BE-CYBER : European Digital Wallet – Legal and security aspects

The EU Digital Identity Wallet is a European Commission Project that aims to enable a unified digital identification system in Europe. This Wallet will allow European citizens to safely save their documents and personal information in an app. These documents and information comprehend much more than just citizens’ identity documents or driving licences, but also medical records, bank cards or even university degree titles. Altogether, this data will be able to create a global EU Digital Identity for every citizen which they will be able to use across every member state. During this BE-CYBER roundtable, panellists from the private, public and academic sectors discussed the legal and security aspects of the Wallet implementation.

Panel discussion: European digital identities: legal and security challenges 

Moderator: Erik Van Zuuren, Founder TrustCore.EU


  • Hugo Mania, Prohect Manager Digital Identities & Biometrics, ANSSI
  • Evgenia Nikolouzou, Cybersecurity Officer ENISA
  • Bart Preneel, Professor KU Leuven
  • Bogdan Stefan, Head of Sector Policy Officer European Commission
  • Bart Symons, Director ZetesConfidens

After having looked at this EUDI-wallet from a functional point of view, what about the trust, security, privacy dimensions? Can we “trust” this eco-system? What are the elements that determine its trust framework?  How can we make sure that an EUDI wallet can really be made very secure on any mobile device?  How can we make sure that the citizen’s privacy will be “by design” protected? What does it mean when the proposal states that it should be made technically impossible to track the usage of the citizen? How will a citizen know that service providers are not asking for too many attributes or attestations from them?  How can a Belgian citizen company determine trust in a service provider in, for instance, Spain it wants to do business with? How will it be able to determine that party’s identity? How to trust its attestations? How will that Spanish service provider strongly authenticate a Belgian EUDI and trust its attestations and signature?