EUDI Wallet Guide
Understanding the European Digital Identity Framework
A comprehensive guide to the EUDI Wallet architecture, protocols, and Hungarian implementation.
Table of Contents
Introduction
The European Commission has established the European Digital Identity (EUDI) under the eIDAS 2.0 framework, with the European Digital Identity Wallet (EUDI Wallet) as its key element. The goal is to create an interoperable digital identification and authentication infrastructure that provides high security, data protection, and user control for all EU citizens.
The wallet architecture, applicable protocols, and mandatory formats are specified by the eIDAS 2.0 regulation, its associated Implementing Acts, and the EUDI Wallet Architecture and Reference Framework (ARF).
The Hungarian solution, the digital data wallet developed as part of the DÁP application and its eIdentification service, builds on EUDI Wallet compatible elements. Following the finalization of European regulations and the compatible update of the Hungarian solution, it will function as an audited EUDI Wallet solution.
1. eIDAS 2.0 and EUDI Wallet Regulation
The goal of eIDAS 2.0 is to build a unified European digital identity framework. Member states must provide at least one EUDI Wallet solution capable of managing identity documents, qualifications, entitlements, and other authentication data.
The eIDAS 2.0 regulatory framework is based on Regulation 2024/1183 published in 2024, which is accompanied by several implementing regulations and a reference architecture description (ARF) that outlines the technical solution concept.
The regulation cannot yet be considered final in several respects, as the underlying standards are frequently changing, and several EU-level Large Scale Pilot projects are underway, the results of which will be incorporated into the regulation.
2. EUDI Wallet Architecture and Reference Framework (ARF)
The ARF defines the technical, functional, and security frameworks of the digital wallet. The latest version of the ARF at the time of writing is 2.7.3, which has been updated in accordance with the implementing regulations.
Key ARF Requirements:
- Role model: Issuer, Holder, Verifier, Wallet Provider, Attestation Authorities
- Security layer: TEE/SE usage, wallet attestation, PoP (proof-of-possession)
- User-centric approach: data minimization, selective disclosure
3. Applicable Open Standards
The EUDI Wallet is based on several international standards:
OpenID4VC
OID4VCI, OID4VP, SIOPv2 - Core presentation protocols
SD-JWT
Selective Disclosure JWT for privacy-preserving claims
ISO/IEC 18013-5
mDL / mDOC - mobile driver's license framework
W3C Verifiable Credentials
Standard format for digital credentials
3.1 OpenID for Verifiable Credentials (OpenID4VC)
The backbone of the entire EUDI wallet ecosystem. Three main components:
- OID4VCI - Credential Issuance
- OID4VP - Verifiable Presentation
- SIOPv2 - Self-issued identity standard
OpenID4VP has evolved through multiple drafts (9-22) with significant improvements including SD-JWT support, unlinkability improvements, multiple credential formats, and DID compatibility. Version 1.0 Final (2025) includes EUDI harmonized profile and W3C Digital Credentials API support.
One way to avoid development and tracking tasks arising from standard changes is to use a market SDK solution. TrustID Solutions currently offers a publicly available and tested solution for integration with DÁP eIdentification.
3.2 SD-JWT - Selective Disclosure JWT
Allows users to show only the necessary attributes (e.g., "18+") while hiding the rest.
Use Cases:
- Online KYC verification
- Age verification (18+, 65+)
- Offline/online entitlement proofs (e.g., student status)
3.3 ISO/IEC 18013-5 & MSO/MDOC Standard
ISO/IEC 18013-5 defines the interoperable model for mobile driver's licenses (mDL). The more general ISO/IEC 23220 (mDoc) and MSO (Mobile Security Object) structure form the basis for many EUDI proof formats.
Key mDoc Elements:
- MSO (Mobile Security Object): signed structure containing the attributes
- Device Engagement: connection via NFC, BLE, or QR
- Device Authentication: elliptic curve PoP signature
- Data Minimization: only necessary mdoc name groups can be sent
The EU Implementing Acts name the mDoc model as mandatory to support for certain attribute types. Many verification processes requiring physical presence (e.g., border crossing, driver's license verification) require NFC/BLE-based mDL/mDoc proximity channels.
4. Proximity Presentation - Close-Range Presentation Mode
Proximity presentation is a verification presentation mode that assumes physical proximity, primarily used for border crossings, police checks, driver's license presentation, and healthcare or transportation control processes.
How it Works:
- Device Engagement - connection via NFC or BLE using QR code, BLE broadcast, or NFC tap
- mDoc Presentation - mobile device sends the presentation over an encrypted channel with proximity binding
- Verifier verification - signature verification, MSO authentication, selective disclosure compliance
EUDI Wallet Requirements in Proximity Mode:
- Proof-of-possession usage is mandatory
- Must support: BLE, NFC, QR call path
- Must support mDoc format (ISO 18013-5/7)
- User consent is mandatory for every presentation
5. Hungary - Digital Citizenship Program (DÁP)
The Hungarian Digital Wallet builds on EUDI Wallet compatible solution foundations. Based on information provided by Idomsoft, it supports or will support:
- OID4VCI (issuance)
- Online data transfer implemented according to OpenID4VP standard in SD-JWT format
- ISO/IEC 18013-5 mDL/mDoc proximity presentation mode
- Wallet Attestation mechanisms
The domestic implementation will align with the final EUDI regulations, therefore future updates are expected.
Want to connect to the eIdentification service?
Read our detailed developer guide for integration.