Mandatory EUDI Wallet: what citizens, public administrations and companies need to know (I)​

It is May 2026, and the European Union’s digital landscape has reached a point of no return. After years of regulatory and technical development, the European Digital Identity Wallet (EUDI Wallet) is now a tangible reality for millions of Europeans.

This tool is not just a mobile application; it is a secure ecosystem that enables citizens and companies to store and share identity credentials in a sovereign way, removes dependence on insecure passwords, and facilitates cross-border procedures with a single click.

The implementation of this framework has been gradual but steady. Following the adoption of technical standards at the end of 2024, 2025 focused on pilot testing, which is now bearing fruit. This year marks a critical milestone: the mandatory requirement for all public administrations to accept the digital wallet as a valid means of identification.

The next step is just around the corner: in 2027, this obligation will be extended to critical private-sector services and large digital platforms. For citizens and organisations, this means not only complying with a regulation, but embracing a new standard of efficiency, security and interoperability that redefines trust in the Digital Single Market.

In view of the imminent rollout of this new framework, it is more necessary than ever to promote initiatives capable of supporting its adoption from a technical, secure and user-centred perspective. This is where TrustED comes in: a European alliance working on self-sovereign digital identity technologies, verifiable credentials and advanced privacy solutions to enable more trustworthy, interoperable digital services aligned with the EUDI Wallet ecosystem, eIDAS2 and the GDPR.

Key dates for the adoption of the EUDI Wallet

Since the entry into force of the revised eIDAS Regulation, Regulation (EU) 2024/1183, the European Union has followed a strict roadmap for the digitalisation of identity:

2024:

20 May 2024: Official entry into force of Regulation (EU) 2024/1183 establishing the European Digital Identity Framework.

September 2024: Member States begin integrating the core functions of the digital wallet, the EUDI Wallet.

21 November 2024: Deadline for the European Commission to adopt the first implementing acts defining the wallet’s technical specifications, protocols and security standards.

2025:

Large-scale pilot testing period, including initiatives such as POTENTIAL, EWC, NOBID and DC4EU, to validate use cases such as mobile driving licences, payments and educational credentials.

2026:

September 2026: Final deadline for all trust service providers to fully comply with the new framework and for mass deployment across the EU to be completed.

24 December 2026: All Member States must be in a position to provide at least one EUDI Wallet to their citizens. The mandatory acceptance requirement for public administrations comes into force.

2027:

The mandatory acceptance requirement comes into force for private companies offering critical services, such as banking, energy, transport and healthcare, as well as those considered Very Large Online Platforms.

2030:

Digital Decade target: 80% of citizens actively using the EU digital wallet.

How the EUDI Wallet works

The EUDI Wallet acts as a secure container for digital “objects” with legal validity. Unlike traditional systems, the wallet enables three key functions:

Authentication: Identifying oneself unequivocally before public and private services, both online and offline, for example through QR codes.

Qualified electronic signature: The wallet enables citizens to sign documents with the highest level of legal validity, free of charge for non-professional use.

Credential verification: Storing and presenting verified attributes such as driving licences, university degrees or medical certificates.

What services will it enable?

The greatest advance brought by the EUDI Wallet is data sovereignty. Thanks to techniques such as selective disclosure and zero-knowledge proofs, users can prove that they are of legal age without having to reveal their exact date of birth or name. In addition, the regulation guarantees unlinkability: wallet providers cannot track user behaviour or see which services users interact with. This ensures a level of privacy that today’s technology giants do not offer.

On the other hand, what will be most relevant for the average citizen is that the EUDI Wallet will make it possible to securely identify and authenticate themselves before public and private services across the EU, including offline scenarios where applicable. It will also facilitate the exchange of virtually any identity data and verified attributes, such as qualifications, permits or proof of bank account ownership, all under the user’s control.

What benefits does its use bring?

The most visible benefit is that digital identity will no longer depend on passwords and repetitive registration processes, but on an interoperable mechanism recognised across the Single Market. This reduces friction in administrative procedures, facilitates cross-border access to services and, at the same time, improves privacy because the architecture promotes data minimisation and gives users control over what they share and with whom. In parallel, by standardising the verification of identity and attributes, it reduces the operational cost of issuing and verifying any type of electronic attestation of attributes.

What risks arise if it is not implemented correctly?

If implementation is not carried out properly, there are three main risks:

Failure to achieve real interoperability between the different countries of the European Union and their various regulatory frameworks, since interoperability is the main incentive for the wallet’s mass adoption.

Turning the wallet into a point of exposure: security flaws or poor practices could lead to breaches, impersonation or identity manipulation, with reputational and operational impact.

Regulatory non-compliance, if principles such as logical separation of data, minimisation and privacy by design are not respected, since the eIDAS2 framework explicitly relies on safeguards aligned with the GDPR and on technical requirements aimed at preventing undue traceability or correlation of use without the user’s authorisation.

TrustED and Gradiant: facilitating the transition

As we have seen, the EUDI Wallet is a milestone in the way citizens, public administrations and companies manage digital identity in Europe. Its adoption will make it possible to identify oneself, sign documents and share verified credentials in a more secure and interoperable way. But this is not its only advantage: it will also drive a new model of digital trust based on privacy, data sovereignty and compliance with the eIDAS2 framework.

What matters most at this stage is being prepared for its integration. This is the only way to reduce friction, avoid security risks and prevent regulatory non-compliance. It is also the way to make the most of all the opportunities opened up by European digital identity in public services, critical sectors and digital platforms.

This is the context for the work we are carrying out in TrustED, an initiative designed to facilitate this transition through self-sovereign digital identity technologies, verifiable credentials and advanced privacy. With solutions aligned with the EUDI Wallet ecosystem, eIDAS2 and the GDPR, TrustED contributes to building more interoperable, secure and user-centred digital services, especially in environments such as data spaces.

This article was originally published on: Mandatory EUDI Wallet: what citizens, public administrations and companies need to know (I)​ – TrustED

This project has received funding from the European Union’s Horizon Europe research and innovation programme under grant agreement No. 101168467