1. What is the EUDI Wallet Gateway?
The 12 most important questions for businesses – concise answers about the function, use and significance of the EUDI Wallet Gateway!
The introduction of eIDAS 2.0 and the EU Regulation on European Digital Identity (EUDI) is creating a uniform framework for digital identities in Europe. All EU member states are required to provide their citizens with at least one EUDI wallet by the end of 2026.
Companies, public authorities and platforms are facing the challenge – and above all the opportunity – of connecting to the new ecosystem in good time. The challenges arise because many companies are required by regulatory requirements to accept EUDI wallets. The opportunities lie in significant cost savings, increased efficiency of existing business processes and the introduction of completely new processes into digitalisation.
The EUDI Wallet Gateway is the key to connectivity and forms the essential interface to secure digital identity from EUDI wallets. It connects your enterprise systems to EUDI wallets in Europe – securely, cost-effectively and future-proof.
2. What is the EUDI Wallet Gateway?
The EUDI Wallet Gateway is a middleware component that acts as a technical interface. This enables companies, known as acceptance partners, relying parties or verifiers, to receive and validate digital credentials from various EUDI wallets.
2. Data processing in the EUDI Wallet Gateway
3. How does the EUDI Wallet Gateway process digital credentials?
The gateway transforms the data received and validated so that acceptance partners can integrate it into their respective business processes. This is done without having to adopt the sometimes complex protocols and standards of the EUDI wallet (e.g. OpenID4VP, SD-JWT VC, mDL/mDoc, ISO18013) into their own processes.
The gateway also performs the central task of mapping both the issuance of credentials by so-called ‘issuers’ and secure authentication. It thus acts as a key component for acceptance partners – and, if required, also as an attribute issuer – to participate in the new EUDI wallet ecosystem.
In short, the gateway acts as a bridge between the acceptance partners and the EUDI wallet infrastructures. Essentially, it is about (a) simplification through abstraction and transformation of complex wallet protocols, (b) interoperability through continuous adaptation to the various country-specific characteristics of EUDI wallets in Europe, (c) security and compliance through the mapping of eIDAS 2.0-compliant implementations (e.g. e.g. for KYC, QES, PID) and (d) flexibility through support for all conceivable use cases.
3. Who needs the gateway?
4. Which companies and organisations need an EUDI Wallet Gateway and why?
For the purposes of an EUDI Wallet Gateway, two different categories of companies can be distinguished:
A) Organisations obliged to accept:
1. Regulated companies: Companies from regulated industries such as banks, financial and payment service providers, insurers, energy suppliers, education providers and healthcare providers, telecommunications providers and transport providers are required by EU regulations to accept the EUDI wallet for customer identification in future.
2. Very large organisations: In addition, so-called ‘Very Large Online Platforms’ (VLOPs) and ‘Very Large Online Search Engines’ (VLOSEs) are required to accept the terms and conditions, as defined in the Digital Services Act (DSA). These include platforms with more than 45 million active users across the EU, such as social networks, search engines, online marketplaces, email services, app stores and cloud platforms. These include social networks, search engines, online marketplaces, email providers, app stores and cloud services.
These organisations must therefore address the integration of the EUDI wallet at an early stage to ensure connectivity by the planned rollout of EUDI wallets at the end of 2026. A key element in implementing these requirements is the use of an EUDI wallet gateway.
B) Organisations invited for acceptance:
Trustworthy and automatically verifiable credentials also mean more efficient processes, lower costs, greater security and better user experiences with EUDI wallets, opening up completely new opportunities for non-regulated companies across all industries, such as mobility, car rental, car sharing, leisure, e-commerce, education, logistics and many more.
The fact that large, regulated providers are required to accept EUDI wallets ensures rapid awareness, distribution and use among the general public. This makes EUDI wallets, with their free, secure identification, very attractive to other companies and opens up new use cases where identity verification would currently be too expensive or inconvenient for the user experience.
