Frequently asked questions
General
The aim of the EUDI Wallet ecosystem is to establish a Europe-wide interoperable digital infrastructure that enables people in the EU to securely store digital credentials and use them across borders. The wallet is designed to strengthen digital sovereignty by allowing users to decide for themselves which data they share. At the same time, it creates a European, independent infrastructure that meets the highest data protection and security standards. Through common standards, it enables seamless use in public administration, business and everyday life, thereby forming a central foundation for a modern and efficient digital society.
The EUDI Wallet is your personal digital wallet for identity data and credentials. It operates on a simple principle: all credentials are stored securely directly on your own smartphone and are presented by you only when needed. You maintain full control, as only the absolutely necessary information is shared. There is no central storage of your personal data – everything remains in your hands. The wallet serves as a modern supplement to your existing physical documents and will be usable across Europe in the future.
eIDAS stands for electronic Identification, Authentication, and Trust Services. The original eIDAS Regulation has been in effect since 2014 and was the first to establish rules governing how digital identities and signatures function within the EU. eIDAS 2.0 builds upon this framework. The most important difference: Digital identity is no longer intended to function solely for individual government services, but rather to be widely usable in everyday life, including with private providers and across national borders. A key new feature is the introduction of the EUDI Wallet. It enables users to digitally store their identity and credentials and share them selectively. At the same time, requirements for security, data protection, and Europe-wide interoperability are being specified in greater detail.
Germany is developing a government-run EUDI Wallet, which is due to be launched as an app in early 2027. Initially, it will offer the ability to manage and use digital credentials, both online and in person. In addition to the ID function (derived from the electronic identity card or residence permit), the first supported credentials are expected to be the digital driver's license, the social security card and the pension card. Further documents will follow gradually – the number and variety of these documents depend on the participation of future issuers in the EUDI ecosystem. In addition to public bodies, private companies, associations and other organizations can become issuers. If your organization wishes to issue digital documents in the future, you can find further information in the Ecosystem Knowledge Center. The official German “EUDI Wallet Sandbox” has been available since December 2025. The sandbox is a national test environment in which organizations can test their use cases and integrations with the government’s EUDI Wallet, using test data only. The sandbox is the gateway to the national and European EUDI ecosystem. Currently, the wallet’s identification function is supported by personal identification data (often abbreviated as “PID”) generated via the electronic identity card and residence permit (eAT). Further forms of identification will be supported in the near future. The development of the government EUDI Wallet is taking place in stages, accompanied by IT architecture work, pilot projects and the SPRIND prototyping process. In addition to the government solution, non-governmental EUDI Wallet providers will also have the opportunity in the future to have their products certified as EUDI Wallets. All activities of the German EUDI Wallet project are documented publicly and transparently via OpenCoDE, the open-source platform for digital sovereignty in Germany.
The German government has decided to provide a government-backed EUDI Wallet, which will be introduced gradually from 2027. The Federal Ministry for Digital Transformation and Government Modernization (BMDS) is responsible for the project’s technical implementation. This is being carried out as part of the national EUDI Wallet project, which is being implemented by the Federal Agency for Breakthrough Innovation (SPRIND) in collaboration with other project partners.
The rollout of the first version of the state wallet is planned for early 2027.
No, use is voluntary and free of charge.
To use the EUDI Wallet, you generally only need a smartphone and the installed app. However, if you wish to use the official identification function, a one-time verification of your identity is required. For this purpose, you can use a German national ID card, or an electronic residence permit, provided that the respective online ID function is activated.
To use the national EUDI Wallet, a smartphone running the iOS (Apple) or Android (Google) operating system is required.
At present, the EUDI Wallet cannot yet be offered as a browser-based solution because it must meet the highest security requirements and needs to access smartphone security features directly (such as the Secure Enclave or StrongBox). A team explored this approach as part of our innovation challenge “EUDI Wallet Prototypes”. The outcome showed that, at the moment, a browser-based implementation is not technically feasible. This would require additional browser capabilities that are still under standardization. We remain dedicated to resolving this.
The EUDI Wallet will offer a secure and privacy-friendly alternative to many current apps and physical documents. Ultimately, the choice to use the wallet instead of existing cards or apps – and the extent to which it is adopted – is entirely up to you and the participating organizations.
The national EUDI Wallet does not need an account/login. Users can use the wallet without creating any account/login. Independently of this, the App Store and Google Play Store require an account for the user to install any application. We are aware that some users prefer alternative distribution methods. These are being looked into. Any such approach must meet the required security standards and must not compromise the integrity of the EUDI Wallet.
Yes, the EUDI Wallet can be used throughout Europe and works across borders.
