eIDAS 2.0 and the European Digital Identity Wallet (EUDI Wallet)
The eIDAS 2.0 turning point: a structuring regulation
eIDAS 2.0 — which can be read as "European rules on electronic identification, version 2" — is not a mere update. It is a complete redefinition of the European framework for digital identity, moving from a logic of mutual recognition between national systems to a logic of a single wallet under citizen control.
Regulation (EU) 2024/1183, published in the EU Official Journal on April 30, 2024 and in force since May 20, 2024, amends Regulation (EU) No 910/2014. It requires every Member State to provide an EUDI Wallet compliant with the technical specifications of the Architecture Reference Framework (ARF, the reference architecture framework) published by the European Commission. Member States retain operational control, but interoperability is total: a wallet issued by France Identité must work in Germany, Spain, Poland, or Lithuania.
::: callout-info In brief
- Regulation (EU) 2024/1183, in force since May 20, 2024
- EUDI Wallet available in every Member State no later than the end of 2026
- 3 assurance levels retained: low, substantial, high
- Mandatory acceptance by regulated relying parties (banks, telecoms, platforms) from 2027
- Target: 80% adoption by citizens and businesses by 2030 (European Commission)
:::
eIDAS 2.0 timeline: the 2025-2027 milestones
The timeline published by the European Commission in its successive implementing acts articulates seven key milestones.
| Date | Milestone | Source |
|---|---|---|
| May 20, 2024 | Entry into force of Regulation (EU) 2024/1183 | EUR-Lex 32024R1183 |
| September 2024 | Launch of the EUDI Wallet's core functions | EU Commission implementing act |
| November 21, 2024 | Adoption of the final implementing acts | EU Commission |
| End of 2025 | Rollout of qualified trust services | EU Commission implementing act |
| End of 2026 (December) | Mandatory availability of at least one wallet per Member State | Regulation (EU) 2024/1183, art. 5a |
| 2027 | Mandatory acceptance by regulated relying parties | Regulation (EU) 2024/1183 |
| 2030 | Target of 80% adoption by citizens and businesses | EU Digital Strategy |
The ANSSI (Agence nationale de la sécurité des systèmes d'information, the French cybersecurity agency) coordinates the national rollout of this timeline in France. The public wallet France Identité will be complemented by private initiatives notified at European level, including Docaposte and several qualified trust service providers (QTSPs).
The 3 eIDAS assurance levels: low, substantial, high
The regulation retains the three assurance levels defined back in 2014, but tightens their practical requirements.
The low level fits very low-risk services. Identification relies on declarative elements verified at a basic level. Typical application: newsletter signup, access to an information service with no transactional value.
The substantial level is the de facto standard for most banking and fintech KYC frameworks. It requires robust identity verification, generally through convergence of at least two independent sources (official document + biometric data, or official document + transactional data, etc.). The ACPR (Autorité de contrôle prudentiel et de résolution, the French prudential supervisor) position published in its revised AML/CFT guidelines in 2025: this level covers the bulk of current accounts and non-speculative investment services.
The high level is required for higher-risk operations: complex securities operations, crypto-asset service provider (CASP) services, access to medical data, qualified electronic signatures with legal value. It requires physical verification in the presence of an authorized agent or an equivalent setup (dynamic face match with multi-source counter-verification).
Moving from the substantial level to the high level is not just a technical tightening, it is a change in legal posture: a qualified electronic signature has the same probative value as a handwritten signature (eIDAS article 25.2).
EUDI Wallet: architecture and operation
The EUDI Wallet is a mobile app (iOS and Android) installed by the citizen on their smartphone. It stores electronic attestations (PID, Personal Identification Data, the core identity data) issued by national authorities and verifiable credentials — that is, digitally signed supporting documents (under the W3C Verifiable Credentials standard) — issued by qualified third parties (universities, employers, insurers).
The ARF (Architecture Reference Framework) published by the European Commission defines the following components:
- Wallet Instance: the app installed on the citizen's smartphone
- Wallet Provider: the entity that issues and manages the wallet (Member State or qualified provider)
- PID Provider: the authority issuing the core identity (in France, the Ministry of the Interior via France Identité)
- Attestation Provider: issuer of sector-specific attestations (diploma, license, supporting document)
- Relying Party: regulated organization that accepts credentials (bank, fintech, platform)
The citizen authenticates to a relying party (for example their bank) by presenting the required credentials from the wallet. The bank verifies the electronic signature issued by the PID Provider without having to query a central authority. The citizen chooses which attributes to share (the principle of selective disclosure): show age without revealing the full date of birth, prove French residency without revealing the exact address.
Four Large Scale Pilots (LSPs) prefigured the EUDI Wallet between 2023 and 2025: POTENTIAL (public services, qualified signature, payments), NOBID (Nordic payments and banking services), EWC (travel, ticket verification), DC4EU (education and social security). Lessons learned published in 2025 fed into the revision of ARF version 1.5.
::: callout-info Key EUDI vocabulary
- PID: Personal Identification Data (core identity issued by the State)
- VC: Verifiable Credential (verifiable attestation under the W3C standard)
- DID: Decentralized Identifier (the citizen's sovereign identifier)
- SD-JWT: Selective Disclosure JSON Web Token (selective disclosure format)
- mDoc: Mobile Document (ISO 18013-5 format used for licenses and identity documents)
:::
Impact on existing eIDV frameworks
The arrival of the EUDI Wallet does not replace existing eIDV (electronic identity verification) frameworks. It is added as a complementary channel for identification, while reshaping user journeys.
