Executive summary
A digital identity wallet is a secure app, cloud application, desktop application, or hardware wallet device that stores verified identity credentials allowing users to selectively share trusted proof of who they are.
Key takeaways:
- They shift identity verification from repeated document checks to reusable, pre-verified credentials
- Users selectively disclose only the minimum required data
- Cryptography ensures security and authenticity
- Adoption is accelerating, especially in the European Union
What are digital identity wallets?
A digital identity wallet or digital ID wallet is a secure application that stores, manages, and shares verifiable credentials linked to an individual. These credentials represent verified attributes about a person, such as identity, age, qualifications, or employment status as issued by trusted organizations.
With a digital ID wallet, individuals can access and present trusted identity information directly from their device. This removes the need to repeatedly present or upload physical document copies for verification. A driver’s license or passport can be stored in the wallet in the form of a digital credential, allowing the wallet holder to pass a credential check without actually presenting their physical passport.
Many wallets also support authentication and electronic signing, which can be used for login and document signing. These technologies working together help a wallet holder access services and complete transactions online with a high level of assurance.
Digital identity wallets are found in several formats:
- Mobile applications installed on smartphones
- Web application hosted by a cloud service provider
- Hardware-backed solutions such as security keys connected via USB, Bluetooth, or NFC
Digital identity wallets vs digital wallets
Digital identity wallets and traditional digital wallets are distinct digital tools, serving different primary purposes. To clarify the difference, see the breakdown below:
Digital wallet: These wallets focus on payments and transactions. They store financial instruments such as credit cards, bank accounts, and tickets, making transactions faster and more convenient. Popular examples of digital wallets include Apple Wallet, Google Wallet, PayPal, and Amazon Pay.
Fundamentally, a digital wallet answers the question, “How are you going to pay for this transaction?”
Digital ID wallet: These wallets focus on identity verification, authentication, attribute sharing (e.g., for age verification), document signing, and privacy control. They store and selectively share verifiable credentials that allow individuals to prove who they are or what attributes they hold, thereby permitting access to applications and services.
A digital identity wallet answers the question, “What can you prove about yourself?” However, that question can take many forms:
- Identity: “Who are you?”
- Attributes: “Are you over 18?”
- Qualifications: “Do you have a license?”
- Authorization: “Are you eligible?”
Some modern wallet platforms are beginning to integrate both payment and identity capabilities within a single interface. However, these functions remain conceptually and technically distinct: payment systems handle financial transactions, while identity systems enable authentication and trust through verified credentials.
What do digital ID wallets hold?
Digital identity wallets can store a wide range of verifiable credentials, allowing them to function as a comprehensive tool for proving identity in a variety of digital interactions. The verifiable credentials are not digital copies of the physical documents. Rather, they are digital attestations about a person. This enables the wallet holder to pass a credential check without the need for a physical or digital copy of their credentials present. Further, it allows the holder to selectively prove specific attributes without repeatedly sharing full documents or sensitive data.
The common credentials for standard use cases include:
- Government IDs such as driver’s licenses and passports
- Employment credentials and corporate IDs
- Academic records and certifications
- Healthcare data and prescriptions
- Financial account attributes
- Travel documents such as boarding passes and visas
How do digital ID wallets work?
A digital identity wallet enables users to receive, store, and present verifiable identity credentials issued by trusted organizations. When a service requests identity proof, the wallet allows the user to selectively disclose only the required information and generate a cryptographically verifiable response.
A typical digital identity wallet transaction follows this general process:
- 1. A service provider requests proof of a specific attribute, such as age or eligibility to access a service.
- 2. The request is sent to the user’s digital wallet.
- 3. The wallet displays the credentials being requested.
- 4. The user reviews the request and provides consent to share the data.
- 5. The wallet generates a cryptographically protected response.
- 6. The service provider validates the response immediately.
This process enables strong identity verification while minimizing data exposure. This selective disclosure model is particularly valuable in regulated sectors, such as banking, telecommunications, healthcare, and government services.
Explaining roles in the wallet ecosystem
The digital identity wallet ecosystem involves several stakeholders. Each has a role to ensure both the privacy of the interaction and effectiveness of credential verification.