To inform the public, public relations strategies tailored to specific target groups are currently being developed and further expanded. The involvement of key communicators plays an important role in effectively conveying information to different target groups. In addition, information is provided via official websites, digital information services and social media channels. We are in the midst of this information process for the public and would therefore welcome your input, for example if you would like to invite us to events or have ideas for formats, resources, etc.
The EUDI Wallet represents a major step toward greater digital sovereignty. It enables users to store and use credentials in a self‑determined manner, based on European requirements for data protection, security, non‑discriminatory access, and interoperability. This reduces dependence on individual platform providers and strengthens the sovereign use of digital identities across Europe.
The EU is deliberately pursuing a division-of-labor approach. With the “Architectural Reference Framework”, the European Commission defines uniform technical, security-related and organizational standards that ensure interoperability and a common level of trust across Europe. However, the actual implementation of these requirements lies with the Member States. The reason for this is that identity infrastructures are closely linked to national sovereign tasks, existing registers, administrative processes and legal frameworks.
Data Protection and Security
The EUDI Wallet protects sensitive data by storing it exclusively locally and in cryptographically encrypted form on the device. This applies, for example, to personal identification data (PID) and the content of certificates. Access to the wallet and its functions is additionally secured by strong authentication (PIN + device lock). When users present their data to a Relying Party, it must be ensured that the Relying Party cannot, in turn, present the data to third-party Relying Parties. To this end, a cryptographic mechanism (‘holder binding’) is used, which ensures that every single use has been authorized by the user within the context of the respective transaction. To achieve the necessary level of security, the keys for this authorization are managed in hardware security modules at the wallet provider’s premises. However, the wallet provider cannot access either the keys themselves or the user data (as this is stored in the wallet), and therefore cannot present any user data to Relying Parties. To prevent user traceability, users remain pseudonymous to the wallet provider. The wallet only passes on data authorized by users. In accordance with the principle of selective disclosure, it is possible via the wallet to present only a specific part of a proof (e.g. ‘over 18 years of age’) without revealing further personal data (such as the exact date of birth). In doing so, the wallet automatically checks with every transaction whether the respective Relying Party is only requesting the information it has previously registered for that specific use case. Any Relying Party wishing to integrate the wallet into their processes must undergo a corresponding registration process involving identification, and in doing so must disclose their use cases as well as which data they intend to request for that specific use case. Before any data is shared, users can see who is requesting their data and for what purpose, and Relying Parties must authenticate themselves to the wallet. This ensures users are always aware of who they are sharing their data with. On this basis, users can also take legal action against Relying Parties should this be necessary. At the same time, the wallet prevents its use from being tracked for profiling purposes. Data is transferred exclusively and directly between the user’s digital wallet and the Relying Party — without passing through servers in the EUDI ecosystem. Issuers of digital credentials are not involved in the sharing of these credentials and receive no information about their use. If the device is lost, the wallet instance can be remotely locked so that no one else can continue to use it.
Services may only request from a wallet the data previously registered for their specific use case. Relying Parties must first go through a corresponding registration process, and the data they request for their use case is publicly visible. The wallet makes it completely transparent to users which data is being requested. Data is only shared with the user’s consent. Services must ensure that they collect and process data only within the parameters of the GDPR.
Every time the wallet’s identification function is used, the user must authenticate themselves. This is done through possession of the smartphone (possession factor) and the entry of a 6-digit PIN (knowledge factor). These two factors are then used to grant access to a hardware security module on a secure server, which is then used to sign (cryptographically sign) the response to the Relying Party’s request.
There are no plans to make use of the EUDI wallet mandatory for citizens. Although certain bodies are obliged to offer identification via the EUDI Wallet, its use remains voluntary. Furthermore, the wallet has been designed from the outset to preclude centralized state surveillance. Identification and verification processes take place exclusively between the user’s wallet and the relevant Relying Party; the issuer of identity documents is not involved and cannot track these processes. In addition, the principle of consent-based, data-minimal disclosure applies: only the information required in each case is released, without central storage or analysis of usage profiles.
As a general rule: following authorization by the user, the wallet provides only the data registered for a specific use case of a Relying Party, and not complete copies of documents. Whether a copy of the digital credential (including signatures and metadata) is required depends on the legal situation. As a rule, Relying Parties will extract, process and, where necessary, also store data from the credentials. The wallet itself does not create any new storage obligations, but rather helps organizations to process less data. However, existing legal obligations, in particular the GDPR, remain unchanged.
No. To ensure that user interactions remain untraceable, users do not receive a user account from the wallet provider that is linked to identifying data such as an email address or telephone number.
