The EU is developing an EU Digital Identity Wallet that will standardize digital identity across Europe. The wallet will be mandated for acceptance by public and private sectors. It restricts third party digital identity services and data custodians. While aiming to harmonize digital identity, it may fragment the landscape due to different national implementations. Banks and other organizations should prepare for its impact on digital identity and data management in Europe.

1. The “battle of the wallets” reignited
How the EU Digital Identity Wallet opens up new opportunities for the financial sector

2. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
2
3 reasons to understand the development of the EU Digital Identity
Wallet and prepare for its impact
The EU Digital Identity Wallet puts significant restrictions on digital identity and/or data custodian services
1

3. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
3
Why an EU Digital Identity Wallet?
Interoperability of eID schemes
• EU citizens can access public services from other member
states with a national eID connected to eIDAS network
• Each member state is responsible for own eID scheme
Trust services regulation
• Introduction of standards for how electronic signatures,
qualified digital certificates, electronic seals, timestamps
can be used with the same legal status as paper based
agreements
TWO PILLARS OF EIDAS1
Source: Study to support impact assessment eIDAS revision

4. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
4
eIDAS2 proposal introduces an EU Digital Identity Wallet
Member States will be mandated to provide citizens
with a common EU Digital Identity Wallet
Key characteristics:
• Harmonised, common user interface
• Built on consumer consent and maximum privacy
• Open for various types of credentials/attributes
• Allowing freedom of set-up and implementation for
member states
Main features for EU citizens:
• Securely request and obtain, store, select, combine,
restrict and share identity attributes
• Sign with electronic signature
• Both for online and offline use
• Acceptance will be widely mandated
EUROPEAN DIGITAL IDENTITY WALLET
Source: European Commission – European Digital Identity

5. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
5
In the future, Digital Identity will be organised by the EU Digital
Identity Wallet
Onboarding as a
Service
Offer service (with
varying levels of
assurance) to relying
parties who cannot or
do not wish to store
and process customer
data
1
Bank as Identity & Data Provider (‘Data Custodian‘)
Retailer B
Log in with
Email
Password
Login
Bank
Or
Authentication as
a Service
Offer service to relying
parties who cannot or
do not wish to
maintain their own
identity and access
management
2
Or
BANK A
Agree Don’t agree
Age
Diploma
Name
Address
wallet
Attribute Sharing
(‘static data’)
Offer “data wallet”
enabling customer-
controlled access to
share verified claims
about core and
related ID attributes
with relying parties
Save
4
Consent Mgmt
(‘dynamic data’)
Offer consent mgt.
service and
dashboard (single
point of control)
enabling controlled
and transparent cross-
sectoral data sharing
My data
Data transaction overview
September 2020
Amazon
Authorised on 27 Sept
Access active
Allianz
Authorised on 18 Sept
Access active
Instagram
Authorised on 3 Sept
Access expired
August 2020
Epic games
One-off access on 23 Aug
Access expired
ING
One-off access on 5 Aug
Access expired
BANK
5
Digital signing
Service
Offer service for
digitally signing
contracts, agreements
and other relevant
documents
3
Source: INNOPAY analysis
EU eID

6. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
6
Deadline for implementation could be somewhere in 2024
Timelines are very ambitious, but work is well on the way
2021 2022 2023 2024 2025
Source: European Commission Recommendation on common Union Toolbox, Dutch government, INNOPAY Analysis
Piloting (use cases)
Roll-out (prepare infrastructure)
15 months
Q1. ’23: Agreement on toolbox &
ARF between the Member States
End 2023: Deadline for
implementation by
Member States
12 months
Prep.
TODAY
Q4 ’22: Publishing of the toolbox & ARF
Draft outline toolbox
6 months
9 months
18 months
Legislative negotiations
Architecture and reference framework

7. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
7
Through the development of a ‘common toolbox’,
interoperability of wallets across Member States is realised
1. Provision and exchange of
identity attributes
2. Functionality and security
of the EU Digital Identity
Wallets
3. Reliance on the European
Digital Identity Wallet
including identity matching
4. Governance
Source: European Commission Recommendation on common Union Toolbox
• User functionalities
• Minimum list of attributes from authentic sources
COMMON TOOLBOX COVERS: EXAMPLE TOPICS COVERED
• Mechanisms for verifying validity
• Verification procedures
• Notification of relying parties and verification of their
authenticity
• Certification
• Level of assurance
• Interfaces and protocols

8. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
8
The approach taken by the commission will likely result in a
fragmented landscape, due to different national perspectives
Classifications for public perspective on
private identity solutions
Closed to private
Neutral to private
Open to private
• Each Member State has three options for offering
the EU Identity Wallet:
1. Government-operated
2. Outsourced
3. Recognition of market solutions
• Only in countries with a recognition approach,
market players can still play a role in the Digital
Identity landscape, but terms and conditions of the
recognition are Member State determined
• The toolbox and architecture and reference
framework provide a certain level of harmonisation
but leave room for Member State choices and
options

9. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
9
3 reasons to understand the development of the EU Digital Identity
Wallet and prepare for its impact
The EU Digital Identity Wallet comes with mandated acceptance
2
The EU Digital Identity Wallet puts significant restrictions on digital identity and/or data custodian services
1

10. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
10
Sectors and platforms in the private domain will be required to
accept the wallet for authentication to stimulate adoption
Public services
Transport
Energy
Banking &
financial
services
Social security
Health
Drinking water
Postal services
Digital
infrastructure
Education
Telecom
*Very Large
Online Platforms
EU eID
*as defined in the Digital Services Act art. 25.1
Art 12b
pt 2,3
PROPOSED AMENDMENT OF EIDAS REGULATION (JUNE 2021)
What does ‘accept’ mean in
a banking & financial
services context?

11. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
11
In the future, Digital Identity will be organised by the EU Digital
Identity Wallet
Onboarding as a
Service
Offer service (with
varying levels of
assurance) to relying
parties who cannot or
do not wish to store
and process customer
data
1
Bank as Identity & Data Provider (‘Data Custodian‘)
Retailer B
Log in with
Email
Password
Login
Bank
Or
Authentication as
a Service
Offer service to relying
parties who cannot or
do not wish to
maintain their own
identity and access
management
2
Or
BANK A
Agree Don’t agree
Age
Diploma
Name
Address
wallet
Attribute Sharing
(‘static data’)
Offer “data wallet”
enabling customer-
controlled access to
share verified claims
about core and
related ID attributes
with relying parties
Save
4
Consent Mgmt
(‘dynamic data’)
Offer consent mgt.
service and
dashboard (single
point of control)
enabling controlled
and transparent cross-
sectoral data sharing
My data
Data transaction overview
September 2020
Amazon
Authorised on 27 Sept
Access active
Allianz
Authorised on 18 Sept
Access active
Instagram
Authorised on 3 Sept
Access expired
August 2020
Epic games
One-off access on 23 Aug
Access expired
ING
One-off access on 5 Aug
Access expired
BANK
5
Digital signing
Service
Offer service for
digitally signing
contracts, agreements
and other relevant
documents
3
Source: INNOPAY analysis
EU eID
Does ‘accept’ mean SCA in
PSD2 sense, with dynamic
linking? We don’t think so

12. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
12
3 reasons to understand the development of the EU Digital Identity
Wallet and prepare for its impact
The EU Digital Identity Wallet is not limited to identity…
3
The EU Digital Identity Wallet comes with mandated acceptance
2
The EU Digital Identity Wallet puts significant restrictions on digital identity and/or data custodian services
1

13. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
13
Asset custodian can be next step – can the bank app or crypto
wallet become a recognised EU Digital Identity Wallet?
Source: INNOPAY analysis
Onboarding as a
Service
Offer service (with
varying levels of
assurance) to relying
parties who cannot or
do not wish to store
and process customer
data
Digital signing
Service
Offer service for
digitally signing
contracts, agreements
and other relevant
documents
Assets & CBDC
?
Consent Mgmt
(‘dynamic data’)
Offer consent mgt.
service and
dashboard (single
point of control)
enabling controlled
and transparent cross-
sectoral data sharing
BANK A
Agree Don’t agree
Age
Diploma
Name
Address
wallet
My data
Data transaction overview
September 2020
Amazon
Authorised on 27 Sept
Access active
Allianz
Authorised on 18 Sept
Access active
Instagram
Authorised on 3 Sept
Access expired
August 2020
Epic games
One-off access on 23 Aug
Access expired
ING
One-off access on 5 Aug
Access expired
BANK
Retailer B
Log in with
Email
Password
Login
Bank
Or
Attribute Sharing
(‘static data’)
Offer “data wallet”
enabling customer-
controlled access to
share verified claims
about core and
related ID attributes
with relying parties
Authentication as
a Service
Offer service to relying
parties who cannot or
do not wish to
maintain their own
identity and access
management
1 2 ?
Bank as Identity & Data Provider (‘Data Custodian‘)
Save
Or
5
4
EU eID
Asset Custodian
3

14. The “battle of the wallets” reignited. 31 March 2022. © INNOPAY BV. All rights reserved.
14
3 reasons to understand the development of the EU Digital Identity
Wallet and prepare for its impact
The EU Digital Identity Wallet is not limited to identity…
3
The EU Digital Identity Wallet comes with mandated acceptance
2
The EU Digital Identity Wallet puts significant restrictions on digital identity and/or data custodian services
1

15. Vincent Jansen
Partner
vincent.jansen@innopay.com
+31 6 42 10 20 58