The European Digital Identity Wallet framework creating unprecedented PKI demand — every EU citizen will have access to a wallet for secure identification, authentication, and electronic attestation of attributes.
The EUDI Wallet is the flagship initiative of eIDAS 2.0. Each EU member state must offer at least one digital identity wallet by 2026, enabling citizens and residents to securely identify themselves, authenticate online, and present verified credentials across borders.
Wallets will store Person Identification Data (PID), Qualified Electronic Attestations of Attributes (QEAA), and electronic documents such as driving licenses and diplomas. The entire infrastructure relies on PKI at massive scale: wallet attestations, relying party certificates, trust anchors, and qualified electronic signatures.
This creates the largest PKI deployment in European history. With over 450 million potential users, the wallet ecosystem demands certificate issuance, management, and validation infrastructure capable of operating at population scale while maintaining the highest security and interoperability standards.
Each wallet instance requires cryptographic attestation certificates proving the wallet's integrity, authenticity, and compliance with the trust framework.
Member states must issue verifiable Person Identification Data to wallet holders, backed by qualified electronic attestations and strong PKI-based identity binding.
QEAAs allow wallet holders to present verified attributes (diplomas, licenses, professional qualifications) with legally binding value across the EU.
Every service accepting wallet credentials must authenticate itself with certificates, ensuring wallet holders can verify who is requesting their data before sharing.
Wallets must use a certified Secure Cryptographic Device (WSCD) for key management, ensuring private keys are generated, stored, and used in a tamper-resistant environment.
Wallets must work seamlessly across all 27 member states, requiring standardized protocols, trust lists, and certificate validation mechanisms for universal acceptance.
The European Commission proposes a framework for a European Digital Identity, amending the eIDAS regulation to introduce digital identity wallets.
The revised eIDAS regulation is formally adopted. The Architecture Reference Framework v1.4 provides detailed technical specifications for wallet implementation.
EU-funded large-scale pilots (LSPs) across multiple member states conclude, validating wallet architecture, interoperability, and user experience.
Every EU member state must provide at least one European Digital Identity Wallet to its citizens and residents.
Public services and large online platforms must accept the EUDI Wallet for identification and authentication, achieving full cross-border interoperability.
The EUDI Wallet creates the most significant expansion of PKI infrastructure in European history, demanding certificate management at an entirely new scale. Here are the critical areas:
With over 450 million EU citizens and residents, the wallet ecosystem requires certificate issuance infrastructure capable of handling massive volumes while maintaining security and availability.
Every wallet instance requires device-bound attestation certificates proving integrity and compliance, with continuous lifecycle management for provisioning, renewal, and revocation.
Every online service, public administration, and platform accepting wallet credentials must obtain and maintain relying party certificates, creating a vast new certificate ecosystem.
Cross-border interoperability requires harmonized trust anchor management, standardized trust lists, and automated validation across all member state PKI infrastructures.
Stream provides CA infrastructure for wallet credential issuance at scale — Our sovereign PKI platform delivers the high-availability Certificate Authority infrastructure needed to issue wallet attestation certificates, PID credentials, and QEAAs at population scale.
Horizon manages millions of certificates across the wallet ecosystem — Our CLM platform provides the governance, discovery, and lifecycle automation needed to manage the unprecedented volume of certificates the EUDI Wallet generates.
Automated provisioning and rotation for wallet attestations — Automate the complete lifecycle of wallet attestation certificates, from initial provisioning through periodic rotation, ensuring continuous compliance without manual intervention.
Policy enforcement for wallet trust framework compliance — Enforce certificate policies aligned with the EUDI Wallet Architecture Reference Framework, ensuring all issued credentials meet interoperability and security requirements.