Yes, such a function is planned. This view will be accessible to users within the wallet app and is therefore protected against unauthorized access. The data is stored only locally and not with the wallet provider.
Digital certificates in the EUDI Wallet are cryptographically signed certificates whose authenticity and integrity can be verified by any Relying Party via the EU-wide trust infrastructure using so-called public keys.
Validity is ensured by checking the signature and validity status (e.g. static expiration date and validity) of a certificate during every verification by a Relying Party. Validity can be influenced by the issuer (e.g. revocation), so it is checked against so-called status lists. The issuer is not informed which certificate is being checked. Some certificates, like some paper documents, are valid indefinitely (e.g. diplomas), whilst others may have shorter validity periods.
Connection and Integration of the EUDI Wallet
The integration of the EUDI Wallet and BundID is planned, partly to make it easier for public authorities to connect to the EUDI Wallet. This should enable identification and the exchange of documents with public authorities to function through the interaction of the EUDI Wallet and BundID. In the future, BundID will thus form a kind of gateway to public administration, which users can access using the EUDI Wallet.
The ePA and the EUDI Wallet are two separate applications. The ePA is a centralized health record: data is stored in the telematics infrastructure’s record systems; access is logged centrally; many processes run via backend components in the background. The EUDI Wallet, on the other hand, is a decentralized ‘storage’ for certificates on the smartphone: Users actively control each release, present signed certificates directly to the Relying Party, and there is no central data storage or automatic integration and notification of certificate issuers regarding the use of the wallet. However, it is planned that the EUDI Wallet will be integrated with the Health ID in the future; the latter can then be used to access the ePA.
The connection is made via uniform, EU-wide standardized interfaces that enable organizations to securely request, receive and verify wallet credentials. The integration thus functions like a modern, interoperable login/data-sharing system, without technical dependence on individual manufacturers. Organizations can test their integration in advance in the EUDI Wallet Sandbox. For detailed technical information, practical examples and guidelines, we recommend the following point of contact for all questions relating to the national EUDI Wallet ecosystem in Germany, the Ecosystem Knowledge Center:
In Germany, a production-ready test environment is available in the form of the EUDI Wallet Sandbox. It serves as the central gateway to the German EUDI ecosystem and enables organizations to conduct realistic testing – using test data only. Initially, the sandbox supports use cases for secure identification using PID. The national sandbox is necessary to test the technical integration and functionality of the EUDI Wallet with Relying Parties’ systems, ensuring that the solutions work as error-free as possible for users. The sandbox is part of the integration process for Relying Parties and will be available on a permanent basis. Germany is also using prototypes developed as part of an innovation competition organized by SPRIND to test selected aspects of the EUDI Wallet conceptually and technically. In parallel, so-called “large-scale pilots” such as APTITUDE and WE BUILD are running across Europe, in which key use cases and interoperability are being tested.
Relying Parties require testing facilities to test the technical functionality of their systems and the EUDI Wallet. They do this as a preliminary step in the national sandbox before the systems become accessible to end users. The necessary tests are carried out here on a permanent basis without using real data. Furthermore, a ‘closed beta’ is planned as part of the rollout and go-live of the EUDI Wallet. The aim is to test systems and processes under conditions as close to reality as possible with a limited group of end users. The specific details regarding the design of this ‘closed beta’ are currently being worked out.
In principle, every organization – and therefore every public authority – must go through the registration process via sandbox onboarding. However, the specific structure of the registration and onboarding process varies depending on the interaction model of the respective public authority, as several integration options are provided for, particularly within the public administration. On the one hand, a public authority – with the support of a technical service provider where necessary – can integrate the EUDI Wallet directly into its specialist procedures and processes. On the other hand, there is the option of indirect use via existing administrative systems, for example via BundID or in the context of register modernization or via NOOTS. The relevant details regarding the specific implementation are currently being worked out. Further insights into the implementation status can be found in documents from the IT Planning Council dated late November 2025. Specific information on the current registration process can be found here.
Technical Disruptions, Device Loss and Security
In the event of technical problems such as a flat battery, a faulty or unavailable smartphone, the EUDI Wallet cannot be used temporarily as it is linked to the specific device. This does not affect identification using existing physical ID documents, which remains possible at all times. In the current architecture, an internet connection is required to use the secure wallet identification function (PID), as verification is carried out via server-based security mechanisms. In the future, other forms of digital proof should also be presentable without an active internet connection. Appropriate technical solutions are currently under development.
