The EU Digital Identity Wallet, explained for developers

The EU Digital Identity Wallet (often shortened to EUDI Wallet) is a mobile app, issued or recognised by each EU member state, that lets a citizen prove who they are and sign documents electronically anywhere in the Union. It is the headline addition of the 2024 revision of eIDAS — the regulation commonly called eIDAS 2.0 — and it turns the EU's existing trust framework into something a person carries in their pocket.

For developers, the wallet matters for a practical reason: it will become a common source of the signed documents and identity attestations your systems receive. Knowing what it produces — and how to check those outputs are genuine — is the difference between trusting a wallet because it looks official and trusting it because you validated it.

What the wallet actually is

eIDAS 2.0 (Regulation (EU) 2024/1183) amends the original eIDAS regulation and requires every member state to make a Digital Identity Wallet available to its citizens and residents. The wallets are issued under national schemes but built to a common technical specification, so a wallet issued in one country is accepted across the others — the same cross-border recognition principle that has governed qualified signatures since 2016.

A wallet holds two broad kinds of thing:

• Identity data — a person's verified attributes, issued as electronic attestations of attributes (the regulation's term for verifiable credentials): name, date of birth, and domain-specific claims such as a diploma, a professional licence or a driving entitlement.
• The ability to sign — the wallet can create electronic signatures on behalf of its holder, including, for natural persons, qualified electronic signatures.

That second point is the one most often missed. The wallet is not only an identity card; it is a signing device.

What the wallet produces — and why you still validate it

When a wallet user signs a document, the result is an ordinary eIDAS signature in one of the standard formats — PAdES inside a PDF, or an XAdES/CAdES signature in a container. The wallet does not invent a new file type. What changes is the *origin* of the signing certificate: it traces back to a qualified trust service provider operating under a member state's scheme.

This is exactly why a wallet-produced signature still has to be validated the same way any other signature is. The fact that a file came "from a wallet" is a claim, not a proof. To establish that a signature is genuine and qualified, a validator has to:

• confirm the signed bytes have not changed since signing (integrity);
• build the certificate chain to a trusted root;
• check the certificate was not revoked, via OCSP or a CRL;
• confirm the signing certificate chains to a provider listed on the relevant national trusted list, indexed by the EU List of Trusted Lists.

Only the last step lets you say a signature is a QES rather than merely "signed in an app". A wallet makes signing easier for the citizen; it does not remove the validation work on the receiving end. If anything, it increases it — more documents will arrive already signed, and each one carries a legal weight that depends entirely on whether the trust chain checks out.

What eIDAS 2.0 adds beyond the wallet

The wallet is the visible part of a broader expansion. The 2024 revision also:

• introduces electronic attestation of attributes as a regulated trust service, so claims like "is over 18" or "holds this qualification" can be issued and verified with the same legal footing as a signature;
• extends the trust framework to new services such as electronic ledgers and remote signature creation;
• keeps the three signature levels — SES, AdES and QES — unchanged. The validation model you already build against does not move; the wallet plugs into it.

For a primer on those levels and how validation works end to end, the complete eIDAS guide covers SES, AdES and QES, certificate validation, and the trusted-list mechanism in plain language.

What this means for your integration

If you receive signed documents from EU citizens — onboarding paperwork, signed contracts, mandates, claims — wallet adoption changes the volume and consistency of what arrives, not the way you check it. The sensible position is to validate every signed document against the live trusted lists regardless of how it was produced, and to read back the eIDAS level rather than assume it.

That is what the Sealium validation API does in a single call: send the document, get back who signed it, when, with what certificate, and whether the signature is a QES — as a structured, audit-ready report. Wallet-signed or not, the answer comes from the same place: the EU trust framework, checked on every request.

FAQ

Is the EU Digital Identity Wallet mandatory? Member states are required to offer a wallet to their citizens and residents; using one is voluntary for individuals. Relying parties in certain regulated sectors are expected to accept wallets where they are used, but a citizen is never forced to hold one.

Does the wallet replace qualified electronic signatures? No. It is a way to *create* them. A signature made with the wallet is still a QES, AdES or SES under the same eIDAS definitions, and is validated the same way.

Can I trust a document just because it came from a wallet? Not on that basis alone. The wallet makes the signature convenient to produce, but its legal weight depends on the certificate chain and trusted-list status — which you confirm by validating the signature, not by trusting the app it came from.

What signature formats does a wallet produce? Standard eIDAS formats — typically PAdES for PDFs, and XAdES or CAdES for XML and container-based documents. There is no wallet-specific file type to support.