2022-04-25 Update:  Member states Sweden, Finland, Luxembourg and France are in the final stages of consortium membership. Norway, Germany and Greece are in detailed discussions and several other member states have started discussions. Non-government participants include Sicpa, DSGV (German Savings Bank Association), Archipels, ID Union, University of the Aegean, Digidentity, Signicat, NETS, Intesi, InfoCert, Avast, Validated ID, Spherity, Amadeus, SIDN (Stichting Internet Domeinregistratie Nederland), Skyteam.

2022-04-19 Update: The Consortium team have selected the applicants to work on the creation of the bid. We really appreciate the huge amount of interest shown in the Consortium and for those that were not successful we thank you for applying. Should we need your help once the project starts we will let you know. For those that were successful, keep an eye on your inboxes for the next call to start creating the proposal.

2022-04-13 Update: Organisations who submitted applications before the cutoff are invited to an update call today 13th April. On this call, DIGG Sweden will take you through the current status and next steps.

2022-04-11 Update: Thanks to all those who applied. We were overwhelmed by the response, and are significantly oversubscribed. Applicants will be invited to an update call later this week.

The European Union Digital Identity (EUDI) Wallet Consortium is creating a multiple use case, cross-technology bid for funding to run large-scale pilots of eIDAS 2.0. This consortium is proposed by a group of Swedish public sector organisations who believe that interoperability is key for the EUDI Wallet. This group is in active discussions with other Member States with a view to submitting a bid for the funding detailed below.

The Consortium invites private sector companies join with the public sector to address the core needs of the proposed eIDAS 2.0 legislation – namely to provide citizens with  compelling, useful and secure digital identity tools that they have full control over. By working on multiple intersecting use cases, the Consortium will demonstrate how eIDAS 2.0 will provide the basis for solving many of the privacy, security and user experience problems experiences by citizens in their digital lives. 

The funding call is within the Digital Europe Programme (DIGITAL) topic 5.3.1.2 which requests support to implement the European Digital Identity Framework and the implementation of the Once Only System under the Single Digital Gateway Regulation. Up to €37m funding is available.

The Consortium will utilise existing and innovative technologies to develop and deploy the pilots, and in particular it will address the request to work with decentralised identity mechanisms. 

Emphasis will be placed on multi-country pilot deployments to demonstrate portability and interoperability. The EUDI Wallet Consortium proposed herein will bid to deliver large scale pilots of the European Digital Identity Wallet and its ecosystem in multiple priority cross-border use cases using attestation formats specifically designed to safeguard privacy. In so doing, the consortium is a response from both private and public sector stakeholders to the call to leverage innovative solutions for the purpose of exchanging digital attestations of attributes and credentials by means of a digital wallet that puts the user in full control over their online identity and data.

The Consortium,
and What It Offers

EUDI Wallet Consortium Organization

The consortium will commit to fulfilling the call requirements as outlined under the topic conditions and documents and provide governance, common project administration.

Consortium members can support consortium governance if the Member State they operate in is able to perform the following three roles: 

  • 1
    include a wallet issuer for the country in alignment with the reference application of the Wallet
  • include at least one entity in the country that can issue an electronic attestation of attributes
  • 3
    Include at least one entity in the country to verify an electronic attestation of attributes

Rules of Involvement

The consortium has clarified the rules for involvement in accordance with a common set of guiding principles. Participant involvement is possible through multiple work packages focused on different use cases and technologies that adhere to the guiding principles. These principles require participants to: 

  1. focus on and demonstrate real-world deployable use cases leveraging innovative solutions that put users in full control over their online identity and data and safeguard their privacy.
  2. work with the proper national authorities applicable to each use case
  3. identify and to the extent possible address legal and regulatory issues
  4. provide a full cross-border flow or participate in collaborative efforts with other participants in such flows.

Participants able to satisfy the rules for involvement can focus on a specific use case organized as a distinct vertical or work in work packages that span several use cases. In an effort to uniquely position the consortium among other consortia efforts, we will focus on two core use cases: 1) Mobile Travel Credentials, and 2) Organizational Digital Identity. Any other use case, e.g., payments or mDL, will be explored insofar it can contribute to a user journey involving either of these two core use cases.

The consortium coordination team will manage the overall logistics of the consortium, the creation of the proposal, and coordination across the multiple work packages. 

 

A proposal has to be submitted to the European Commission by the 17th of May 2022.

 

Leaders of the vertical use cases will be responsible for authoring the work package description for that use case, and managing contributing members within that use case.

 

Funding from the EC is on a 50% contribution basis, meaning that 50% of the cost of the program will be met by the EC, and the contributing consortium members will meet the remainder. As part of the creation of the proposal, work packages will be costed according to funding rules, and included in the proposal submission. 

 

No funding is available prior to the actual grant of funds from the EC. All coordination, writing, submission and post-submission actions within the consortium are self-funded and at the participants own risk.

Logistics,
funding,
and operations

Logistics,
funding,
and operations

The consortium coordination team will manage the overall logistics of the consortium, the creation of the proposal, and coordination across the multiple work packages. 

 

A proposal has to be submitted to the European Commission by the 17th of May 2022.

 

Leaders of the vertical use cases will be responsible for authoring the work package description for that use case, and managing contributing members within that use case.

 

Funding from the EC is on a 50% contribution basis, meaning that 50% of the cost of the program will be met by the EC, and the contributing consortium members will meet the remainder. As part of the creation of the proposal, work packages will be costed according to funding rules, and included in the proposal submission. 

 

No funding is available prior to the actual grant of funds from the EC. All coordination, writing, submission and post-submission actions within the consortium are self-funded and at the participants own risk.