If the smartphone is lost, the credentials stored in the EUDI Wallet remain protected. Access is secured via the PIN assigned by the user for the wallet and the general device lock (i.e. smartphone PIN or biometrics), so that unauthorized persons cannot access the wallet. The lost wallet instance can be revoked in a similar way to a credit card, but unlike a blocked credit card, it is then permanently unusable (it is not possible to restore this instance). To use it on a new device, the wallet must therefore be set up again (i.e. re-downloading the wallet app, re-adding proof of identity). This prevents misuse and ensures that personal data is not disclosed even if the device is lost.
A valid ID document with an active online ID function is required to initialize the wallet’s ID function using a PID. The issued PID is valid for no longer than the associated physical ID document. Upon receiving a new ID document, the PID must also be set up again accordingly.
A blocked wallet can no longer be used, as its revocation status is stored in the infrastructure and every wallet interaction undergoes an authenticity check. Additionally, issuers of proofs can block them based on the status of their respective proofs.
The digital ID card in the EUDI Wallet is personalized and can only be used following strong authentication. Simply possessing the smartphone is not sufficient.
Cloud backups are not possible for personal identification data (PID), as the data is tied to the specific device. In the future, there may be a backup option for digital credentials that do not require a cryptographic link to a specific wallet.
Access for All: Support, Accessibility and Protection
The EUDI Wallet will be available for voluntary and free use. The option to use analog proofs will remain available. Furthermore, we are working on information resources for all those interested in using the service.
The EUDI Wallet is being developed in a transparent and user-centered manner to ensure inclusive and broad accessibility. The EUDI Wallet is being implemented in accordance with BITV 2.0 guidelines to ensure accessibility. Since the start of the project, there has been a lively and ongoing dialogue with civil society organizations to incorporate requirements and perspectives into the development process as effectively as possible. Information resources are planned.
In accordance with the principles of “unlinkability” and “unobservability”, the EUDI Wallet specifically prevents profiling and misuse by storing personal data exclusively locally and in encrypted form, and by not allowing central tracking. Individual records and transactions are not technically linked to one another, meaning that no usage profiles can be created, even for migrants or religious minorities. The principle of selective disclosure also applies in the interests of data minimization. With selective disclosure, only the information requested for a specific purpose is released. This makes it possible to provide proof (e.g. “over 18 years of age”) without revealing further personal data (such as place of birth).
The wallet is an application that can support the digitalization of public administration processes. Implementation and design are the responsibility of the authority providing the service. The wallet does not replace advice from a public authority. It will still be possible to contact public authorities in person or in writing (including digitally).
Advice centers can support clients by providing information and training. Concepts and materials are currently being developed to explain how to use the wallet to users. To ensure these resources are accessible and understandable to everyone, the project began consulting different target groups at an early stage and involving them in the development of the EUDI Wallet. The success of such a participatory approach depends on the involvement of a wide range of different stakeholders. We would be delighted if you could get in touch with us if you have any questions or ideas on this matter.
Currently: No. However, we are aware of the importance of this issue and are working on implementing a proxy function in the future (e.g. for legal guardians or parents).
Minors can use the wallet to store and present digital proof of identity. Depending on whether young people aged 16 and over hold an ID document with an activated eID function, they can also use the wallet’s ID function.
Parental representation has not yet been implemented in the EUDI Wallet. The wallet is, in principle, linked to a specific individual. However, the amended eIDAS Regulation provides that Member States may in the future provide evidence of family relationships. The EUDI Wallet will be technically capable of storing and using such evidence, for example regarding parenthood. How this requirement will be implemented in Germany in practice, including the source of the relevant data, is currently being clarified. As regards age verification, the following already applies today: parents cannot provide proof of age for their children from their own wallet. This requires the child’s personal proof of identity or a formalized representation solution to be introduced in the future.
Economy and relying parties
A Relying Party (RP) is any organization or institution that verifies digital credentials presented by users via their EUDI Wallet. In doing so, the RP relies on the issuing authorities (Issuers) and the underlying trust framework of the ecosystem. This ensures that the data presented is both authentic and valid at the time of verification.
The national EUDI Wallet will be available from 2027. Early integration is recommended. The testing of use cases and participation in the sandbox is a prerequisite for later use in productive operation.
You can test the integration into the EUDI Wallet by participating in the pilot operation as a so-called Relying party (RP). The prerequisite is that you have defined a specific PID use case (personal identity data) and are technically ready for testing. The sandbox project team will help you to refine your use case and prepare the technical connection. As part of this testing and onboarding process, the required interfaces are set up and you receive the necessary information to test the retrieval and processing of EUDI Wallet data in a test environment. Detailed information on the procedure and the ecosystem can be found in the Ecosystem Knowledge Center.
