EWC provides update on EU’s business wallets

The European Business Wallet has entered the focus of attention since it was named a part of the European Union’s Competitiveness Compass, a scheme that aims to help the continent keep pace with global digitalization trends.

Last week, the EU Digital Identity Wallet Consortium (EWC) provided its latest update on developing business wallets, designed for legal persons or organizations. The consortium is running one of the EU Digital Identity (EUDI) wallet’s large-scale pilots, developing use cases for travel, payments and organizational digital identity.

The consortium is currently working on defining legal person wallet requirements and architecture and an identifier called Legal Person Identification Data (LPID), sometimes referred to as organizational digital identity (ODI).

“Unlike natural persons, legal persons often require a wallet solution that can be accessed from internal systems in the server environment,” says Andriana Prentza, professor at the University of Piraeus. “But for a legal person’s wallet to be valid, it all starts with the business registers issuing the LPID to the business wallet.”

Aside from approximately 80 participating organizations, including Visa, Digidentity, Amadeus, and Yubico, the EWC has been collaborating with business registries on creating business wallets.

The organization has also been working on defining data schemas for legal person attestations as well as piloting the business wallet in B2B and B2G business scenarios, explains Prentza.

The pilots include public procurement, new business partner onboarding, opening a bank account for a business (KYC), creating a company branch in another country, supplier verification in eInvoicing and domain holder verification by a domain registry. The procurement pilot, for instance, automated processes by sharing verifiable credentials with public and private buyers across borders, streamlining identity verification and the exchange of Know Your Supplier (KYS) documents for businesses.

“By introducing a system where companies can utilize their usable digital identity stored in their digital wallets, the need for repeated identity verification during KYS processes can be greatly reduced,” says Prentza.

Lal Chandran, on the other hand, dived deeper into the high-level architecture of business wallets.

The Co-founder and CTO of iGrant.io, a wallet provider in the EWC, explained that the wallet will include typical functions like authentication, authorization and mechanisms to ensure control access, displaying verifiable credentials for any business transaction.

“Unlike individual role wallets, business wallets require user management because it is not just one user that is responsible for the business wallet,” he says. “It may have many users that are responsible for managing and they may require organizations to assign different roles and permissions at any given point of time.”

Chandran also laid out the key requirements for business wallets, including defining where and how the wallet is accessed, how security and cryptographic keys are managed, how users will interact with the wallet (UI), how the wallet will connect to external devices and whether it will rely on physical security devices or go fully digital.

“Business wallets normally cannot exist in isolation mode, so they must work alongside personal wallets,” adds Florin Coptil, a digital identities expert at Bosch.

Business wallets will have many benefits, including ensuring secure and standardized interactions between organizations and individuals and improving data accuracy which helps ensure compliance and stronger interoperability.

But there is still more work to be done. Among the challenges is LPID validation and issuing, including how the enterprise attribute attestation, in combination with an LPID, will be accepted by relying parties, says Coptil. Currently, there is also no standardized process for relying parties to validate data, conduct authorization checks and establish liability assurance.

“We want these relying party wallets to remain schema-agnostic, to handle different protocols, different signatures, different trust models across all the use cases,” he says. “If we overcome these three barriers that are specified, then we can unlock the full potentials of the business wallets.”

Article Topics

digital identity  |  digital wallets  |  EU Digital Identity Wallet  |  EU Digital Identity Wallet Consortium (EWC)  |  European Business Wallet  |  KYB  |  KYC  |  Legal Person Identification Data (LPID)  |  onboarding