EUDI Architecture and Reference Framework
Introduzione:
È stata pubblicata la prima versione dell’Architecture and Reference Framework (ARF) elaborata dal gruppo di esperti eIDAS sotto la guida della Commissione Europea. Il documento contiene concetti basati sulla proposta legislativa eIDAS 2.0 della Commissione e fornisce requisiti, raccomandazioni e specifiche per l’European Digital Identity (EUDI) Wallet.
Mentre l’eIDAS 2.0 è ancora in fase di elaborazione legislativa, la Commissione europea prepara il quadro di riferimento per l’implementazione dell’EUDI Wallet. Si prevede che entro il primo/secondo trimestre del 2023 il codice dell’EUDI Wallet sarà disponibile come open source per il riutilizzo da parte degli Stati membri e delle parti interessate in tutta Europa. Lo sviluppo della soluzione e di altri componenti rilevanti, così come i servizi di supporto, sono stati assegnati a Netcompany- Intrasoft S.A. e Scytales AB.
____________
Articolo in lingua inglese
Who are the early adopters of the EUDI Wallet and how they interplay with the ARF?
The first implementers will be the projects selected by the European Commission to carry out Large Scale Pilots (LSPs), following a call for proposals. 4 Consortia have been awarded for co-funding to support the development of the EUDI Wallet and to pilot its usage across a several priority use cases.
| EUDI Wallet Consortium (EWC) | NOBID | POTENTIAL | DC4EU | |
| Use cases | Mobile Travel Payments Organizational Digital Identity (ODI) | Payments issuance and acceptance | SIM eRegistration Account opening eDriving license eGov services ePrescription eSignature | Educational Credentials and Professional Qualifications Social Security |
| Countries | All EU countries, Norway, UK, Ukraine | Denmark, Germany, Iceland, Italy, Latvia, Norway | 19 EU countries, Ukraine | 22 EU countries, Ukraine |
| Participants | Over 60, private and public sector | Private and public sector | Private and public sector | Private and public sector |
| Coordinators | Swedish and Finnish government authorities | Norway government authority | German and France government authorities | Spain – Ministry of Economic Affairs and Digital Transformation |
| website | https://eudiwalletconsortium.org/ | https://www.nobidconsortium.com/ | https://www.digital-identity-wallet.eu/ | https://www.dc4eu.eu/ |
The ARF will be used by the LSPs to inform and guide the design and architecture development of the Wallet, taking into account existing notified eIDs, use cases specificities in the cross-border context.
ARF Summary
While you can download the full ARF document from this LINK, here are the actors of the EUDI Wallet as defined by eIDAS 2.0:
The document describes the lifecycle of three core objects: EUDI Wallet solution, PID and EUDI Wallet Instance. The EUDI Wallet Solution is the entire product and service offered owned by a EUDI Wallet Provider, while the EUDI Wallet Instance is a personal instance of a EUDI Wallet Solution that belongs to and is controlled by a User. The EUDI Wallet Instance can have two status – Operational (which not necessarily requires the PID and can be used for storing loyalty cards, non-personalized tickets or any other non-binding attestation) and Valid (used for EUDI specific functions, tied to a valid PID). This first version excludes a Cloud EUDI Wallet instance.
Who can benefit from eIDAS 2.0?
First and foremost the EU citizens will benefit from the new digital identity framework. We, citizens, are at the center of digital transformation, with digital technology benefiting all individuals, businesses, and society as a whole. As stated by the European Declaration on Digital Rights and Principles, signed by the Member States, the European Parliament and the Commission, digital sovereignty, respect of fundamental rights, rule of law and democracy are at the core of eIDAS 2.0 and EUDI Wallet ecosystem. Digital freedom, privacy, access to public and private services in a highly secure and trusted way are essential for our society’s future.
The EUDI Wallet will bring a massive change in the trust model:
– we trust the private and public organizations we decide to share our personal data with: Trust Services Providers and Relying Parties/Verifiers are approved to connect their services to the EUDI Wallet, they have been verified and authorized by a governance authority to request only specific set of data for the purpose of providing their services;
– the organizations that need to verify our data have the certainty that the data we provide through the EUDI Wallet is real and accurate, and that we are entitled to get access to specific services;
– the whole ecosystem has a clear governance, respecting privacy-by-design principle and data minimization.
eIDAS 2.0 will empower stakeholders to build better products and services at lower cost, while safeguarding homo digitalis.
There is a lot to digest and many apparently disparate facts and developments involving eIDAS 2.0. If you or your organization needs a better understanding on how your services might be impacted, how to become compliant with the latest regulatory requirements, what new services may be deployed based on EUDI Wallet, or how to combine all the technology and standards pieces of the digital identity puzzle, please write to: eidas2consulting@intesigroup.com. We would be happy to guide and support you.
LATER UPDATE:
The European Commission has published the EU Digital Identity Project on GitHub at the following address: https://github.com/eu-digital-identity-wallet
By Viky Manaila