These roles include:
- Holder: The holder is the individual or organization that controls the wallet and stores verifiable credentials within it. The holder decides when to share identity information and which attributes to disclose for a specific interaction. The wallet acts as the interface through which the holder manages and presents credentials.
- Issuer: The issuer is a trusted entity (such as a government, bank, employer) that creates and issues verifiable credentials. Issuers are responsible for verifying information before issuing a credential and cryptographically signing it to confirm its authenticity.
- Verifier: The verifier, also known as a “relying party” is the service or organization requesting proof of identity or a specific attribute. This could be a bank onboarding a customer, an employer confirming qualifications, or a service provider granting access.
- Wallet provider: The wallet provider develops and maintains the digital wallet application or platform used to store and present credentials. This includes managing the user interface, integrating security features, and ensuring compatibility with standards and protocols used across the ecosystem.
- Intermediary: An intermediary acts as a bridge between digital ID wallet providers, issuers, and verifiers, helping reduce complexity and ensure consistent interactions across wallet implementations.
- Trust service providers: Trust service providers support secure digital interactions by offering services such as electronic signatures, certificate management, and timestamping. These services help ensure the legal validity and integrity of transactions carried out using digital identity wallets.
- Regulatory bodies: Governments and regulators establish the legal, technical and security frameworks that define how digital identity wallets operate. They set standards for privacy, and interoperability, and in some regions, they also issue credentials or provide national wallet solutions.
These roles form a trusted network where verifiable credentials can be issued, stored, and verified in a secure and scalable way. The coordination between these participants is essential for enabling seamless and reliable digital identity interactions across services and borders.
Digital Wallet connectors vs intermediaries
A digital wallet connector is often confused with a digital wallet intermediary. The terms are at times incorrectly used interchangeably when they describe distinct, albeit, overlapping concepts.
A digital wallet connector is a critical technical integration component that enables direct communication between the verifier system and one or more digital identity wallets. These components implement the underlying protocols used to request and receive verifiable credentials. In practice, they enable organizations to securely connect their systems to wallets and support credential exchange as part of identity verification workflows.
An intermediary, by contrast, is a service provider that simplifies connectivity across a broader ecosystem. Instead of integrating with multiple wallets, standards, or organizations directly, the verifier or relying party connects to the intermediary, who facilitates interoperability.
In short, connectors enable organizations to integrate directly with digital wallets, while intermediaries provide a service layer that manages those integrations on their behalf.
Digital identity wallet ecosystem roles in practice
Suppose a user wants to open a new bank account online using their digital identity wallet. This example shows how each role contributes to a secure, streamlined onboarding experience where the user stays in control of their data while the organization can trust the information it receives.
Step | Role | Action |
1 | Issuer | A trusted authority issues a digital ID credential to the user and signs it to confirm authenticity. |
2 | Holder | The user stores the credential in their digital identity wallet and controls when and how it is shared |
3 | Verifier | The bank requests specific identity attributes required for account onboarding. The connector within the bank’s environment generates standards-based request and establishes a secure connection with the holder’s wallet. |
4 | Wallet provider | The wallet application on the user’s device receives the request and displays the requested data to the user in a secure interface. |
5 | Holder | The user reviews the request and provides consent to share selected attributes |
6 | Wallet | The wallet generates a cryptographically verifiable presentation based on the stored credential. |
7 | Verifier | The connector receives the response from the wallet and processes it in a format the bank can consume |
8 | Verifier | The bank validates the response by checking the issuer’s signature integrity, trust status, and other credentials to ensure the validity of the action. |
Are digital ID wallets secure?
Yes, digital ID wallets are designed with strong security mechanisms to protect both credentials and user control. They use cryptographic signatures, secure device-based storage, and strong user authentication methods such as biometrics or passkeys. These protections ensure that credentials are tamper-evident and can only be accessed and shared through authorized user actions.
Because credentials are verified cryptographically rather than visually inspected, identity wallets reduce reliance on physical document checks and help mitigate exposure to fraud techniques such as document forgery or AI-generated impersonation. Encryption and secure storage and device-bound authentication mechanisms help further protect sensitive data from unauthorized access.
