Yubico joins EWC’s large-scale pilot for EU digital ID wallets ahead of eIDAS 2.0

Hardware security key firm Yubico is joining one of four large-scale pilots (LSPs) developing the underlying technology for the incoming EU Digital Identity (EUDI) framework for wallets, and has released a working demo.

In a blog post, Yubico’s Stina Ehrensvard says the company has been invited to join as an associate partner in the EU Digital Identity Wallet Consortium, or EWC, an LSP co-founded by agencies of the Swedish government including the Agency for Digital Government, to codify digital wallet frameworks in anticipation of the rollout of eIDAS 2.0 in 2025-26. The Finnish Ministry of Finance is also helping coordinate the project.

The goal of the EUDI wallet LSPs is to develop and demonstrate an architecture for digital wallets that gives the user comprehensive control over where and with whom their personal data is being shared, while remaining compliant with the European Digital Identity Wallet Architecture and Reference Framework, independent of major smartphone and platform providers, secure, and user-friendly.

Yubico will support ECW’s specific use case of a wallet for which multiple entities require shared control. “This is sometimes referred to as an ‘organizational wallet’ or a ‘legal person wallet’,” Ehrensvard writes. “The goal is to then develop more use cases across government and commercial services where users cannot or do not want to rely on a mobile platform.” It will draw on research conducted in collaboration with Greek Universities Network, around adding FIDO-based authentication and encryption to the latter’s open source web-based ID wallet.

Yubico, which manufactures its FIDO security keys near its offices in Sweden and the U.S., says that FIDO security keys can play a crucial role in user authentication and securing identity wallets. “A wallet’s contents can be encrypted and decrypted using cryptographic keys derived from secrets bound to the secure hardware of a FIDO security key,” Ehrensvard explains. “Additional security keys can be added to protect an individual’s wallet as a backup, or users sharing an organizational wallet can use their own FIDO security key to access that wallet.”

The long and short of it is that the secure external hardware key can load a digital wallet on a device as a web application independent of the mobile platform, with no other client application required. “This means citizens are truly in control of their own identity, without any dependencies on app store politics or vendor locks,” Ehrensvard writes. It also means less dependency on the tech giants of Silicon Valley – a stated desire of the European Commission, which has set 2026 as the deadline to  enable all EU citizens with systemically interoperable EUDI wallets.

Yubico’s working demo is online and the source is published under a BSD-2 license on GitHub.

Article Topics

digital wallets  |  eIDAS  |  EU Digital Identity Wallet  |  EU Digital Identity Wallet Consortium (EWC)  |  FIDO2  |  pilot project  |  wwWallet  |  Yubico