The first working demo of a web based EU digital identity wallet leveraging FIDO open authentication standards

By admin
As part of the revision of the

EU
ORG

common identity framework regulation, also known as eIDAS 2.0, the

EU
GPE

Member States will all implement a new common structure for electronic credentials based on digital identity wallets. The revision is set to take effect everywhere in the

EU
ORG

sometime

between 2025 and
DATE


2026
DATE

.

Over 250
CARDINAL

private companies and government authorities across

25
CARDINAL


EU
GPE

Member

States
GPE

and

Norway
GPE

,

Iceland
GPE

, and

Ukraine
GPE

are participating in

four
CARDINAL

large scale pilots to develop the underlying technology and test real-life use cases across the

EU
ORG

.

As opposed to the widespread use of federated identities, where cloud-based digital identity providers are the central points for users to access any number of online services,

the EU Digital Identity
ORG

(EUDI) wallet aims to offer a new approach where the user is in control of when and where their personal data is shared and with whom. User credentials and data will include things like driver’s licenses, insurance cards, work and student visa, travel documents, credit card data, educational credentials, digital medical prescriptions, etc.


Yubico
PRODUCT

has been invited to join as associate partner in

EWC
ORG

,

one
CARDINAL

of the

four
CARDINAL

EUDI wallet large scale pilots, and will formalize the membership

later this year
DATE

. The

EWC
ORG

project was co-founded by

Swedish
NORP

government agencies including

DIGG
ORG

(Agency for

Digital Government
ORG

), Bolagsverket (Companies Registration Office) and

Vetenskapsrådet
PERSON

(

Research Council
ORG

) and

Sunet (University Computer Network
ORG

). Bolagsverket is together with

the Finnish Ministry of Finance
ORG

the coordinator of

EWC
ORG

.

The objective has been to demonstrate an ARF-compliant wallet architecture that is independent of major phone and platform providers, yet secure and easy to use.

GUnet
ORG

(

Greek Universities Network
ORG

) has developed an open source web based identity wallet.

Yubico
PRODUCT

, along with

GUnet
ORG

and other research and education networks including

Sunet in Sweden
ORG

, have collaborated in adding support for FIDO-based authentication and encryption.

The importance of FIDO in securing digital wallets

FIDO is a global open standard for user authentication supported by all major web browsers on both desktop and mobile platforms, with free open source software – supporting competition and innovation. It combines an improved user experience with a high level of security, practically eliminating cybersecurity threats such as phishing and credential stuffing. Critical cryptographic operations can be delegated to dedicated hardware in the form of FIDO security keys, available from multiple vendors including

Yubico
PRODUCT

. Users do not need a

Smart Card
ORG

reader to use FIDO security keys, and no client application is required to use them, other than a web browser.

Apart from user authentication, FIDO security keys can play a crucial role in securing identity wallets. A wallet’s contents can be encrypted and decrypted using cryptographic keys derived from secrets bound to the secure hardware of a FIDO security key. Additional security keys can be added to protect an individual’s wallet as a backup, or users sharing an organizational wallet can use their own FIDO security key to access that wallet.

By delegating as much as possible to a trusted external device, the wallet can be implemented as a web application that makes it independent from the mobile platform. This means citizens are truly in control of their own identity, without any dependencies on app store politics or vendor locks, much in line with

the European Commission
ORG

’s desire to reduce the market dominance of non-EU “Big Tech”.

Additionally, as opposed to traditional smart cards and service specific OTP-based authentication tokens for banking, FIDO security keys also work with

hundreds
CARDINAL

of other leading consumer and enterprise online services and applications, without any user data being shared between the services. Thus far, some government services, including in the

US
GPE

and

UK
GPE

, have made FIDO login to their services.

Millions
CARDINAL

of consumer and business users around the world have already adopted the technology and carry these keys in their keychains, which will automatically work with any web-based EUDI wallet.

The initial focus of

Yubico
PRODUCT

’s efforts will be to assist

EWC
ORG

in producing a wallet that can be used for use cases that require shared control over a wallet – e.g. for companies and other legal entities. This is sometimes referred to as an “organizational wallet” or a legal person wallet. The goal is to then develop more use cases across government and commercial services where users cannot or do not want to rely on a mobile platform. By

2026
DATE

,

the EU Commission
ORG

has a goal to enable all

EU
ORG

citizens with EUDI wallets, hosted by and interoperable with any number of government, financial, and other commercial services.

The working demo is at https://demo.wwwallet.org and the source is published under a BSD-2 license at https://github.com/wwWallet/wallet-frontend. The initial use case presented in the demo and in the video below is based on educational credentials which is covered by another of the large scale EUDI wallet pilots called

dc4eu
PERSON

. The

two
CARDINAL

projects have a very close collaboration and share the goal of building a scalable solution for all of

Europe
LOC

.

Next steps

In

a few months
DATE

, we plan to release an alpha version of the wwWallet software compatible with the latest version of the

EU
ORG

wallet Architecture Reference Framework (ARF) and we will be able to support

at least one
CARDINAL

the following use-cases:

The

EU
ORG

social security card Banking applications requiring multiple user control Use-cases involving power-of-attorney Educational credentials

As the FIDO security key pioneer and a leading contributor to FIDO authentication standards, the

Yubico
PRODUCT

team is excited and honored to now help shape the next generation high secure, high privacy and easy to use wallet based identity solution. Once successfully proven to scale for

European
NORP

citizens, the architecture can be adopted by any country in the world, supporting our mission of making the internet safer for everyone.