The 2026-2030 period is explicitly defined as a transition. Existing KYC frameworks continue to operate for customers who have not yet activated their wallet and for non-EU jurisdictions. At the end of 2025, the first national wallets (Estonia, Germany, Italy) showed adoption rates below 5% of the eligible population. The ramp-up will be gradual.
For online banks and fintechs, the EUDI Wallet promises a massive reduction in friction at onboarding (the account opening journey). The 25% abandonment rate observed on classic journeys could fall below 3% with a wallet already installed: the user shares the required credentials in two clicks. The EBA (European Banking Authority) position published in its November 2025 opinion confirms that the EUDI Wallet will be recognized as a substantial-level identity verification method without additional collection.
The EUDI Wallet is limited to EU citizens. For international customers, multi-source eIDV frameworks remain essential. A French bank onboarding a Singaporean investor or a Brazilian entrepreneur will continue to rely on the convergence of transactional, government, and telecom data to reach the eIDAS substantial assurance level.
::: callout-info 3 cases where multi-source eIDV remains structural
- Non-EU customers: no EUDI Wallet available for non-residents
- Foreign beneficial owners: identification of an international ownership chain
- Higher-risk operations: high eIDAS level requiring several converging sources
:::
How to prepare: 2026-2027 roadmap
An operational roadmap for product, compliance, and IT leadership.
Audit existing authentication flows: customer onboarding, strong re-authentication (SCA under PSD2, the EU's payment services directive that mandates strong customer authentication), contract signing. Define a target architecture integrating the EUDI Wallet as the primary channel for EU citizens and multi-source eIDV as the reference channel for other cases.
Develop connectors to the main national wallets (France Identité first, then German, Italian, Spanish). Use the OpenID4VC libraries (OpenID for Verifiable Credentials), the standard adopted by the European Commission for the EUDI Wallet. Test interoperability in the public sandboxes made available by Member States.
Become a qualified relying party under the regulation, with a declaration to the national authority (in France, the ANSSI). Set up credential management policies (validity period, revocation, renewal). Adapt AML due diligence policies to include the EUDI Wallet as a verification method.
Track adoption rates by customer segment. Communicate to clients on the benefits (speed, control, selective disclosure). Prepare advanced use cases: qualified signature for contract subscription, simplified cross-border identification for European services.
Comparison: EUDI Wallet and FranceConnect+
France already has a mature digital identification framework: FranceConnect+, operated by the State through the Direction interministérielle du numérique (DINUM, the French interministerial digital directorate). The legitimate question is its coexistence with the EUDI Wallet.
| Criterion | FranceConnect+ | EUDI Wallet |
|---|---|---|
| Scope | National (France) | European (27 Member States) |
| eIDAS level | Substantial to high depending on identity provider | Substantial and high |
| Storage | Centralized (identity provider) | Decentralized (citizen's smartphone) |
| Selective disclosure | Limited | Native (SD-JWT) |
| Use cases | Public services, approved banks | Public services, banks, telecoms, e-commerce |
| Full availability date | Available | End of 2026 |
The ANSSI published a guidance note in March 2026 clarifying that France Identité will be the French implementation of the EUDI Wallet, in consistency with FranceConnect+. The transition will be gradual, with a coexistence planned through at least 2030.
How Euroleads positions against the EUDI Wallet
Our eIDV (electronic identity verification) approach is complementary to, not competing with, the EUDI Wallet. Three axes structure our trade:
- Multi-source eIDV framework: convergence across 4,000 worldwide sources covering 197 countries, eIDAS substantial assurance level by default and high on demand. Essential for your non-EU clients and for higher-risk operations.
- Beneficial-owner verification: we cover international ownership chains that the EUDI Wallet does not handle. 250 million professionals identified.
- Compliance by design: we align strictly with eIDAS substantial and high requirements, with no excessive data collection. 5 million verifications per month.
A digital wallet remains a data container: it is multi-source convergence that proves the reality of an individual and resists the most sophisticated fraud.
::: cta Architect a KYC journey compatible with EUDI and multi-source: free audit in 10 days. Discuss your project :::
Frequently asked questions about eIDAS 2.0 and the EUDI Wallet
When will the EUDI Wallet become mandatory for banks? Acceptance by regulated relying parties becomes mandatory in 2027. The precise timeline will be published in the final implementing acts of the European Commission, during 2026.
Does the EUDI Wallet replace physical ID documents? No. The EUDI Wallet is complementary to physical ID documents and does not replace them where physical presentation is legally required.
Can a citizen refuse to use the EUDI Wallet? Yes. Use is voluntary for the citizen. By contrast, regulated relying parties cannot refuse a valid EUDI Wallet from 2027.
Which eIDAS level for which use case? Low for informational services. Substantial for the bulk of banking and fintech accounts. High for crypto CASP operations, complex securities operations, access to medical data, and qualified signatures.
How do I integrate the EUDI Wallet into an existing application? Via the OpenID4VC libraries published by the European Commission. The national sandboxes (France Identité, German, Italian) allow first tests from the second half of 2026.
In summary: 18 months to prepare an EUDI-ready KYC journey
The EUDI Wallet reshapes onboarding journeys for the next five years. It does not remove the need for a multi-source eIDV framework — it redefines its scope. Compliance, product, and IT leadership teams that anticipate from 2026 will gain a competitive edge over those that wait for the 2027 acceptance obligation. The adoption figures for 2030 (target 80%) confirm that the EUDI Wallet will be the dominant identification channel for EU citizens, just as the bank card is today for payment.
To go further, consult our eIDV pillar, our KYC pillar, our KYC/eIDV compliance pillar for France, our comparison KYC vs eIDV, and our article on how to implement a KYC framework. For a direct conversation, contact our experts.