Benefits of digital ID wallets
Digital identity wallets provide several key benefits over traditional identity verification methods that rely on uploading documents or visual interpretation. This includes:
- Convenience: Verifiable credentials can be stored and managed with a single wallet interface, making it easy to present verified information without physical documents or multiple apps. Furthermore, the credentials check is a swift interaction requiring a simple PIN or biometric authentication challenge on a designated device.
- Privacy: Users retain control over their data and can selectively disclose only the specific attributes required for a given interaction. This minimizes unnecessary data exposure and improves privacy by limiting what personal information is shared with service providers.
- Security: Digital identity wallets use cryptographic signatures, secure device storage, and authentication mechanisms to ensure credentials are authentic and tamper-evident. Compared to document-based verification, this reduces exposure to fraud techniques such as document forgery and AI-generated deepfakes and enhances the integrity of identity verification processes.
- Efficiency: Instant credential presentation removes repeated manual verification steps and reduces onboarding time. Moreover, a single interface can be used across services, simplifying the user experience.
Benefits by industry
Convenience, privacy, security, and efficiency benefit different industries in different ways depending on their use case. Explore how digital identity wallets can improve experiences across verticals.
Industry | Convenience | Privacy | Security | Efficiency |
|---|---|---|---|---|
Financial services | Streamlined onboarding using reusable identity credentials | Selective disclosure of identity data for KYC | Cryptographic verification reduces fraud and impersonation risks | Faster onboarding and reduced manual processing costs |
Government and public sector | Reusable digital identity enabling easy access to public services | Citizens control what personal data to share with agencies | High-assurance identity verification for service access | Reduced paperwork and faster application processing |
Healthcare | Simplified verification of patient identity | Patients control access to selected health-related attributes | Improved patient identification reduces errors and fraud | Efficient coordination across providers |
Telecommunications | Quick account setup and SIM registration | Minimal data disclosure for identity checks | Reduced risk of fake identities and SIM fraud | Faster onboarding and activation processes |
Travel and hospitality | Faster identity verification at check-in and border processes
| Limited disclosure of travel-related attributes | Strong identity assurance for access control and verification | Faster check-in, boarding, and verification flows |
Retail and e-commerce | Quick identity checks during checkout, faster age verification for restricted products | Selective disclosure for age or eligibility | Reduced account takeover fraud and identity abuse | Faster checkout, fewer customer drop offs, and fewer manual checks |
Enterprise and Workforce | Simple access to tools, systems, and facilities, streamlined employee onboarding | Controlled sharing of verified employee credentials | Secure authentication for physical and digital access | Faster onboarding and reduced admin burden |
Education | Easy verification of academic credentials and certifications | Students control how credentials are shared | Verifiable, tamper-evident academic records | Instant verification without manual validation |
Digital identity wallet use cases
The best way to understand the use cases for digital identity wallets is to divide them by applications for consumers and for the workforce.
Use cases for consumers
- Customer onboarding / Know your customer (KYC): Using a digital ID wallet, consumers can quickly and securely open new bank accounts, register for mobile phone plans, or enroll in other online services without submitting scanned documents.
- Age-gated services: When purchasing age-restricted goods like alcohol or tobacco or accessing restricted content online, consumers can use their digital ID wallet to verify their age while retaining their privacy. Exact date of birth, age, or other information found on the documents typically used to verify age, such as a driver’s license, will remain concealed.
- Accessing online government services: The digital ID wallet can be used to authenticate users for accessing public services such as tax portals, social security systems, or apply for permits.
- Digital driver’s license: Consumers can securely present a digital driver’s license credential to law enforcement during a traffic stop, rental car agencies, or during other identity and credential checks without needing to carry the document on their person.
- Healthcare: Digital ID wallets can verify the patient’s identity and support access to healthcare services or patient portals, as well as enable sharing of selected health-related credentials, such as insurance eligibility or prescriptions, in supported systems.
- Education: Academic diplomas, degrees, and professional certifications can all be stored as a verifiable credential within the ID wallet, ready to be presented when necessary.
