDI Wallet Registrar

The EUDI Wallet Registrar is responsible for managing the registration and oversight of Wallet Providers within the EUDI Wallet ecosystem. It ensures that only compliant and certified providers are listed, helping maintain trust and security by verifying that Wallet Providers meet the required technical, security, and regulatory standards. The EUDI wallet ecosystem envisions a single EUDI Wallet Registrar.

EUDI Wallet Providers

A Wallet Provider offers users a combination of trusted products and services, ensuring sole control over their Person Identification Data (PID), Electronic Attestations of Attributes (QEAA, PuB-EAA, or EAA), and any other personal data within their Wallet Unit. This includes safeguarding sensitive cryptographic material (e.g., private keys) related to the wallet. By doing so, the EUDI Wallet Provider delivers a certified interface that allows citizens to manage their data securely while enabling, amongst others, pseudonymous logins, and the authorizations for payments, and qualified electronic signatures. The EUDI wallet ecosystem vision envisions multiple EUDI wallet providers.

EUDI Wallet Conformity Assessment Bodies EUDI Wallet Conformity Assessment Bodies are independent entities responsible for evaluating whether EUDI Wallets meet the required security, interoperability, and compliance standards set out under eIDAS 2.0. These bodies must be accredited under the EUDIW certification scheme. They perform assessments and audits as part of the EUDI Wallet certification process—initially based on national certification schemes and, later, on a unified European certification scheme. Their role is to ensure that Wallet Providers fully comply with all regulatory and technical requirements.

Relying Parties

A Relying Party (RP) is an entity that interacts with EUDI Wallets to verify a user’s identity and attributes for authentication, authorization, or service access. The scope of the EUDI Wallet ecosystem is to create a public and private ecosystem. Both public and private Relying Parties must register and declare their intended use of the EUDI Wallet to ensure compliance with the EUDI wallet ecosystem based on the eIDAS 2.0 regulation. The EUDI wallet ecosystem envisions multiple public, civic and private RPs.

RP Registrar

The RP Registrar (Relying Party Registrar) is responsible for the registration, validation, and oversight of all EAA Providers and Relying Parties that interact with EUDI Wallets. It ensures that EAA providers and Relying Parties declare their intended uses, comply with eIDAS 2.0 regulations, and operate transparently to maintain trust and security within the EUDI Wallet ecosystem. The EUDI wallet ecosystem envisions a single RP registrar.

Consumer Protection Organizations/Public (Outside German EUDI Wallet Ecosystem)

Consumer protection organizations and the general public can access the declared intended uses of relying parties interacting with EUDI Wallets, as these must be registered with the RP registrar. This information will be published online in machine-readable formats, ensuring transparency and enabling public oversight. Consumer Protection Organizations and the Public encompass multiple actors and stakeholders.

(State) Data Protection Supervisory Authority (Outside German EUDI Wallet Ecosystem)

Federal and State Data Protection Supervisory Authorities oversee the EUDI Wallet ecosystem, ensuring compliance with data protection regulations and enforcing corrective measures in cases of non-compliance. Citizens using EUDI Wallets from their chosen providers can report any suspected misuse during interactions with relying parties to the relevant data protection authorities. Multiple (State) Data Protection Supervisory Authorities interact with the EUDI wallet ecosystem.

EUDI Wallet Certification Scheme

The EUDI Wallet Certification Scheme is a standardized framework that defines the security, interoperability, and compliance requirements for EUDI Wallets within the eIDAS 2.0 ecosystem. It ensures that Wallet Providers meet strict regulatory, technical, and security standards before their solutions are certified and approved for official use. Through this scheme, EUDI Wallets create trustworthiness, ensure data protection, and seamless cross-border functionality across the EU. The EUDI wallet ecosystem will have a single certification scheme.

Further Roles & Systems

Note: Not shown in Figure 1

Authentic Sources (Outside German EUDI Wallet Ecosystem)

Authentic Sources are public or private repositories or systems, recognised or required by law, containing attributes about natural or legal persons. Authentic Sources are sources for attributes on, for instance, address, age, gender, civil status, family composition, nationality, education and training qualifications titles and licences, professional qualifications titles and licences, public permits and licences, or financial and company data. Authentic sources are outside of the German EUDI Wallet Ecosystem as they are not part of the project scope of the German EUDI Wallet project.

(Q-, Pub-) EAA Provider

An (Q-, Pub-) EAA Provider is an entity responsible for issuing Electronic Attestations of Attributes (EAAs) at the user's request within the EUDI Wallet ecosystem. EAAs allow users to prove specific attributes within the EUDI Wallet ecosystem in a secure, standardized, and legally recognized way. Qualified Electronic Attestation of Attributes (QEAA) Providers meet the highest eIDAS 2.0 trust and security standards, issuing legally binding attestations recognized across borders, while Public Electronic Attestation of Attributes (Pub-EAA) Providers are trusted public entities that issue legally recognized but non-qualified attestations. EAA providers can be from any domain (e.g. telecommunication, mobility) and the EAAs they issue may hold legal status and meet high security requirements specific to their domain. EAA providers are typically supervised by a competent authority within their domain. The EUDI wallet ecosystem envisions multiple (Q-, Pub-) EAA Providers.

QES-Provider/QTSP (Outside German EUDI Wallet Ecosystem)

EUDI Wallet providers must offer users free Qualified Electronic Signatures (QES) for non-professional use within a wallet-centric QES approach. To ensure compliance with eIDAS 2.0, they may need to collaborate with a Qualified Trust Service Provider (QTSP) for the issuance and management of qualified electronic signatures. A Qualified Trust Service Provider (QTSP) is a trust service provider that has received qualified status from a supervisory body in an EU member state. This status allows the provider to offer qualified trust services, which carry legal effects equivalent to handwritten signatures or other legally recognized processes across the EU. The EUDI wallet ecosystem interacts with multiple QES-Providers/QTSPs.

PubEAA Trusted List

The PubEAA Trusted List is an official registry that lists recognized and accredited entities that provide PubEAAs. PubEAAs are electronic attestations of attributes issued by public entities such as social security status or tax information. The EUDI wallet ecosystem envisions a single PubEAA Trusted List.

Authentic Sources Trusted List

The Authentic Sources Trusted List is an official registry that lists recognized and accredited entities of all member states. Authentic Sources are public or private repositories or systems, recognised or required by law, containing attributes about natural or legal persons. Authentic Sources are sources for attributes on, for instance, address, age, gender, civil status, family composition, nationality, education and training qualifications titles and licences, professional qualifications titles and licences, public permits and licences, or financial and company data. The EUDI wallet ecosystem envisions a single Authentic Sources Trusted List.

QEAA Trusted List

The QEAA Trusted List is a registry of Qualified Electronic Attestation of Attributes (QEAA) Providers that meet the highest eIDAS 2.0 trust and compliance standards. It ensures that only accredited entities can issue legally binding electronic attestations of attributes that are equal to paper for use in the EUDI Wallet ecosystem. The EUDI wallet ecosystem envisions a single QEAA Trusted List.

Domain-Specific EAA Lists

Domain-Specific EAA Lists are specialized registries that catalog Electronic Attestation of Attributes (EAAs) issued for specific sectors or use cases, such as healthcare, education, mobility, telecommunication or banking and insurance. These lists ensure that only recognized and trusted entities within a particular domain can issue and manage verified attributes for use in the EUDI Wallet ecosystem, supporting sector-specific regulatory and interoperability requirements. The EUDI wallet ecosystem envisions multiple Domain-Specific EAA lists.