We recently hosted a great live presentation from Esther Makaay, VP of Digital Identity at Signicat, where she provided valuable insights into the mandatory acceptance of the European Digital Identity Wallet.
While expectations for the wallet are high, businesses in regulated industries need to understand what this requirement means, who must comply, and who is exempt.
Who Must Accept EUDI Wallets?
Under the new regulations, regulated industries must accept the EUDI Wallet as an authentication option for their services.
This applies to businesses operating in sectors that require strong authentication by law, including banking, telecom, and government services.
However, organizations can continue to offer other authentication methods (e.g., internal systems, biometrics, legacy eID solutions) alongside the wallet.
Who is Exempt?
Not every business falls under this requirement. Exemptions apply to:
- Micro and small enterprises, as defined by the EU
- Use cases that do not require authentication, such as certain low-risk transactions
What’s the Timeline?
Here’s what to expect in the rollout of EUDI Wallets:
- November 2024 - May 2025 – The European Commission will publish Implementing Acts in three batches, detailing standards, technical specifications, and certification processes.
- December 2026 – EU Member States must provide at least one EUDI Wallet for citizens to use.
- December 2027 – Regulated industries must accept EUDI Wallets as an authentication method.
With these deadlines approaching, organizations in regulated sectors should start preparing now to ensure compliance and take advantage of digital identity advancements.
For businesses in regulated sectors, this is a significant shift that requires planning and technical integration. But it’s also an opportunity: by embracing secure, standardized authentication, organizations can streamline user onboarding, reduce fraud, and prepare for a more interoperable digital identity future.