eIDAS-Testbed successfully launched
go.eIDAS-Association aims at fostering interoperability and trust for digital identities
The regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market, which is commonly known as “eIDAS-Regulation”, has been recently amended to form the “European Digital Identity Framework” (EU) 2024/1183. This regulation in particular requires that all EU Member States shall provide “European Digital Identity Wallets” (EUDIW) to their citizens by the end of 2026. The EUDIW will support strong authentication and identification with a high level of assurance in a cross-border setting as well as the free creation of qualified electronic signatures for non-professional purposes and is expected to be used in a large variety of use cases in eGovernment, eHealth, eCommerce, eBanking, ePayment and eTransport for example.
EUDIW shall support OpenID for Issuance and Presentation of Verifiable Credentials
As specified within the “Architecture and Reference Framework” (ARF), the forthcoming EUDIW shall support “Verifiable Credentials” (VC) according to the World Wide Web Consortium (W3C), which can be issued using the “OpenID for Verifiable Credential Issuance” (OpenID4VCI) and presented to Relying Parties using the “OpenID for Verifiable Presentations” (OpenID4VP) protocol. In order to enable the privacy-friendly presentation of identity attributes, the “Selective Disclosure for JWTs” (SD-JWT) credential format is used and additional details for issuing so called “PID-Credentials”, which contain “Personal Identification Data”, are defined within the so called “PID-Rulebook”.
eIDAS-Testbed is integrated with eIDAS-Network and allows to issue PID-Credentials
In order to enable interoperability tests for issuing PID-Credentials to existing and forthcoming EUDIW, the go.eIDAS Association joint forces with selected partners in order to create the eIDAS-Testbed (https://test.eID.AS), which has been validated within the recently conducted OpenID-Wallet-Plugfest, which took place within the scope of the Tech-X Conference & Hackathon #7 organised in partnership with the Gaia-X Hub Luxembourg. At the heart of the provided eIDAS-Testbed is an Issuer Service, which integrates with the existing eIDAS-Network and supports the necessary protocols and credential formats in order to issue PID-Credentials to ARF-compliant wallets. The Issuer Service within the eIDAS-Testbed has been realised based on the Open Source “Notarization Service”, which is part of the Eclipse XFSC (Cross Federation Services Components) project and which has been developed by ecsec GmbH on behalf of eco Association after an EU-wide tendering process. eco has initiated the “Gaia-X Federation Services” (GXFS) project with funding from the German Federal Ministry of Economic Affairs and Climate Action (BMWK). The initiative has transitioned to the Eclipse Foundation, now known as Cross Federation Services Components (XFSC), where it operates as Free and Open Source Software (FOSS). This development has also been supported by a variety of additional experts from the vibrant Gaia-X Open Source community, including experts from msg systems ag and Spherity GmbH for example. The operation of the Issuer Service within the eIDAS-Testbed utilises the Open Source “Sovereign Cloud Stack” (SCS) maintained by the Open Source Business Alliance (OSBA), which is supported by the BMWK and the Federal Agency for Disruptive Innovation (SPRIND). “SCS is cloud infrastructure that is open and can be used and operated independently. This makes it the best basis for services that require the highest level of trust. We are delighted that this has been taken into account with the Issuer Service of the eIDAS-Testbed”, adds Peter Ganten, chairman of the board of the OSB Alliance. "The XFSC OSS projects complement SCS nicely to provide a fully open stack and we are glad to see this reflected in the usage of SCS for ecsec’s Issuer Service within the eIDAS-Testbed."
The integration with the existing “eIDAS Network” has also been realised by ecsec GmbH based on the “SkIDentity® Service”, which has been developed within the ”Trusted Cloud” programme of the BMWK about ten years ago and integrates with a variety of notified eID-Schemes. “It is important to understand that the existing eIDAS-Network, which has been created since 2014 can be smoothly integrated with the new credential based infrastructures around the European Digital Identity Wallet”, emphasizes Tina Hühnlein, Director of go.eIDAS Association and Co-Founder and CEO of ecsec GmbH.
“It is a great pleasure to see that our SkIDentity® Service does not only provide a solid bridge from the ‘Trusted Cloud’ to eIDAS 1.0, but now also utilises the recently developed Open Source Notarization Service to build yet another sovereign and future-proof bridge to eIDAS 2.0 as well,” adds Tobias Wich, CTO of ecsec GmbH.