- Travel: Consumers can enjoy a more streamlined travel experience by storing travel-related credentials such as passports, boarding passes, and vaccination certificates.
- Online payments and money transfers: Select high-value, high-risk banking transactions require additional authentication. The digital ID wallet enables a smoother transaction experience while reducing the likelihood of fraud.
- Electronic document signing: Wallets can support the creation of cryptographic signatures in electronic workflows.
Use cases for employees
- Remote onboarding: The wallet enables employees to securely share verified credentials during the hiring process such as identity attributes, right-to-work status, licenses, educational qualifications, etc., to help streamline onboarding and reduce manual verification.
- Physical access control: The digital employee credentials stored in the wallet can be used to control access to physical company offices or other restricted areas.
- Logical access and single sign-on (SSO): Wallet-based credentials can serve as second factor in multi-factor authentication challenges for SSO access, enhancing security for access to corporate resources.
- Employment verification: When applying for loans or other services that require verification of employment, the wallet can provide the necessary credentials, without the need for manual documentation or oversharing data such as wages.
Time and attendance: To prevent time theft, employers can require their teams to use their verifiable credentials to securely clock in and out.
Technologies powering and securing digital ID wallets
Verifiable credentials
Verifiable credentials are digital representations of identity attributes that are cryptographically signed and independently verified by a third party. Each credential contains claims about an individual or organization and can be used to prove specific facts about that person.
Common examples include:
- Government-issued identity attributes (age verification, driver’s license derived credentials
- Academic qualifications such as diplomas and degrees
- Employment credentials
- Financial or account-related attributes
Verifiable credentials enable individuals to control the disclosure of their data. Users decide what information to share and under which circumstances. Features such as selective disclosure allow someone to prove a condition, such as meeting a minimum age requirement, without revealing additional personal details.
Verifiable credential standardization bodies
There are three widely used standardization bodies that ensure interoperability. These bodies include:
- W3C Verifiable Credentials
- ISO 18013-5 for mobile driving licenses
- ICAO Digital Travel Credentials
In addition to credential formats, digital identity wallets rely on interoperability protocols such as OpenID for Verifiable Credential Issuance (OpenID4VCI) and OpenID for Verifiable Presentations (OpenID4VP). These protocols define how credentials are issued, requested, and presented between wallets, issuers, and verifiers.
Cryptographic signatures and passkeys
Cryptographic signatures ensure that credentials are authentic and have not been altered. When a credential is issued, it is signed using the issuer’s private key. Any party receiving that credential can verify its validity using the issuer’s public key, confirming both its origin and integrity. This allows credentials to be validated instantly without contacting the issuer and protects against tampering or fraud.
Wallets also use cryptographic methods to prove that the person or organization presenting a credential is the legitimate holder, without exposing private keys.
Passkeys strengthen user authentication by relying on a private key stored securely on the user’s device and a public key registered with a service. When authentication is required, the wallet signs a challenge using the private key, which is verified using the corresponding public key.
Decentralized identifiers (DIDs)
Traditional identifiers are managed by a central authority, whether a website, government, retail store, or other body. The identifier is issued, owned, and controlled by the authority.
A decentralized identifier empowers individuals or organizations to create and control their own identity attributes without a centralized authority involved. The DID is stored in the digital ID wallet and linked to a set of cryptographic keys, which establish trust in digital interactions.
DIDs enable more secure and flexible identity interactions across systems and services by supporting peer-to-peer identity verification.
Secure elements and hardware security modules
To protect cryptographic keys and credentials, digital ID wallets rely on secure elements and hardware security modules (HSMs).
A secure element is a tamper-resistant hardware component embedded within the device. This could include a smartphone or SIM card. The secure element is designed to safely store the private keys in isolation from the rest of the device. That way, even if the operating system or applications become compromised, the credentials will remain secure.
An HSM fulfills the same role, but it is external to the user’s device, typically in a cloud environment or backend server. HSMs are commonly used by issuers, wallet providers, and trust service providers to issue, store and manage cryptographic keys to sign credentials and manage certificates.
