The EUDI-Wallet SPRIND Challenge is an initiative aimed at developing a cutting-edge European Digital Identity Wallet (EUDI-Wallet) that meets the specific needs of Germany. Hosted by SPRIND, Germany's Federal Agency for Disruptive Innovation, this challenge seeks to create innovative thinking and technological advancements to create secure, user-friendly digital identity wallets. The project is part of a broader European effort to establish a reliable digital identity framework defined in the eIDAS regulation.

The challenge is structured into three stages over 13 months. The first stage focuses on enabling identification with a Person Identification Data (PID) credential. The data will be provided by the eID function of the German state-issued ID-card. Currently 11 teams are participating in the first stage. 

‍

During the second stage, the teams must enable their wallets to receive and present generic digital credentials such as educational degrees or a mobile driver licence. Finally, in stage three, the selected teams must enable pseudonymous login and authentication  to relying parties. 

‍

Two tracks: Funded & non-funded
There are two tracks running in parallel. While they do have the same requirements one track consists of funded teams, while the teams of the other tracks do not receive any funding. The funded teams need to provide their solutions as open-source code to the public. 

‍

Teams in the funded track:  Sphereon, Ubique Innovation AG, Animo, Governikus GmbH & Co. KG, TICE GmbH and Authada GmbH

‍
Non-funded track: Google, Samsung, Kaprion Technologies GmbH, GUnet and Lissi GmbH

‍

Per stage a maximum of four teams will be able to continue to the 2nd stage. In the 3rd stage a maximum of two teams can continue per stage. The decision will be made by expert Jury, which has a diverse set of expertise. 

The outcome of the first stage will be presented in a public event on 3rd of September in Berlin.

‍

Multiple implementation options

There are different options on how to integrate the wallet architecture. They can mainly be divided into the two categories “authenticated channel” or “signed data”. The first one builds a secure and authenticated communication channel to ensure that all the data received from this channel can be trusted. However, the attribute data from the credentials won’t be signed.  While the second option also uses a secure communication channel the trust and integrity of the data is derived from signatures directly applied to the attribute values itself. The EU large scale pilots are working with signed data. We can then further distinguish the options on the question of where the keys for signatures used by end-users are stored. They can be stored in a hardware element on the phone, on the eID card itself or on a cloud service. There are different benefits and drawbacks for all of the six options. To get a better understanding of the practical implications of these options all options are integrated as part of the German EUDI-Wallet challenge. 

‍

Our motivation

At Lissi we can leverage our years of experience with ID-Wallets to build the easiest-to-use EUDI-Wallet for Germany. This includes maintaining the highest standards of security and data protection while simultaneously offering a great user experience. We provide an socalled “edge wallet”, which stores all data locally on the device of the user. Hence, it operates independently of central service providers or cloud services, leveraging the smartphone's hardware security. We integrate a solution with signed data to ensure compatibility with other member state solutions. The options are further described in the architectural proposal of the German eIDAS Implementation. Furthermore, we want to assist the establishment and adoption of the EUDI-Wallet and ecosystem in Germany and across the whole of Europe.

‍

The following reasons speak for such an implementation: 

• Aligned with EU technical specification to allow European wide interoperability
• As decentralised as possible - PID provider and Wallet provider are not involved in the presentation
• Support of offline usage
• Widespread availability - independent from used hardware

‍

We are looking forward to presenting our solution to the public as well as the jury. Only eight out of the eleven teams will be able to continue in the second phase.  

We offer organisations, which would like to be able to perform an identification with the EUDI-Wallet a personal demo. Request your interest here. 

‍