Overall, integrating an EUDI wallet gateway is an investment in the digital future of a company. The gateway supports open standards such as OpenID4VC, SD-JWT VC and mDoc (ISO 18013-5) and is compatible with the EU’s Architectural Reference Framework (ARF). The gateway providers are closely networked with the relevant institutions, ensuring that the interface meets all European requirements and standards at all times.
4. Important use cases
5. What use cases does an EUDI wallet gateway support?
The gateway supports all use cases that retrieve data and attributes from the EUDI wallet. The prerequisite is that the acceptance partner, i.e. the relying party, is registered and approved by the competent authority. The specific process for registering and approving issuers and acceptance partners is currently (Q3/2025) still being determined in Germany.
A further prerequisite for use is that the user has initialised the EUDI wallet with the OnlineAusweis function (Germany) or the corresponding method in their home country. Once initialised, the ‘Personal Identification Data’ (PID) is stored in the personal EUDI wallet. If the use case requires further proof, this must be transferred to the EUDI wallet in advance.
The EUDI wallet is much more than just an ‘ID card on your mobile phone’ and will support use cases far beyond mere personal identification in the medium term.
In addition to official documents such as driving licences, certificates, vocational training and educational qualifications, certificates of good conduct or other approvals and confirmations, companies can also define, issue and receive their own credentials for their own use cases and industries – whether these are verified membership cards, credit checks, income statements, insurance certificates, training certificates or access authorisations for properties.
In the healthcare sector, the electronic health card (eGK) for visits to the doctor’s office or the vaccination card can be stored securely in the EUDI wallet on a smartphone. The applications are virtually limitless.
Zero-knowledge-proof & selective disclosure
It is very important that privacy is always guaranteed when using the EUDI wallet in conjunction with the EUDI wallet gateway. Two important basic principles must be distinguished here:
- Zero-knowledge proof: Zero-knowledge proof (ZKP) is a cryptographic method by which a person – in this case with the help of the EUDI wallet (the ‘prover’) – proves to the acceptance partner (‘relying party’ or ‘verifier’) that a statement is true without disclosing the underlying data.
Example: A user wants to prove that they are over 18 years of age without revealing their exact date of birth. With a ZKP, the wallet can only disclose the information ‘over 18’ – not the date of birth or even the year of birth itself. This function is of course mapped in the gateway.Selective disclosure: In the interests of data minimisation, the gateway supports the process of ‘selective disclosures’.
- Selective disclosure means that a user with an EUDI wallet can selectively disclose individual attributes from a digital credential – rather than the entire document.
- Example: A user only provides their year of birth, but not their full date of birth or any ID details. Or, in relation to a certificate, only individual qualifications or grades are disclosed, but not the entire certificate with all its contents.
5. Technical and operational functions
6. What technical and operational functions does the gateway perform?
Specifically, an EUDI wallet gateway performs various technical functions, focusing on credentials, which include the following in particular:
- PID (Personal Identity Data). This includes, for example, identity card data, which in the EUDI wallet context is only issued and released by public authorities, i.e. by the state.
- Pub-EAA (officially electronically attested attributes). These include official certificates, driving licences, references, confirmations, etc. issued by authorities in the course of an administrative process.
- EAA (electronically attested attributes). These are proofs from the private sector that are issued in a trustworthy manner in the EUDI wallet ecosystem.
- QEAA (qualified electronically attested attributes). These are EAAs that have been additionally ‘qualified’ by a neutral body in order to be recognised in cross-border traffic, for example.
The EUDI Wallet Gateway now ensures that a company can work with all types of credentials via this gateway:
- In its role as an acceptance partner, the company can therefore verify the user’s credentials from the EUDI wallet.
-
-
- receive,
- verify, i.e. accept as ‘confirmed genuine’ and
- transfer to your own processes in the desired format.
-
- In its role as issuer of its own credentials for the user’s EUDI wallet, a company can use the EUDI wallet gateway to
a) issue the evidence to one or more EUDI wallets
b) withdraw the evidence, i.e. limit its validity or block it, i.e. carry out a so-called ‘revocation’.
