EUDI Wallet: Is the European Digital Identity Wallet Really Secure?

In 2026, all twenty-seven EU Member States are required to make available at least one version of their digital identity wallet compliant with eIDAS 2.0 — the regulation that redesigns how European citizens identify themselves online. The EUDI Wallet promises to replace usernames, passwords and physical documents with a certified app, capable of proving who we are without revealing more than strictly necessary. The question, however, is fair: does this promise hold up under scrutiny?

What the system promises

The institutional proposal is ambitious. The Wallet is built around the principle of selective disclosure: instead of presenting a full ID card, the system allows proving a single attribute — age, residence, degree — without revealing the underlying data. The technology enabling this is called zero-knowledge proof (ZKP): a cryptographic mechanism that allows a verifier to ascertain the truth of a statement without receiving any original data.

Added to this is an integrated privacy dashboard, offering users a complete view of transactions: who received which data, when, and the ability to revoke consent at any time. The system is open-source, voluntary, and free for citizens. On paper, it represents a paradigmatic shift: from "document sharing" to "attribute verification."

Cracks in the architecture

Problems emerge as soon as you move from principles to concrete implementation. A coalition of cryptography experts, civil organisations and university researchers has raised objections that concern not the technology in the abstract, but the architecture actually adopted.

The most technical issue is unlinkability — the impossibility of correlating different transactions by the same user. eIDAS 2.0 explicitly requires it. But two studies published in 2025 demonstrate that the official ARF (Architecture and Reference Framework) does not guarantee it. Álvarez, Hölzmer and Sedlmeir (ScienceDirect, 2025) show that the currently planned mechanisms — SD-JWT and mdoc ISO/IEC 18013-5 — leave persistent traces: attribute hashes and issuer signatures function as unique identifiers, allowing colluding verifiers to reconstruct an individual's behavioural patterns. Sharif et al. (Springer, CRiSIS 2024) reach the same conclusions through a formal threat model based on the LINDDUN methodology: linkability between Wallet Provider, Attestation Provider and Relying Party survives even the use of pseudonyms.

The problem is therefore not hypothetical: it is embedded in the technical choices already adopted.

The institutional conflict of interest

These technical vulnerabilities are compounded by governance issues. Thomas Lohninger of Epicenter.works has raised a structural conflict of interest: in the current configuration, it is the same Member State that issues the wallet that certifies its security. There is no independent third party tasked with this function.

On the private side, the Potential consortium — which coordinated European pilots involving 155 organisations including Idemia, Thales and Amadeus — demonstrates how digital identity infrastructure is also becoming a market. Reclaim the Net warns that this overlap between public and commercial interest risks turning the Wallet into what critics call a checkpoint society: a network of verification points that, over time, can become a pervasive surveillance system.

The problem Dyne.org has focused on

In this context, Dyne.org's analysis is particularly relevant because it touches a level that the academic studies cited above tend to treat separately: process isolation. Cryptography can be perfect — ZKP, BBS+, anonymous credentials — but if the algorithm runs on an operating system controlled by Google or Apple, other system components can access the data during processing. Cryptographic security is necessary, but not sufficient.

The technical answer to this problem exists: it's called a Trusted Execution Environment (TEE), an isolated hardware enclave that ensures code executes without external interference. A January 2026 paper on arXiv proposes exactly an architecture combining TEE and ZKP to bring the Italian Wallet towards true SSI (Self-Sovereign Identity) compliance. But this approach is not yet in the mandatory requirements of the European framework.

How secure is it, then?

The honest answer is: it depends on what we mean by security, and who we consider the adversary.

Against the most basic threats — identity theft, phishing, unauthorised access — the EUDI Wallet represents real progress over the current state of affairs. Selective disclosure concretely reduces the data exposure surface in every single transaction.

Against more sophisticated adversaries — companies aggregating identification data, states wanting to track their citizens, platforms hosting the wallet on their infrastructure — current guarantees are insufficient. The linkability documented by academic studies is not a theoretical vulnerability: it is a design flaw that can be systematically exploited.

Against the stated objective of the regulation itself — a system guaranteeing unlinkability and GDPR compliance — the current architecture is not yet compliant with the requirements it set for itself.

The EUDI Wallet, in its current form, is a useful tool built on incomplete foundations. The technology needed to make it truly secure exists, is documented, and is open-source. The political question — which no academic paper can resolve — is whether the twenty-seven governments and European institutions have the will to require it as mandatory, before the system is distributed at continental scale.