First European Digital Identiy Wallet successfully tested within eIDAS-Testbed
Within the scope of the OpenID-Wallet-Plugfest, which has been attended by digital identity experts from Aloaha Limited, C&S Computer und Software GmbH, Continental Automotive Technlogies GmbH, Denso Automotive Deutschland GmbH, deltaDAO AG, eco – Association of the Internet Industry (eco – Verband der Internetwirtschaft e.V.), ecsec GmbH, Fraunhofer Institute for Industrial Engineering IAO, Fraunhofer Institute for Applied Information Technology FIT, go.eIDAS e.V., ITK Engineering GmbH, NTT DATA Group Corporation, Robert Bosch GmbH, Scytáles AB, SoftwareOne, Talao and T-Systems International AG, there were several wallets tested with the eIDAS-Testbed using the so called “Pre-Authorized Code Flow”. In this flow the authentication and identification of the user is performed in a first step, before the EUDIW is used to capture a QR code with a so called “Credential Offer”, which is finally turned into the desired PID-Credential. The conducted interoperability tests have revealed different aspects where there is room for improving interoperability and have shown that there is a first Open Source EUDIW from the French company Talao, which has demonstrated compliance to the pertinent specifications. “We warmly welcome the early provisioning of the eIDAS-Testbed and are very pleased that we have once more been able to demonstrate our leading role with respect to providing ARF-compliant wallets,” adds Thierry Thevenet, Co-Founder and CEO of Talao.
“It does not come as a surprise that Germany and France are playing a leading role in shaping the European Digital Identity Framework in order to provide a high level of sovereignty, trust and interoperability,” adds Rafael Laguna de la Vera, Director of Germany’s Federal Agency for Disruptive Innovation (SPRIND). “This is because Germany and France are convinced that the EU needs more innovation, more single market and more investment in sovereign and trustworthy technologies such as digital identities.”
eIDAS-Testbed will also be used in and extended to application-specific domains
While the initial eIDAS-Testbed focusses on digital identity aspects, it is also planned to apply the interoperability testing facilities within application-specific domains, such as electronic health or electronic mobility for example, and extend the scope of the interoperability tests to application specific protocols and formats.
As the forthcoming “European Health Data Space” (EHDS) Regulation refers in its Article 9 to the eIDAS-Regulation (EU) No 910/2014 for its “Identification Management”, it is a natural move to utilise the eIDAS-Testbed also in the electronic health sector in order to foster the sovereignty, interoperability and trust within the emerging EHDS. “We are excited to see that the eIDAS-Testbed addresses the crucial interoperability aspects for digital identities at an early point in time”, adds Sebastian Hilke, Director Digital Health at Bayern Innovativ GmbH and project manager of TEAM-X. “We are very keen to extending this endeavor towards the electronic health sector in order to create a sovereign, trustworthy and interoperable EHDS based on the developments from the TEAM-X project, in which we are currently building a ‘Trusted Ecosystem of Applied Medical Data eXchange’ based on Gaia-X principles.” “The eIDAS-Testbed is greatly supporting our work on the comprehensive integration of care in the upcoming EHDS," says Bruno Ristok, CEO of C&S Computer und Software GmbH. “It will enable us to implement our innovative approaches to improve and integrate care more effectively in holistic processes much more quickly and effectively.”
Another important application domain for decentralized digital identities is the European mobility ecosystem, as addressed by the moveID project, which is also supported by the BMWK within the Gaia-X 4 Future Mobility project family. “We are pleased to see that the eIDAS-Testbed addresses interoperability aspects for digital identities for natural persons in best time,” adds Michael Reuter, CEO and Co-founder of Datarella GmbH and Speaker of the moveID project. “This will give us the opportunity to extend the testing facilities to cover digital identities for legal persons, autonomous devices as well as vehicles within the moveID project as well.”
go.eIDAS-Association – join us today to shape the future of sovereignty and trust!
