eIDAS 2.0 and the EU Digital Identity Wallet
The European Digital Identity framework is transforming how organizations verify identity, credentials, and attributes. Here is what it means for your organization and how Tessera helps you get ready.
What is eIDAS 2.0?
eIDAS 2.0 (Regulation (EU) 2024/1183) updates the original 2014 eIDAS framework to establish a European Digital Identity Wallet (EUDI Wallet) for every EU citizen and resident. By late 2026, EU member states must offer EUDI Wallets to their citizens, and designated public and private sector organizations must accept them. The regulation introduces verifiable credentials as the standard format for digital attestations — replacing paper documents, PDF certificates, and proprietary digital formats.
Who needs to comply?
eIDAS 2.0 creates obligations for three categories of organizations:
Relying Parties
Organizations that verify credentials: banks (KYC), employers (qualifications), retailers (age verification), public services. Must accept EUDI Wallet presentations for designated use cases.
Issuers
Organizations that issue credentials: training bodies, universities, government agencies, employers. Must issue in compliant formats (SD-JWT, mDoc) and register as Qualified or Non-Qualified Attestation Providers.
Wallet Providers
EU member states and certified providers that offer EUDI Wallets. Must meet certification, security, and interoperability requirements under the Architecture Reference Framework.
Key timeline
Regulation adopted
eIDAS 2.0 published in the Official Journal of the EU. Architecture Reference Framework (ARF) v1.4 released.
Implementation acts
EU Commission publishes implementing and delegated acts on wallet certification, credential formats, and trust registries.
Wallet availability
Member states must offer EUDI Wallets. Large Scale Pilots (LSPs) demonstrate cross-border interoperability.
Mandatory acceptance
Designated relying parties must accept EUDI Wallet presentations. Non-compliance becomes a regulatory risk.
How Tessera maps to eIDAS 2.0
Tessera's infrastructure is designed from the ground up for eIDAS 2.0 compliance.
| eIDAS 2.0 Requirement | Tessera Implementation |
|---|---|
| OpenID4VCI credential issuance | Full OpenID4VCI server with authorization code and pre-authorized code flows |
| OpenID4VP credential verification | JWT Authorization Requests with DCQL queries, same-device and cross-device flows |
| SD-JWT credential format | Native SD-JWT issuance with selective disclosure claim sets |
| ISO 18013-5 mDoc format | mDoc issuance and verification via the verifiable_credentials library |
| x509_san_dns client identification | Verifier authentication via X.509 SAN DNS client_id_scheme |
| Status lists for revocation | Token Status List endpoint for real-time credential status checking |
| Privacy by design | Selective disclosure ensures verifiers receive only requested claims |
| Cross-border interoperability | ARF-aligned protocols and credential formats for EU-wide acceptance |
What you should do now
If you verify credentials
- 1.Identify which verification flows will require EUDI Wallet acceptance
- 2.Map current document-based checks to credential claim queries
- 3.Start a pilot with Tessera to test OpenID4VP verification in your environment
If you issue credentials
- 1.Define which certificates, attestations, or documents to digitize first
- 2.Choose credential formats (SD-JWT for selective disclosure, mDoc for mobile-first)
- 3.Integrate Tessera's issuance API into your existing back-office systems
Start your eIDAS 2.0 readiness assessment
We will map your current credential workflows to eIDAS 2.0 requirements and build a pilot roadmap tailored to your sector.
Request an Assessment