News & Insights

A wide variety of digital wallets have been introduced in recent years. They have varying degrees of functionality, ranging from making in-store payments and earning loyalty points, to entering restricted areas, logging in to online services (eID) and signing. Besides the existing digital wallets (e.g. Apple, Google), the European Commission now proposes a European Digital Identity Wallet (EDIW) that will be available to all EU citizens, but there is some debate about its relevance for payments use cases. This article sets out to demystify the EDIW’s scope in a payments context. 

To enable generic functionality for EU citizens, the EDIW must contain three elements: personal identification data (PID), a qualified signature, and various electronic attestations of qualified and non-qualified attributes. These three elements enable EU citizens to use the EDIW as a way of identification or to confirm certain personal attributes for the purpose of access to public and private digital services across the EU. 

Numerous intended use cases

The EDIW is aimed at supporting a large number of use cases. Just some examples could include requesting medical certificates, reporting a change of address, opening a bank account, filing tax returns, applying for a university place (in the home country or in another Member State), storing a medical prescription that can be used anywhere in Europe, proving your age, renting a car using a digital driving licence, and checking in to a hotel.

While many of these use cases appear to be straightforward, there is some debate about the role of the EDIW in payments-related use cases. Payments were not actually mentioned as a use case in the first draft of eIDAS2.0. Since the publication of that first draft, however, the use case for payments has become a point of discussion. 

Timeline of discussion about use for payments

In May 2021, the European Commission posted content related to the EDIW. It mentioned using the wallet to open a bank account as one of the use cases, although payments were not explicitly mentioned as a use case.

In November 2023, the European Commission published a press release about the final agreement on the EDIW together with a Q&A. The press release states that “the Wallet will allow users to make payments” and that large-scale pilots “have started testing the EDIW in a range of everyday use-cases, including digital payments”. In the press release, no specific definition of the payments use case is given. In the Q&A, however, it is mentioned that users will be able to use the EDIW “to authorise online transactions, in particular where strong user authentication is required”. Additionally, “initiating a payment” is mentioned as one of the examples. This Q&A suggests that authorising payments would be in scope of the EDIW.

So the European Commission claims that an EDIW contains attestations of attributes as well as being able to generate electronic signatures. But the question remains: how does the payments use case fit in?

INNOPAY’s view on the EDIW’s scope for payments

In our view, some parts of a payments flow are in scope as an EDIW use case, while other elements remain out of scope. We believe banks must accept EDIWs for the purpose of identification and authentication, both in onboarding and payments. Payments authorisation, however, remains under banks’ own control and falls outside the scope of the EDIW (see Figure 1). This means that, in line with PSD2 requirements, banks may establish contracts (bilaterally) or setup schemes (multilaterally) with issuers of EDIWs to delegate payment authorisation to the EDIW. However, setting this up at EU scale is not trivial, nor is it compulsory for banks to enter in such contracts/schemes.