The go.eIDAS-Association welcomes all interested organizations and individuals who are committed to the goals of the initiative and want to contribute to the development of a sovereign, trustworthy and interoperable European Digital Identity Framework and European Dataspace Ecosystem. This especially includes application providers, eID-related stakeholders, trust service providers, conformity assessment bodies, other service providers, regulatory authorities and other public sector bodies, publicly funded projects and initiatives, academic institutions and standard development organizations as well as individual persons.
About the go.eIDAS-Association (https://go.eID.AS)
The non-profit go.eIDAS-Association has been initiated by leading European associations, projects and expert organisations in the sector of electronic identity (eID) and trust and aims at supporting the practical implementation of the recently enacted “European Digital Identity Framework” (EU) 2024/1183, which amended the eIDAS-Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market in order to create an open, inclusive, secure, privacy-friendly and trustworthy eIDAS-Ecosystem. The go.eIDAS-Association welcomes all interested organisations and individual persons which want to benefit from and push forward the adoption of eIDAS in Europe and beyond.
About C&S Computer und Software GmbH (https://www.managingcare.de/)
C&S is one of the leading technology companies for geriatric care and the social economy in the DACH region. The portfolio includes solutions for elderly, disabled and youth welfare as well as open social work. The core product is the Gaia-X compatible networking and integration platform MCD with its connection to the telematics infrastructure.
About Eclipse Foundation (https://eclipse.org)
The Eclipse Foundation provides our global community of individuals and organisations with a business-friendly environment for open source software collaboration and innovation. We host the Eclipse IDE, Adoptium, Software Defined Vehicle, Jakarta EE, and over 410+ open source projects, including runtimes, tools, specifications, and frameworks for cloud and edge applications, IoT, AI, automotive, systems engineering, open processor designs, and many others. Headquartered in Brussels, Belgium, the Eclipse Foundation is an international non-profit association supported by over 360 members. To learn more, follow us on social media @eclipsefdn, LinkedInor visit eclipse.org.
About eco (https://eco.de)
With more than 1.100 member companies, eco is the largest Internet industry association in Europe. Since 1995 eco has been highly instrumental in shaping the Internet, fostering new technologies, forming framework conditions, and representing the interest of members in politics and international committees. eco’s key topics are the reliability and strengthening of digital infrastructure, IT security and trust as well as ethically oriented digitalisation. eco advocates a free, technology-neutral and high-performance Internet. eco has initiated the Gaia-X Federation Services (GXFS) project, which brought forward the XFSC toolbox, which is now maintained by the Eclipse XFSC (Cross Federation Services Components) project.
About ecsec GmbH (https://ecsec.de)
ecsec GmbH is a specialized vendor of innovative solutions in the sector of security in the information and communication technology, security management, smart card technology, identity management, web security and electronic signature technology. Based on decades of experiences from a large variety of projects with international reach ecsec GmbH counts to the leading providers in this sector and supports well known customers within the conception and implementation of tailor-made solutions. Noteworthy projects of ecsec GmbH within the digital identity domain comprise Open eCard, SkIDentity®, eIDAS-Signer, epotheke and last but not least the XFSC Notarization Service.
About moveID (https://moveID.org)
The Gaia-X 4 Future Mobility project "moveID" brings together 19 partners, including industry leaders, such as Bosch, Airbus, Continental, Denso, Eviden and Materna, as well as specialised identity expert organisations and selected academic institutions, in order to create a trustworthy digital mobility infrastructure for the future. The focus of moveID is the design and development of future-proof solutions for decentralized, self-sovereign, digital identities for autonomous devices and connected vehicles within the emerging European mobility ecosystem based on Gaia-X principles.
About msg systems ag (https://msg.group)
msg is an independent, international group of companies with more than 9,000 employees worldwide. It is represented in 28 countries and supports its customers in their digital transformation. Founded in 1980, the consulting and IT company provides strategic business consulting and end-to-end solutions for the automotive, banking, consumer products, food, healthcare, insurance, life science & chemicals, manufacturing, public sector, telecommunications, travel & logistics and utilities industries. Within the group, independent companies cover the wide variety of industry and topic-based competences. msg systems ag forms the core of the group of companies. The experts at msg have been actively shaping the eIDAS ecosystem of digital identities and trust services for many years, currently including in the European projects on the EUDI Wallet, the BundID and international standardization.
