Demo of the EUDI wallet app: what the digital wallet can already do
The state EUDI wallet app is set to launch at the end of 2026. A current prototype already reflects key concept decisions made by the German government.
When it comes to digitalization, the German government's hopes are pinned on the EUDI Wallet app: the digital wallet should make online identification much easier. The German government wants to make the application available in the Apple and Google stores by the end of 2026 or early 2027 at the latest. The Federal Agency for Leap Innovations (Sprind) is responsible for the development. Sprind demonstrated a current prototype to c't at the re:publica internet conference.
Videos by heise
According to Sprind, this is based on the open-source code of a reference implementation of the EU Commission. Components of the German wallet such as the architecture, code, and user interface will also be fully disclosed, explained a Sprind spokesperson. The user interface of the current version is preliminary, but the app has a “real, fully functional wallet backend that performs cryptographic operations”.
The current prototype can read the ID card via NFC, import signed ID card data from an issuer such as Bundesdruckerei and store it locally on the smartphone.
Last summer, the German government opted for signed ID card data instead of the “secure channel” method favored by data protectionists, which is known from the electronic ID card. One of the reasons it gave for this was the better interoperability of the variant with signed data.
Multiple wallet apps possible
Sprind explained to c't how you can use the app to identify yourself to a bank online. The first step is to select which EUDI wallet app you want to use (see video). This is because the German government also wants to allow EUDI wallet apps from private providers that meet the security requirements. In theory, several such apps could be installed, for example those from smartphone manufacturers in addition to the government version.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externes Video (TargetVideo GmbH) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (TargetVideo GmbH) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
In the next step, the app selected by the user shows which ID data the bank requests. To achieve this, the bank must register in advance as a relying party and may only request the data specified.
To authenticate themselves in this use case, the user must enter their six-digit PIN for the wallet app. Authentication via Face ID or fingerprint is not possible, as the wallet app does not rely on the smartphone's security mechanisms to manage cryptographic key material. Instead, the user's keys are managed in a hardware security module in the cloud.
The last step is to release the ID card data. Unlike previous online ID cards, the ID card does not have to be read again via NFC. In the future, the EUDI Wallet app will be able to contain not only ID card data but also driving licenses and, in the future, numerous other forms of proof. According to Sprind, a payment function is also being planned.
(cwo)