Trust frameworks and registries
Trust frameworks and registries provide the structure that allows digital identity wallets to operate across different organizations and ecosystems. A trust framework defines the rules for participation, including security requirements, roles, credential types, and compliance obligations. It ensures that issuers, wallet providers, and verifiers operate under consistent standards for identity verification and data protection.
Registries serve as trusted directories that support these frameworks. They contain information such as approved issuers, trusted wallet providers, public keys, and certification status. When a credential is presented, a verifier can consult a registry to confirm that the issuer is recognized and that the credential meets required assurance levels.
Revocation and status checking mechanisms
Revocation and status checking mechanisms ensure that digital credentials remain trustworthy over time. While a credential may be valid when issued, its status can change due to expiration, loss, or compromise.
Revocation allows an issuer to invalidate a credential before its expiration date. This may occur if information changes, the credential is replaced, or it is suspected to be compromised. Once revoked, the credential should no longer be accepted by verifiers.
Status checking enables verifiers to confirm that a credential is still valid at the time it is presented. This is typically done by querying a status registry or checking embedded status information without needing direct contact with the issuer.
EU regulatory landscape
The regulatory landscape relevant to digital identity wallets is the strongest in the European Union. The EU has passed several key regulations that govern the use of digital ID wallets and drive their adoption.
These regulations include:
eIDAS 2.0 (Digital Identity Regulation)
The Digital Identity Regulation mandates that each EU member state must provide a digital identity wallet free of charge by December 2026. By December 2027, certain organizations, such as banking, financial services, healthcare, telecommunications, and many more, must accept wallet-based authentication.
These mandates establish the EU Digital Identity Wallet (EUDI Wallet) and position digital ID wallets to take a central place in daily commerce across the EU.
AML Regulation (AMLR)
This updated anti-money laundering framework governs customer verification. The regulation allows banks to use digital identity wallets for KYC requirements. Meanwhile, it also introduces qualified electronic attestations of attributes (QEAAs) as high-assurance credentials. Finally, it sets required levels of assurance for identity verification methods.
The result is that digital identity wallets are positioned as a preferred method for onboarding and ID verification in financial services.
PSD2 and the upcoming PSR/PSD3
PSD2 governs payment services and their authentication requirements, amongst others. A new version of this regulation is expected to be adopted in 2026 and enter full force in 2027.
The Regulatory Technical Standards (RTS) introduced by PSD2 require secure handling of authentication credentials and Strong Customer Authentication (SCA). PSR/PSD3 will update these requirements to officially incorporate wallet-based authentication, clarify technical implementation, and define liability models. These refinements will both permit and encourage the use of wallets for login and payment authorization.
Digital ID wallet adoption and market trends
Digital identity wallet adoption varies by region. In some regions, adoption is driven by regulatory mandates, while in others it is shaped by market demand and ecosystem development. In this section, we will review the use of digital identity wallets in the European Union, Asia-Pacific, and North America. From there, we will explore the adoption drivers and challenges influencing their growth.
Adoption by region
European Union digital ID wallet adoption is already reinforced by government regulations
The EU digital ID wallet, also known as the EUDI Wallet, is a government-backed digital identity solution introduced under the Digital Identity Regulation (formerly eIDAS 2.0). This framework positions the European Union as a leader in digital identity adoption by establishing a standardized approach for secure, cross-border identity use cases across member states.
The EUDI Wallet is intended to support a wide range of capabilities, including high-assurance identity verification, strong customer authentication for payments and banking, privacy-preserving data sharing, and qualified electronic signatures for legally binding transactions.
EU member states are required to provide at least one digital identity wallet to citizens by December 2026. By December 2027, certain private sector organizations, including financial institutions and large platforms, must accept wallet-based identity verification and authentication. The regulation also introduces strict requirements for security and interoperability, with certification programs currently under development.
The EU has set a target of reaching 80 percent adoption by 2030. Over the following years, adoption should increase as regulatory requirements take effect and supporting infrastructure matures. Over the longer term, digital identity wallets are expected to become a standard method for identity verification and authentication across services.
Asia-Pacific adoption as part of super-app expansion plans
In Asia-Pacific, adoption is being shaped by market demand, digital ecosystems, and financial inclusion initiatives. The region already has a strong foundation due to widespread use of digital wallets for payments, which creates a natural path toward integrating identity capabilities.