6. Open source - a viable alternative?
7. Why do companies need an EUDI Wallet Gateway when everything is open source?
In mobile payment, we saw how quickly the transition from plastic cards to smartphones took place. A key factor was the widespread acceptance infrastructure – primarily the terminals at checkout counters – as well as the already established processes and commercial foundations.
Therefore, I see high potential exactly where card-based IDs are already used in digital processes. The EUDI Wallet can now represent these cards at a high level of trust, easily bring them to the smartphone, and securely make them available for reading at the point of sale (POS).
The existing acceptance infrastructure, both on-site and in digital offerings, only needs to be adapted for this new component – think of health insurance cards, membership cards for automobile clubs, or even fitness club memberships. Additionally, the EUDI Wallet is also of interest for decentralized organizations within a closed ecosystem.
Instead of laboriously networking decentralized systems, proprietary features can now be transported as trusted and signed attributes via the EUDI Wallets of the users. Possible applications include, for example, car workshops, decentralized financial institutions, access management systems, or authorities within a federal system.
7. Key information about the integration
8. As a company, what is the best way to connect to the EUDI wallet?
There are two different ways to connect your company to the EUDI Wallet ecosystem:
1. Open source libraries (‘Make option’):
In principle, it is possible to connect individually using the freely available open source modules. This can be useful if the use cases are particularly individual, sufficient IT resources are permanently available and significant scaling in terms of transactions via the EUDI wallet is to be expected. However, it is questionable whether the open source components can actually process all EUDI variants at all times and who will be responsible for this.
In any case, it may be advisable to work with a specialist consultant or IT service provider who has detailed knowledge of the ecosystem, is familiar with the relevant standards and processes, and can therefore validate the solution used at any time.
2. Plug & Play gateways (‘Buy Option’):
a) Existing connection to an identity service provider: For pure identification services, the EUDI Wallet Ident is another option alongside established identification methods such as photo ID, bank ID or video ID. For established platforms, adding the EUDI Wallet for pure identification purposes does not pose a significant challenge.
b) EUDI wallet connection from a single source: In order to cover all aspects relevant to the EUDI wallet and to remain compliant and interoperable with all EU requirements and updates at all times, it makes sense to select a provider for the EUDI wallet gateway that already has practical experience in handling digital identity data and wallet solutions.
This includes personal identity data (PID), which is regularly the result of established identification methods. It also includes other credentials, such as verified qualifications, proof of identity, contact details, strong authentication, digital signatures and online payments.
Regardless of established business relationships, it may therefore make sense to involve a service provider with specific experience in the live operation of wallet processes in order to exploit the potential of EUDI wallets.
It should be noted that EUDI wallets will be the only identification or authentication method for many new acceptance partners. Only because of their cost and efficiency advantages do EUDI wallets qualify for integration at this point, for example to prevent misuse in use cases by validating identity, age or address.
Traditional methods such as video identification, photo identification or bank identification would simply be too expensive for the provider and too inconvenient for the user experience – otherwise they would already be integrated.
Therefore, selecting a focused provider for the EUDI wallet gateway makes a lot of sense for these new use cases, regardless of the possible offerings of other identification methods.
9. What are the relevant criteria for selecting the EUDI wallet gateway or EUDI wallet gateway provider?
One hypothesis is that the EUDI Wallet will be an extension of the existing wallets on smartphones, meaning it could be part of Apple Wallet or Google Wallet. Given the European standard, this seems to be a valid hypothesis.
Thus, every smartphone user would already have this wallet pre-installed across Europe and wouldn’t need to download it separately. The integration into the user experience could be very well solved this way – mobile payment could serve as a useful reference here.
Another approach could be that large apps incorporate the feature – for example, in online banking or other widely used apps. This would serve as an additional service for customer loyalty and to avoid forcing users out of the app for certain actions.
