How to integrate with the EU Identity Wallet

The Mythical EU Identity Wallet

First of all, the wallet is not an app - it’s a set of standards and recommendations that wallet providers (private companies and the governments) should follow. This makes integration quite interesting. You want to test your integration with as many wallets as possible to make sure you catch all the eventual differences. 

One of the killer apps of an identity wallet is, well, an identity document called eID. 

Right? Wrong. 

EU Identity Wallet is introducing a “document equivalent” called PID. 

Personal Identification Data(set)

It contains all the information typically found on the ID document, but doesn’t have to have a document number. The expiry date, one of the mandatory attributes of the PID, is not equivalent to the administrative expiry date of the data within the PID. 

PID can have, but doesn’t have to, a picture of the owner (portrait), email address, phone number or address. 

If you need gender information, you should prepare for at least 8 different options, one of them being “not known”. 

What’s the implication? Well, you need to really think about how you will use data sent by the wallet within your CRM system. 

Open standards and state monopoly on PID issuance 

When I mentioned that the EU Identity Wallet is just a set of standards, I mentioned that anyone following those standards and being certified will be able to build a wallet, and therefore, you, as a citizen, would be free to choose which wallet you want to use for your eID (PID). 

Turns out it will not be the case, at least not at the beginning.

Many of the member states will have a PID issuance monopoly to promote their local, government-issued wallets. 

What is the implication? First of all, people don’t think in terms of documents when it comes to eIDs. They think in terms of app names. 

If you ask me to show you my PID, I would probably be very confused. If you ask me to use Apple Wallet or mObywatel to present my eID, it would make much more sense. 

We already see that UX pattern in payments. 

EAA, QEAA and Pub-EAA, because wallets are not only about PIDs

Just like within the payment wallets from Apple, Samsung or Google, you can store boarding passes, loyalty cards, car keys and other “cards”, you can store multiple different data sets within the EU Identity wallet.

The main difference between them is the type of issuer. In reality, it determines a trust level you can apply to each dataset. Those datasets are called “Electronic Attestations of Attributes” - we can call them “attestations”.

There are three types of attestations:

• EAA - (almost) anyone can issue them
• QEAA - Qualified EAA means that it can be issued only by the QTSP-certified organisations. 
• Pub-EAA - those EAAs can be issued only by the public sector organisations. 

What does that mean? It means that wallet users can have formal documents like income confirmation from their local government revenue service in the wallet. It means that a confirmed IBAN number can be in the wallet. 

It means that onboarding of certain users to regulated services can be very, very, very straightforward. 

What next?

This blog post is the first part of a cycle we will be publishing in the coming weeks. 

Stay tuned! All feedback is very welcome.