Work Packages

Note that the titles and descriptions of these work packages are works in progress
and will be further defined as part of the bidding process.

 

As is usual with EC funding bids of this type, the Consortium’s bid will be divided into work packages. Each work package will have a leader who will coordinate all participants of that work package.

 

The Consortium is highly focused on pilots that demonstrate interoperability and re-use across multiple use cases and technology formats. The Consortium leadership believes that, for eIDAS 2.0 to be successful, it must be useful and attractive in as many aspects of citizens’ digital lives as possible. Being able to have a consistent, safe and secure experience across the digital interactions that matter most to people is paramount, whether those are public-sector or private-sector transactions.

Vertical Use Case Work Packages

Mobile Travel Credentials

The Mobile Travel Credentials (MTC) work package will develop and execute large scale pilots including the ICAO DTC standard in combination with the EUDI Wallet. It will leverage the work done by ICAO on DTC, the European Commission on the Digital Covid Certificate, and IATA on the IATA Travel Pass. Pilots will include a minimum of three countries where interoperability and selective disclosure will be tested between the EUDI Wallet, MTC and IATA Travel Pass. For example to enable the traveler at home to check-in, where the EUDI Wallet is used for biometric verification and where a seamless passenger flow is enabled at the airport. The preference is to include cross vertical use cases such as payments and check-in at a hotel.

Organizational Digital Identity

The Organizational Digital Identity work package will allow a national company registry to issue company related attributes and legal entity identifiers as EAAs. This will enable organizations and businesses to establish new business relationships on the basis of verifiable data, and enhance the trust in existing relationships. Examples of cross border interactions that would benefit include Know Your Customer (KYC) processes and onboarding where a bank account could be opened from another EU Member State based on organizational EAAs issued in another Member State. Other possibilities include more trustworthy representation of authorized signatories and automated checks of required licenses, insurances and related credentials.

Other Use Cases

There is a potential to explore the interplay between Mobile Travel Credentials, Organizational Digital Identity, and other use cases. For instance, we seek to demonstrate how the EUDI wallet can combine payment information, health status information, Mobile Driving License credentials etc. into a seamless travel experience for an EUDI wallet user.

Horizontal Capability Work Packages

-

Ecosystem operation, governance, trust and economics

The eIDAS continent-wide trust ecosystem requires capabilities and functions that ensure that the ecosystem is operated and governed effectively. This horizontal workstream focuses on this aspect, and will examine and pilot such functions. It is anticipated that this will include trust lists, governance frameworks and high availability run and operate capabilities. Additionally, this workstream will examine the incentives for ecosystem participants that will ensure the eIDAS adoption and use meets the milestones laid out in the proposed legislation.

-

Assessment, testing, and development feedback

This work package is motivated by the call text mention of continuous assessment and testing. The LSPs must provide feedback to further EUDI wallet development. The EUDI wallet consortium will provide feedback to ensure that the production ready wallet is capable of managing personal data in a way that safeguards user privacy and puts the user in full control over their data.

-

Interoperability across wallets, formats, and protocols

Interoperability across wallets, formats, and protocols

  • Privacy-preserving EAA formats. The consortium will focus on EAA formats that are designed with privacy and user control in mind.
  • Privacy preserving EAA proofs. The proof formats of interest to the consortium are those that support selective disclosure of attributes with strong assurances of proper attribute pairing as specified in the W3C verifiable credentials implementation guidelines, i.e., multimessage signature based proofs and grouped hash digests based proofs.
  • EAA exchange and multi-format interoperability. Multi-format support places a disproportionate burden on EAA verifiers. It is therefore important to build on existing work to streamline the credential and proof exchange between issuers, holders, and verifiers without assuming that each verifier will support all formats.
  • Agent layer communication, storage, and key management. This tasks focuses on evaluating the support for  communication envelopes (e.g., DID Comm and SIOP v2), transport (NFC, QR, BLE, HTTP etc.), and various topics related to key management and key operations.
-

The EAA and credential lifecycle

The EAA and credential lifecycle

The EAA and credential lifecycle is a horizontal work package that includes the main steps of the EAA lifecycle, i.e.,  issuance, usage and verification, and revocation (all of which are handled differently depending on the EAA format and underlying infrastructure). The work package covers three additional topics:

  • Data governance. Robust data governance and assessment of processing of personal data is paramount for ensuring regulatory compliance. The consortium will explore ways to enable users to be informed and be able to track the data they share with third parties and review and attest consent agreements and withdraw previous consent. 
  • Portability. The user should be able to seamlessly use their attributes and credentials  across multiple devices they own. Portability also includes options for backup and recovery.
  • Guardianship / Representation. Many use cases will require the EUDI wallet to manage relationships between entities where one entity represents, acts on behalf of, or controls another entity (e.g., parent-child, firm-authorized signatory, or owner-IoT device).
-

Wallet issuance and enrolment

Wallet issuance and enrolment

During wallet issuance and enrolment, member states issue wallets that users can download and configure on their devices. Member states can then onboard users by issuing a PID set to the wallet. 

-

Infrastructure deployment and enhancement

The infrastructure deployment and enhancement horizontal is made up of several tasks that can support higher layer agent interactions and EAA exchanges. Presently, these tasks include:

  • Hyperledger Aries AIP 1.0 / AIP 2.0. Hyperledger Aries support is important to ensure a high degree of interoperability with leading private sector eID ecosystems.
  • Hyperledger Indy Network. Deploying or using an established Indy network facilitates easy deployment of eID use cases based on AnonCreds.

Interested in participating?

The application process is now closed. Many thanks to those that applied – we had a lot of really great submissions. The team will contact you shortly by email to let you know what happens next.