This Regulation establishes detailed rules for issuing person identification data and electronic attestations of attributes to European Digital Identity Wallets. It is a crucial component of the European Digital Identity Framework, aimed at creating a secure and interoperable digital identity ecosystem across the EU. The Regulation focuses on technical specifications, data protection, and harmonization of wallet functionalities.The act consists of 6 articles and an annex, covering definitions, rules for issuing person identification data and electronic attestations, revocation procedures, and technical specifications. The annex provides detailed tables of mandatory and optional identification data for both natural and legal persons.Key provisions include:
- Mandatory requirements for person identification data (family name, given name, birth date, birth place, nationality)
- Authentication and validation mechanisms for wallet units
- Privacy-enhancing features to prevent data combination
- Strict revocation procedures with 24-hour notification requirement
- Common standards for wallet-relying party access certificates
- High assurance level requirements for identity proofing
- Detailed specifications for data formats and encoding
The most significant aspects for implementation are:
- Member States must ensure uniqueness of person identification data for each wallet user
- Providers must cryptographically bind identification data to specific wallet units
- Electronic attestations must comply with specific standards listed in related regulations
- Providers must maintain public policies on validity status management
- Implementation of privacy-preserving techniques to ensure unlinkability where user identification is not required