Several factors are driving adoption. In countries such as India and Indonesia, digital wallets are used to expand access to financial and government services for underserved populations. National programs such as Aadhaar-linked services and DigiLocker provide secure identity verification and document storage.
Large platforms also play a central role. Super-apps such as Alipay, WeChat Pay, and GrabPay combine payments, identity verification, and lifestyle services in a single experience. This level of integration makes wallets a core part of everyday digital interactions.
Governments across the region are introducing digital identity initiatives, even without strict regulatory mandates. Examples include Singpass in Singapore and mobile ID programs in South Korea. Cross-border collaboration is also progressing, with initiatives such as Project Nexus aiming to connect payment systems across multiple countries and enable future identity interoperability.
North America digital ID wallet adoption is still nascent, relying on private industry
In North America, adoption is developing through a combination of market innovation and government-backed programs. The approach differs from Europe, with less reliance on regulation and greater emphasis on state-level initiatives and private sector involvement.
Mobile driver’s licenses are a central use case. Several US states have launched programs that allow residents to store government-issued IDs in digital wallets. These implementations follow international standards and are increasingly integrated into widely used platforms such as Apple Wallet and Google Wallet. As of mid-2025, adoption remains limited, with a relatively small percentage of eligible users enrolled.
Federal support is also growing. The Transportation Security Administration accepts digital IDs from participating states at hundreds of airport checkpoints, which strengthens trust in wallet-based identity verification for travel.
Private sector interest continues to expand. Airlines, banks, and retailers are exploring wallet-based identity verification to improve onboarding processes and reduce fraud risks associated with traditional document-based methods.
Challenges remain, particularly around fragmentation and interoperability. Each state may implement its own approach, which makes it harder to create a unified ecosystem. Adoption is expected to accelerate as standards mature and more organizations enable wallet-based interactions.
Adoption timeline by region
Region | Short term (1–2 years) | Medium term (3–5 years) | Long term (5+ years) |
|---|---|---|---|
European Union | Limited adoption, mainly pilots and early identity use cases | Rapid growth driven by regulatory mandates and standardization | Broad adoption across public and private sectors, with cross-border interoperability |
Asia-Pacific | Continued dominance in payments, gradual expansion to identity | Strong growth through super-app ecosystems and national identity programs | Fully integrated identity and payment ecosystems across services and borders |
North America | Niche usage focused on travel and mobile driver’s licenses | Expansion into financial services and government programs as adoption grows | Widespread use for identity verification and authentication across industries |
Adoption drivers
Though regulation is a powerful accelerant to adoption, there are other trends and advantages driving digital identity wallet adoption across regions:
- Convenience: Users can keep all of their digital identities and credentials in one place and access them through authentication methods, such as biometrics or PIN. This reduces the need to repeatedly upload or manage physical documents and credentials across different services.
Instant display of credentials: Organizations can move away from slow and manual verification methods, such as contacting issuing authorities to confirm credentials, which can take significant time. Meanwhile, digital identity wallets support users’ expectations for immediate access to their information.
For example, instead of navigating through an airline app at the gate, a traveler can retrieve and present digital boarding passes or identity credentials directly from their device in seconds, depending on ecosystem support.
- Consistent user experience for identity proofing: Many users rely on multiple apps, each with their own identity verification processes. This creates confusion when one service asks for a selfie and ID image while another sends a one-time passcode with varying formats. A wallet-based approach introduces consistency, where services can request verifiable credentials through the same familiar interface. Users can then approve and present the required information with a simple biometric action.
Enhanced security: Digital identity wallets provide users with greater peace of mind. Cryptographic protections and encryption help reduce the risk of identity theft and unauthorized access.
Moreover, verifiable credentials serve as a stronger method of identity verification compared to traditional approaches that rely on images of documents and selfies as authenticity can be validated cryptographically rather than visually.
- Privacy: Users maintain control over their personal information and can selectively disclose only the minimum required information for a given interaction. This reduces overexposure of personal details, limits the likelihood of misuse, and supports better protection against identity-related risks.
