eIDAS 2.0 & the EU Digital Identity Wallet
What it is
eIDAS 2.0 is the revised electronic Identification, Authentication and trust Services regulation, Regulation (EU) 2024/1183. Its headline requirement is that every EU member state must offer citizens and residents a European Digital Identity Wallet (EUDI Wallet): a state-recognized digital identity wallet for holding and presenting identity attributes and verifiable credentials. It is the single largest program turning decentralized identity from pilots into population-scale infrastructure, so it sits at the intersection of a standard and a regulation.
This page covers the technical framework. For the legal picture across countries, see the identity regulations hub and the EU entry there.
How it works
- The wallet: each member state issues or certifies a wallet app. Citizens store a Person Identification Data credential plus attribute credentials (diplomas, licenses, payment mandates). See EUDI Wallet.
- The ARF: the Architecture and Reference Framework pins the technical choices, mandating OpenID4VCI and OpenID4VP for issuance and presentation, SD-JWT VC and mDL as credential formats, and selective disclosure so citizens share the minimum needed.
- Relying parties: many services, including "very large online platforms," will be required to accept the wallet where users choose to use it, which forces verifier-side adoption at scale.
Status
The regulation entered into force in May 2024. Member states are building and certifying wallets against the ARF, with the obligation to make them available to all citizens landing in 2026, followed by phased relying-party acceptance. Large-scale pilots (the EU's LSPs) have tested payments, travel, education, and organizational identity. This is why OpenID4VC interoperability profiles matured quickly.
Why it matters
eIDAS 2.0 solves decentralized identity's chicken-and-egg problem by legislating both issuance (state-issued wallets) and acceptance (mandated relying parties). For any organization operating in or serving the EU, wallet acceptance is shifting from optional to expected, and the design choices in the ARF are becoming de facto global reference points for reusable identity and KYC.
Pitfalls
- Timelines slip; member-state wallets and relying-party readiness are arriving unevenly.
- The regulation sets outcomes and the ARF sets architecture, but conformance and certification detail is still settling. Build to the mandated protocols and watch national profiles.
- Privacy safeguards (unlinkability, no over-collection) are central to the debate; design to the minimization intent, not just the letter.
Related
Guides: what is decentralized identity, reusable identity and KYC with verifiable credentials. Standards: OpenID4VC, Verifiable Credentials, mDL. Directories: regulations by country, digital IDs by country. Glossary: EUDI Wallet, eIDAS.