EUDI Wallets & eIDAS 2.0: What it is and what it means for companies

Digital identity solutions are no longer a rarity in the European Union, in Nordic countries such as Denmark, Sweden, Norway and Finland, for example, they are already widespread. This development began around the turn of the millennium: against the backdrop of amended EU directives, which were intended to put digital identities on an equal footing with physical ID documents, some European countries began to investigate the possibilities of eIDs and introduce corresponding systems. However, these developments were limited within national borders. When the eIDAS Regulation came into force in 2016, it created a common framework for electronic identification and transactions in the EU member states, which has also included provisions on eID since 2018. This was intended to ensure that the EU member states mutually recognize their various eID systems in order to enable better interoperability across national borders. The eIDAS 2.0 Regulation was adopted in March 2024. It stipulates that EU member states must offer all citizens so-called “EUDI wallets” (European Digital Identity Wallets) based on uniform technical standards by 2026. The new standards will not only affect the digital user experience of customers, but also the digital business processes of companies. It is therefore essential for companies to prepare for the EUDI wallets – because the right preparation will not only open up obligations, but also opportunities. Find out here what requirements and advantages eIDAS 2.0 has in store for companies and how you can prepare for it.

What is eIDAS 2.0?

eIDAS stands for “Electronic Identification, Authentication and Trust Services” and is an EU regulation. In particular, the eIDAS 2.0 regulation stipulates that all EU member states must offer their citizens so-called “EUDI wallets” by 2026. These EUDI wallets are based on uniform technical standards and contain verified personal attributes (so-called “PID” Personal Identification Data) with which citizens identify themselves in the digital ecosystem. In concrete terms, this means

• ID wallets will be mandatory in Europe from 2026 under the EU regulation for sharing, managing and using verified identity data
• Citizens can conveniently store their ID card and, in future, their driving license and other attributes (e.g. certificates, membership cards, public transport tickets) in secure EUDI wallets
• Companies are obliged to accept EUDI wallets in their business processes. This obligation applies to companies from regulated sectors, and non-regulated companies may also accept the wallets. Use cases are in particular onboarding, strong authentication and digital signing.

What impact will eIDAS 2.0 have on my company?

The eIDAS Regulation aims to make trustworthy interaction in the digital world legally secure and user-friendly. It defines legally binding implementation deadlines for all EU member states and affected organizations.

• Regulated sectors are obliged to integrate the EUDI wallets. These include, for example, the health, transport/mobility, energy, banking and finance, postal services, education, digital infrastructure and drinking water sectors. Large platforms such as Apple, Google, Facebook and Zalando are also obliged by the EU regulation to integrate EUDI wallets as gatekeepers.
• The mandatory integration of EUDI wallets will accelerate the digital identity ecosystem enormously. The use of EUDI wallets will develop rapidly as a result of mandatory acceptance in relevant use cases. For onboarding, logging in and signing, EUDI wallets will quickly become the standard for customers.
• Regardless of whether companies are obliged to integrate the EUDI wallet or whether companies accept the EUDI wallets themselves: All companies should identify the impact on their digital business processes. The new requirements must be implemented and opportunities exploited, both in interaction with customers and in the end-to-end digitalization of their own workflows.

Does eIDAS 2.0 offer advantages for companies?

Changing framework conditions not only bring new requirements, but also new opportunities. eIDAS 2.0 has the potential to take digitization in Europe a big step forward very quickly. This leap in digitalization will also set new standards in terms of security, efficiency and customer experience when handling digital identity data:

1. Digitization: companies can effectively and comprehensively digitize internal and external business processes end-to-end based on uniform standards for the transmission and processing of trusted personal attributes (e.g. ‘PID’)
2. Efficiency: The transaction and process costs for secure and regulation-compliant onboarding, for secure log-in (‘SCA’) and for legally compliant digital signatures are significantly reduced with uniform European standards.
3. Customer experience: The current digital access barriers due to ever new identification requirements and individual log-in logics of each individual provider are eliminated. Case-closing digital applications are made possible. Conversion rates and customer satisfaction can thus reach new levels.

In addition, the eIDAS 2.0 framework also allows company and sector-specific attributes to be added. For example, mandates, affiliations and memberships can be added specifically and managed with the same security and trust standards. This opens up new potential in the digitalization of business processes of closed user groups, e.g. within corporations, associations, chambers, etc.

How can I prepare for the new eIDAS requirements?

eIDAS 2.0 is new. The national implementation for Germany is currently underway. Some aspects are still undefined, interactions with existing regulations and already established, certified and approved workflows are largely unclear. New frameworks for certifications and approvals in Germany are uncertain. At the same time, the mandatory market launch for 2026 has been set very clearly by the EU. We recommend that companies actively engage with the topic in order to work out the key implications now:

1. Understand eIDAS 2.0: Ensure that all departments and individuals affected in the company have a basic understanding of eIDAS 2.0 and are aware of which regulations may become relevant for them by 2026.
2. Consider eIDAS 2.0: Determine what impact the new requirements will have on your business processes. How can you meet the requirements of the eIDAS regulation and at the same time focus on the needs of your customers?
3. Apply eIDAS 2.0: Develop a clear roadmap to 2026: What exists and what needs to be changed, what opportunities arise for new end-to-end solutions. Identify all your eIDAS-relevant digital business processes and start with initial pilot projects.
4. Concretize eIDAS 2.0: Be sure to test your use cases with the new technical standards before 2026, e.g. using the Verimi live application, which already largely covers the upcoming eIDAS standards in a POC. Live testing of your use cases to validate the requirements for your business processes according to the new eIDAS standards, e.g. with PID.

Prepare your company for the future. Verimi has more than 5 years of experience in live operation of regulated ID wallets in well over 100 real use cases in Germany. Valuable experience to know what is really important for ID wallets and for connected use cases! We support companies and organizations to prepare for eIDAS 2.0 and EUDI wallets in a targeted manner – with eIDAS intensive workshops and EUDI wallet proof-of-concepts (POC). Find out more here.