- Cost savings: Digital identity wallets can lower the expenses associated with traditional identity verification processes. Automated and verifiable credential exchanges reduce the need for manual review processes, document handling, and third-party verification steps, helping organizations operate more efficiently.
Adoption challenges
Though there are many drivers to adoption, there are also limitations, trends, and other factors that slow digital identity wallets from becoming the dominant model for identity verification. These challenges may be resolved over time, but in the present day, they represent obstacles to overcome.
Barriers to adoption include:
End-user adoption: Without enough individuals actively using digital identity wallets, organizations have limited motivation to support them beyond regulatory requirements. Widespread usage will depend on reaching a critical mass of users where organizations become compelled to accept digital identity wallets to meet user demand.
A useful comparison is the German national ID card, which has supported electronic identification since 2010 as an alternative to selfie-and-document verification. Despite being more convenient, adoption remained around 22% as of August 2024. At the same time, popular wallets such as PayPal focus primarily on payments. This raises an open question about whether users will adopt identity wallets at scale or continue relying on separate solutions for different purposes.
- Unclear business model: In the European Union, organizations are expected to accept digital identity wallets without charging end users. This creates uncertainty around funding and long-term incentives for adoption. Member states may limit investment to only what is required for compliance, which could slow innovation and expansion into broader use cases. There is also limited motivation for private issuers to create additional credentials beyond those provided by governments. In countries where wallets must be open source, such as the European Union, competition between government-backed wallets and established commercial platforms adds further uncertainty around user adoption.
- Device migration: Physical identity documents often remain valid for up to ten years, while smartphones are typically replaced every few years. This creates friction, as users may need to reissue or transfer their digital credentials multiple times during that period. Many wallets bind credentials to a specific device, making migration more complex. Cloud-based wallets can simplify the transition, though they introduce a third party that may have visibility into credential usage patterns. Hardware-based alternatives, such as external secure devices, may offer another option. The importance of solving this challenge is reflected in the success of FIDO passkey ecosystems, where adoption increased once seamless device transfer became possible.
- Wallet security: Secure storage and use of credentials rely on access to a Wallet Secure Cryptographic Device, which can take several forms, including hardware security modules (HSM), built-in secure elements, or external devices. However, not all smartphones meet the strict requirements defined by some governments for these secure components. Additional complexity arises when considering how users interact securely with these elements. For locally stored keys, ensuring a trusted display environment is still a challenge. For remote key storage, strong user authentication must be implemented without relying on easily compromised methods such as passwords or one-time codes.
- Wallet certification: With dozens of national wallets and numerous credential issuers, it is important to establish whether a wallet meets the necessary standards for security and compatibility. Issuers need a reliable way to determine if a wallet can safely store and present their verifiable credentials. Certification frameworks are required under the European Digital Identity regulation and are expected to address this need. At present, however, practical certification programs are still under development, leaving a gap that slows adoption.
Wallet interoperability: Even with standards in place, achieving consistent interoperability across ecosystems remains difficult. Specifications often allow multiple implementation options, which can lead to variation between wallets and services. In some cases, regulators may allow optional features such as authorization certificates, which forces wallets and verifiers to support more than one approach.
Digital identity ecosystems must also support different credential formats, including W3C Verifiable Credentials and ISO/IEC 18013-5 mobile driving licenses. This requires compatibility with both remote interactions, such as web and app-based flows, and proximity-based exchanges using technologies like NFC, Bluetooth, or QR codes. As a result, service providers must implement multiple interaction models and token formats.
Additional complexity comes from differences in hardware models and key management approaches, which affect how credentials are protected, how users are authenticated, and how devices are replaced. Electronic signature support introduces further variation, since signing may occur locally or through remote trust service providers.
Finally, support for pseudonymous authentication introduces another layer of variation. The methods used to generate and manage pseudonyms can differ across implementations, which can affect how user identities are linked across services. Together, these factors create a fragmented landscape that issuers and relying parties must navigate when integrating digital identity wallets.