About Open Source Business Alliance (OSB Alliance) (https://osb-alliance.de/)
The Open Source Business Alliance (OSB Alliance) is the association of the Open Source industry in Germany. It represents over 200 member companies that generate more than 126 Billion Euros annually. Together with scientific institutions and user organizations, it is committed to permanently emphasizing and anchoring the central importance of Open Source software and open standards for successful digital transformation in the public consciousness. In addition, innovations in the area of Open Source are to be promoted. The aim of the OSB Alliance is to establish Open Source as a standard in public procurement and in research and economic development. Open Source and open standards are essential foundations for digital sovereignty, innovation capability and security in digital transformation and are therefore the answer to one of the greatest challenges of our time.
About Sovereign Cloud Stack (SCS) (https://scs.community/)
SCS has been funded by the Federal Ministry for Economic Affairs and Climate Protection (BMWK) since July 2021 and is based at the Open Source Business Alliance – Federal Association for Digital Sovereignty e.V. A growing, international ecosystem of now over 25 companies with over 50 software developers contributes to the success of the Sovereign Cloud Stack, in collaboration with thousands of developers in the upstream communities at the Open Infra Foundation, Cloud Native Compute Foundation and others. Together, open standards for a modern, federable Open Source cloud and container platform are defined and implemented in an open development process using proven Open Source components. At the same time, operational knowledge and practices are made transparently accessible in order to reduce the difficulties in providing high-quality and secure cloud services to a minimum. Six providers are already using SCS technology productively to operate truly sovereign and GDPR-compliant public cloud offerings. Further SCS-based cloud infrastructures (public and private clouds) are under construction. SCS also contributes to Gaia-X and provides the development platform for the Gaia-X Federation Services / Cross-Federation Service Components (GXFS/XFSC).
About Talao (https://www.talao.io)
Talao is the leading provider of digital identity wallets in Europe since 2017. Talao’s Wallet as a Service (WaaS) platform allows organizations to rapidly customize and deploy their own branded mobile wallets tailored to their unique goals and requirements in terms of security, features, type of verifiable credentials, etc. This approach reduces time-to-market and development costs for projects that aim to enter the DID ecosystem with their own mobile wallet. Talao’s wallets are Open Source and built on open standards (W3C, OpenID, DIF), with a focus on security, user experience, and interoperability. This commitment to open standards ensures that Talao’s wallets support a wide range of Verifiable Credential (VC) types and facilitate seamless integration with various identity ecosystems. With the upcoming European Digital Identity (EUDI) wallet, Talao is the perfect partner for projects aiming to launch mobile wallets conformant with EU and ARF requirements. Talao has extensive experience in decentralized identity, with over 40,000 wallet downloads worldwide and more than 80,000 verifiable credentials issued. Try the Talao Wallet – a secure and interoperable solution designed for ease of use, available on iOS and Android app stores.
About TEAM-X (https://project-team-x.eu/)
TEAM-X is a network consisting of ten consortium partners and three cooperation partners from various specialist areas. Technical solutions such as the cloud edge approach of the TEAM-X data ecosystem are being developed and ethical, legal and social impacts are being investigated. TEAM-X has been working since January 1, 2022 for a period of three years to strengthen the ability and self-determination of the population in dealing with their health and care data as well as on the digital competence and innovative strength of the health and care industry.
Die ecsec GmbH ist ein spezialisierter Anbieter von innovativen Lösungen im Bereich Sicherheit in der Informations- und Kommunikationstechnologie, Sicherheitsmanagement, Chipkartentechnologie, Identitätsmanagement, Internetsicherheit und Elektronische Signatur. Gestützt auf die jahrelange Erfahrung aus verschiedenen Beratungsprojekten internationaler Tragweite zählt die ecsec GmbH zu den führenden Anbietern in diesem Bereich und unterstützt renommierte Kunden bei der Konzeption und Realisierung maßgeschneiderter Lösungen.
Durch die Berücksichtigung des jeweiligen Standes der Wissenschaft und Technik und der aktuellen und zukünftigen internationalen Standards sind eine exzellente Beratungsqualität und der nachhaltige Kundenerfolg garantiert.
ecsec GmbH
Sudetenstr. 16
96247 Michelau
Telefon: +49 9571 9481020
http://www.ecsec.de
E-Mail: go@eID.AS