The more providers rely on EUDI Wallet attributes for their own services and added value, the more it might make sense to integrate the EUDI Wallet into their own apps, ensuring that the user journey isn’t interrupted. Even then, it would be more of an activation of the EUDI Wallet by the users within the existing application.
And of course, there will also be offerings in the App Store where I can download the EUDI Wallet on its own. One such offering will likely be the government-issued EUDI Wallet in Germany, potentially as an extension of the current ID card app.
The nature of an EUDI wallet gateway also entails a number of basic requirements that are largely met by all providers and solutions on the market, such as that the gateway…
- is based on individual software solutions using the latest open source libraries
- meets the framework conditions for security and data protection
- connects all EUDI wallets from all over Europe and all member states
- is transparently documented
- is sufficiently networked in all member states to anticipate current changes.
A gateway supports sensitive and transaction-intensive business processes of the acceptance partners. It is therefore advisable to work with providers who have proven practical experience, independent certifications and established processes.
10. When can companies start connecting to the EUDI wallet and the EUDI wallet gateway?
It makes sense to start the connection project in 2025 and select a provider for the EUDI wallet gateway. The government EUDI wallet for Germany will be made available in a sandbox environment from the end of 2025 for connection and thus for testing and piloting by potential acceptance partners and issuers.
In addition, the German government plans to publish a developer guide and design guidelines. Live operation of the German wallet will start at the beginning of 2026, and official test connection for all partners in the ecosystem will begin in mid-2026. The market launch is planned for December 2026, with rollout expected in spring 2027.
Key dates at a glance:
- September 2025: Completion of the SPRIND prototype phase.
- 2025: Sandbox to be available to relying parties from the end of Q4.
- 2026: Pilot of the ecosystem to start at the end of Q1.
- 2026: Preparation for EU-wide rollout.
- 2027: Expected market launch in Germany with gradual expansion of functions.
11. Why should companies start connecting to the EUDI Wallet Gateway as early as 2025?
An early start to the integration project makes a lot of sense, especially for regulated companies, as non-discriminatory acceptance of all EUDI wallets must be established by the deadline at the end of 2026. This means that all business processes must be set up accordingly.
This applies in particular to those that already process digital identity data today and are therefore within the relevant scope of the acceptance obligation: online onboarding processes, online identification processes, logins and strong authentication.
Despite all the transformation of EUDI wallet protocols in the gateway, it must be taken into account that the acceptance and structure of data packets in combination with regulatory requirements, e.g. for final identification, may lead to adjustments in the established internal process flow.
These necessary adjustments should be identified at an early stage so that adjustments to internal workflows and systems can be incorporated into IT roadmaps in good time. It is therefore advisable to start testing at an early stage using the relevant pilots.
12. Does it make sense for companies in Germany to test with EUDI wallet pilots other than SPRIN-D's sandbox?
The SPRIN-D Sandbox with the federal government’s EUDI wallet reflects the current implementation standard. The federal government’s EUDI wallet is the basis for the certification framework in Germany. Its implementation therefore serves as a reference for all other possible EUDI wallet developments by private actors in Germany.
In this respect, it makes most sense to test the Sprin-d Sandbox in Germany as an EUDI wallet pilot. It is unclear to what extent several pilot versions of EUDI wallets from private providers will be available in this environment.
In addition to this German sandbox, all other European reference implementations must be integrated into the connection scope. This is the only way to ensure that the respective national characteristics of EUDI wallets are taken into account with regard to the Europe-wide non-discriminatory acceptance requirements.
As already mentioned, relevant differences are to be expected here, as with plugs, sockets and voltages. A core task of the gateways is therefore to implement a connection to all relevant EUDI wallet sandboxes and, later, to all implementations. It therefore makes sense to work with the partner who is also a candidate for sustainable productive integration from the outset in order to carry out the connections and testing.
Do you have any questions? We have the answers. Verimi is a leading provider of an EUDI wallet gateway – find out here about what Verimi has to offer.