Integration options depend heavily on the specific use cases and existing technical procedures. The national EUDI Wallet project provides technical development guidelines for all wallet functions (so-called “Developer Guides”) to make integration into existing systems as straightforward as possible. Integration is the responsibility of the respective providers.
No, its use is voluntary, but it makes life considerably easier for both users and companies thanks to seamless, time-saving and more efficient everyday processes.
Administrations and municipalities
No. The state wallet is provided centrally. Municipalities only need to organize their processes with regard to documents from the EUDI Wallet.
The EUDI Wallet offers significant efficiency gains for municipalities by automating credential processes and reducing manual verification efforts. Thanks to EU-wide interoperability and the use of existing infrastructures, digital identity services can be seamlessly integrated, significantly accelerating administrative procedures.
Through BundID mailbox:
- Authorities provide data in structured form
- The Wallet Adapter converts data into eIDAS compliant formats
- BundID mailbox provides notifications, such as certificates of good conduct or BAföG notifications, as EUDI Wallet-compliant proof
- Citizens initiate the transfer to the wallet (QR Code/Link)
Through NOOTS:
- Direct, seamless transfer from registries to the EUDI Wallet
- Document provision via NOOTS as an efficient way
- The prerequisite is that the corresponding register is connected via NOOTS
- Only for registry information
Direct connection to the specialist unit:
- Authority organizes connection and issue independently or with the help of an adapter or service provider
The Federal Ministry for Digital Transformation and Government Modernisation (BMDS) is currently testing various options for administrative integration. This pilot program, conducted in partnership with the City of Dresden and the Free State of Saxony, is scheduled to run through the second quarter of 2026. The ultimate goal of these efforts is to establish a consistent, federally coordinated onboarding model for all municipalities across Germany.
Sandbox
The EUDI Wallet Sandbox is Germany's official test environment for the state-issued EUDI Wallet. It enables companies, organizations, and public authorities to test use cases in a secure, production-like environment before they are fully rolled out. The sandbox is open to both public and private organizations and supports compliance with eIDAS 2.0 regulations.
The EUDI Wallet Sandbox is initially open to organizations ready to validate their identification use cases (PID) under realistic conditions using test data. As first movers, these participants help refine the ecosystem by providing valuable feedback while using the sandbox as a collaborative learning platform. Access will be expanded to additional organizations in stages, allowing more participants to prepare for the official public rollout of the national EUDI Wallet. To determine if your organization is ready to join, please consult the Onboarding Guide, plan your specific use cases, and begin your integration preparations.
The official German EUDI Wallet Sandbox has been available since December 2025. This national test environment allows organizations to test their use cases and integrations with the state-issued EUDI Wallet using test data exclusively. The sandbox serves as the primary gateway to both the national and European EUDI ecosystems. Currently, the wallet's identification function is supported through Personal Identification Data (often abbreviated as PID) generated via the German national ID card and electronic residence permit (eAT). Support for additional credentials will be introduced in the near future.
- Review the onboarding requirements
- Define your PID use case and submit it for review.
- Complete the onboarding steps, including a kick-off meeting with the project team.
- Use the Sandbox Readiness Checklist to assess your organization’s readiness.
The technical requirements are documented in the Architecture and Reference Framework, which you can find here.
Welcome to the Service Provider Listing The current listing of service providers on this website is an interim solution. From now on, every service provider has the opportunity to register and be listed on the website via the consent form.
Currently listed service providers: Adesso Authada Bundesdruckerei Deutsche Post Ecsec Engity Etonec esatus euro-V GmbH G+D Governikus iGrant.io Js-soft L21s Lissi Materna Information & Communication SE msg systems ag PassportReader Patronymus Ping Identity Procivis SET GmbH SVA System Vertrieb Alexander GmbH Truvity Verimi
Marketplace Under Development The full Marketplace concept is still being developed. In the future, the Marketplace will be hosted on the Ecosystem Management Portal and will include additional filter criteria such as technical integration, consulting, legal guidance, compliance support, or implementation experience to help organizations identify service providers that best match their specific needs. The Service Provider Marketplace is going to be part of the German EUDI Wallet Ecosystem. It aims to make relevant service providers more visible and easier to find for relying parties and other organizations seeking support.
No Endorsement or Ranking The listing does not represent a recommendation, certification, ranking, or endorsement of individual service providers. It is intended to provide transparency and support ecosystem development.
Register as a Service Provider Service providers who would like to be listed can register via the consent form.
Contribute to the Development Service providers interested in sharing feedback on the Marketplace concept are welcome to get in touch for an exchange or interview-style conversation. Your input can help shape the next development steps of the Marketplace.