November 2024 Newsletter

Welcome to the fifth edition of our newsletter, November 2024! We’re delighted to share the latest product updates, upcoming events, and industry insights.

In this edition, we cover the following:

? Product updates and new features

? Innovation and Industry Insights

? What’s next in EUDI wallet standards?

? Closing remarks

Product updates and new features

This November, iGrant.io? io introduced significant updates both to Data Wallet and Organisation Wallet to advance digital identity wallet solutions:

? Legal Person Identification Data (LPID) Issuance: Now supports issuance as specified by EWC RFC 005 in collaboration with Bolagsverket .

? Payment Wallet Attestation: iGrant.io? became the first to implement EWC technical specifications for Payment Wallet Attestation, as outlined in EWC RFC 007. This feature supports Strong Customer Authentication (SCA) across the Data Wallet and Organisation Wallet.

? Developer Tools and Documentation: Published comprehensive resources, including a QR code generator and JWT decoder, to assist developers working with EU Digital Identity Wallet . These tools enable debugging and testing interactions between issuers, holders, and verifiers.

Data Wallet

The iGrant.io? Data Wallet is a decentralised app (#dApp) enabling individuals to securely store and access personal data as verifiable credentials for everyday use. Every transaction is auditable, ensuring privacy and accountability.?

Apart from regular releases, this month’s significant update is the Payment Wallet Attestation (PWA) Integration. This integration enables secure, Strong Customer Authentication (SCA) compliant transactions that comply with EWC technical specifications, adding user-friendly interactions for EUDI Wallet users.?        

Download the latest version of the Data Wallet here:

? Appstore (iOS): https://apple.co/2Mz9nJp?

? Play Store (Android): Data Wallet - Apps on Google Play?

You can also try using them in our demo use cases page. For assistance, contact: [email protected]

Organisation Wallet

The Organisation Wallet by iGrant.io? enables the issuing, holding, and verifying verifiable credentials in compliance with the eIDAS 2.0 framework and European guidelines. This solution empowers organisations to seamlessly operate as issuers, holders, and verifiers of various credential types, including PID, LPID, EAA, and QEAA, supporting secure and versatile digital identity management across diverse use cases. The Organisation Wallet is available as a Platform-as-a-Service (PaaS) and an on-premise solution. This month’s key feature updates include:

? Credential Revocation as specified by IETF Token Status List draft 05

? Wallet Unit Attestation (WUA) issuance towards the Organisation Wallets

? Legal Person Identification Data (LPID) issuance as specified by EWC RFC 005. You can try out the workflow here

? Payment Wallet Attestestation issuance as specified by EWC RFC 007 and available here to try out.

You can try out iGrant.io? Organisation Wallet APIs on our developer pages. They can also be trialled on our demo page for enterprise-licensed customers.

Data Intermediation Service Providers (DISP)

A Data Intermediary Service Provider (DISP) facilitates the secure and efficient data exchange among various parties (e.g., organisations—both data sources like verifiers and individuals), as outlined in the EU Data Governance Act. DISPs provide platforms and technical means for Data Sources (Issuers or Data Producers), Data-Using Services (Verifiers or Data Consumers), and Individuals.?Read more here.

Consent Management

iGrant.io? offers a robust consent management solution built on ISO 27560, seamlessly integrating with Web 2.0 and Web 3.0 applications. Designed for compatibility with digital wallets, it ensures compliance with GDPR, CCPA, and other global data protection regulations while adhering to MyData and FAIR data principles. This equips organisations with the tools to foster trust, maintain compliance, and gain a competitive edge in the data economy. Developed in collaboration with GovStack , this solution enables secure and efficient data exchange in the public sector and beyond.?

Additionally, iGrant.io? is working with the Research Institute of Sweden (RISE) as part of a Swedish national system demonstrator project, SARDIN, to advance the use of consent management for secondary data sharing. This initiative highlights iGrant.io? commitment to driving innovation in data governance.

? Watch the video at Consent Management for Web 2.0 and Web 3.0

? Overview of Consent Management

Innovation and industry insights

Bolagsverket Legal PID (LPID) Issuance and Organisation Wallet

The iGrant.io? Organisation Wallet continues to demonstrate its versatility and reliability in issuing, holding, and verifying verifiable credentials. Aligned with the eIDAS 2.0 framework and European guidelines, it supports various credential types, including PID, LPID, EAA, and QEAA. It is available as a Platform-as-a-Service (PaaS) and an on-premise solution.

Our work with the Organisation Wallet has been further validated through collaboration with various business registries and wallet providers as part of the European Blockchain Services Infrastructure (EBSI) VECTOR project, ensuring interoperability and trust within the digital identity ecosystem. Additionally, we are actively collaborating with DRV-Bund, leveraging the Organisation Wallet in the real-world ESSPASS use case, which focuses on secure and efficient credential verification in cross-border scenarios.

These milestones underscore the Organisation Wallet’s pivotal role in enabling secure and seamless digital identity management across sectors and use cases. Read our press release for more details of our engagement with Bolagsverket within EU Digital Wallet Consortium (EWC) .?

? Watch the end-to-end LPID Issuancee demonstration here. This was first demonstrated at the EWC General Assembly in Madrid, Spain.

? Try out the step-by-step issuance workflow for developers here.?

EUDI wallet payments: A game-changer in progress

The EWC Payment Taskforce is advancing payment capabilities within the EUDI Wallet, focusing on Strong Customer Authentication (SCA) specifications and addressing adoption barriers. Payments significantly enhance the EUDI Wallet’s functionality, enabling seamless, regulation-compliant transactions.

With banks required to offer EUDI Wallet-based payment authentication for online SCA by 2027, this initiative positions the EWC Payment Taskforce as a pivotal driver of innovation and readiness across the financial ecosystem. Led by Visa , the payment task force, will define and specify payments in EUDI wallets with a strong team as below:

The EWC team has now progressed towards implementation via a Payment Pilot Team:?

? Watch the developer workflow demonstrating the issuance of Payment Wallet Attestation (PWA) to link a bank account with EUDI Wallet using #OpenID4VC protocols:

? Try out the step-by-step issuance of Payment Wallet Attestation using OpenID4VCI here.

What’s next in EUDI wallet standards?

?? The European Commission has published the new batch of draft IAs - The reviewing and commenting period is open until 27 December. The first batch of adopted final IAs will be published in December.?

? European Digital Identity Wallets – Registration of relying parties

? European Digital Identity Framework – Cross-border identity matching

? European Digital Identity Wallets – Security breaches

? European digital identity framework – Verification of electronic attestation of attributes

? European Digital Identity Wallets – list of certified wallets

?? The European Telecommunications Standards Institute (ETSI) is developing Technical Specification TS 119 471, which outlines policy and security requirements for Electronic Attestation of Attributes (EAA) service providers. This draft, published in November 2024, aims to enhance the security, trustworthiness, and interoperability of EAAs within digital identity ecosystems, such as the European Digital Identity (EUDI) Wallet.

Stakeholders are invited to review and comment on the draft by 20 December 2024. The final publication is anticipated in early 2025. These standards will be crucial in establishing a secure and reliable framework for European attribute attestation services.

For more information and to access the draft document, visit the ETSI standards page. You can also access the draft here.

Closing remarks

Thank you for being a valued part of our community. We hope these updates are informative and engaging. As we continue to innovate and expand our offerings or insights, we look forward to sharing more exciting developments with you in the coming months.

Stay tuned, stay engaged, and let’s shape the future of digital identities together. Follow us on LinkedIn or X.

Are you interested in what we do? Learn more ?? www.igrant.io. For further queries, contact us @ [email protected]