OneSpan: your trusted digital ID wallet connector provider
OneSpan provides a digital ID wallet connector offering the key authentication solution and supporting technologies to enable secure identity interactions, facilitate interoperability, support trust, and protect the mobile wallet environment.
In this effort, OneSpan’s Digipass S3 Authentication Software plays a critical role. plays a critical role.
- One-stop authentication platform: With deep experience in authentication standards such as OATH and FIDO, OneSpan supports the adoption of strong customer authentication technologies that are foundational to digital identity wallets. This includes support for FIDO passkeys, verifiable credentials, and emerging wallet protocols such as OpenID4VCI and OpenID4VP, as well as widely used standards like W3C Verifiable Credentials and ISO 18013-5/7. Platforms like Digipass S3 Authentication Software bring these technologies together to enable secure identity verification and authentication within a single framework.
- Reducing ecosystem complexity: Digital identity wallets introduce new layers of complexity, including multiple authentication methods, regional trust frameworks, evolving standards, and differences between wallet implementations. OneSpan helps organizations navigate this landscape by abstracting these variations into a unified integration layer. This allows verifiers to support wallet-based identity without having to manage each protocol, format, or regulatory requirement independently.
Digital ID wallets FAQ
What is a digital identity wallet?
A digital identity wallet is a secure app, cloud application, desktop application, or hardware wallet device that stores and manages verifiable credentials and allows users to present them for identity verification, authentication, or signing.
What are verifiable credentials (VCs)?
Verifiable credentials are digital representations of identity attributes that are secured with cryptography. They can be shared selectively and verified independently without needing to contact the original issuer.
Verifiable credentials are also commonly referred to as digital credentials.
What is the purpose of digital identity wallets?
Digital identity wallets are designed to complement physical identity documents and improve how identity is verified in digital environments.
Instead of presenting physical IDs or uploading document copies, users can store verifiable digital credentials in their wallet and share them instantly when required. This reduces reliance on repetitive document submission and manual verification processes.
Digital identity wallets also provide an alternative to common remote identity proofing methods such as document scans combined with selfies or video checks. These methods can be inconvenient and are increasingly vulnerable to manipulation.
By using verifiable credentials issued by trusted organizations, wallets enable faster and more reliable identity verification. Users can present verified information attributes directly, while organizations can validate it in real time.
Overall, digital identity wallets provide a secure, privacy-focused, and efficient way to prove identity across both online and in-person interactions.
Which organizations use digital identity wallets?
Digital identity wallets are relevant for any organization that needs to verify identity. This includes medium-sized or larger organizations in the following sectors:
- Banking and financial services
- Transport
- Energy
- Social Security
- Healthcare
- Drinking water
- Postal services
- Digital infrastructure
- Education
- Telecommunications
Is this a global solution? What regions are adopting digital identity wallets the fastest?
Adoption is progressing at different speeds depending on the region.
- Europe is advancing through regulation, with initiatives such as eIDAS 2.0 and the EU Digital Identity Wallet establishing a standardized approach across member states.
- Asia-Pacific is growing through digital ecosystems and financial inclusion programs, with identity integrated into large mobile platforms and national identity systems.
- North America is evolving through market-led initiatives, including mobile driver’s licenses and digital identity use in travel and security.
Is regulation driving adoption?
Regulation plays a major role in some regions, particularly in Europe.
The European Union is leading adoption through frameworks such as eIDAS 2.0 and updated anti-money laundering rules. These regulations establish a legal foundation for digital identity and define how wallets can be used for authentication and identity verification.
Key milestones include:
- EU member states must provide at least one digital identity wallet to citizens by December 24, 2026
- Financial institutions will be able to use wallet-based credentials for customer verification under AML requirements starting in July 2027
- By December 24, 2027, certain organizations, including banks, must support wallet-based authentication for login, transactions, and identity verification
Outside Europe, adoption is driven more by market demand and ecosystem development rather than regulatory mandates.
Are digital ID wallets replacing physical IDs?
Digital ID wallets are not fully replacing physical IDs yet, but they are expected to complement and gradually reduce reliance on them. As adoption grows, users will be able to present digital credentials instead of physical documents in many scenarios, especially for online services, onboarding, and secure authentication.