Skip to main content
Didit Raises $7.5M to Build the Infrastructure for Identity and Fraud
Didit
Back to blog
Blog · March 12, 2026

eIDAS 2.0 PID: Technical Specs for Digital Wallets

eIDAS 2.0 introduces standardized Person Identification Data (PID) for digital wallets, streamlining secure identity verification across the EU.

By DiditUpdated
eidas-20-pid-technical-specs-for-digital-wallets.png

Standardized PID for Seamless Identity: eIDAS 2.0 mandates a common set of Person Identification Data (PID) attributes for EU Digital Identity Wallets, ensuring interoperability and consistent identity verification across member states.

Technical Challenges in Wallet Implementation: Implementing eIDAS 2.0 PID requires sophisticated technical solutions for secure data storage, cryptographic protection, attribute issuance, and verifiable credential exchange, emphasizing data minimization and user consent.

Importance of Robust Verification: Accurate and secure verification of PID at issuance and during transactions is crucial to prevent fraud and ensure compliance with regulatory standards, leveraging advanced ID verification and liveness detection technologies.

Didit's AI-Native Solution: Didit provides an AI-native, modular identity platform with Free Core KYC, offering the flexible tools and robust verification capabilities needed to seamlessly integrate with and support eIDAS 2.0 PID requirements in digital wallets.

Understanding eIDAS 2.0 and Person Identification Data (PID)

The updated eIDAS 2.0 regulation is set to revolutionize digital identity in the European Union, with a core component being the EU Digital Identity Wallet. A fundamental aspect of this wallet is the standardized Person Identification Data (PID) it will contain. PID refers to a common set of identity attributes, such as name, date of birth, address, and national identifier, that are consistently structured and verifiable across all EU member states. This standardization is critical for achieving true cross-border interoperability and enabling seamless, secure digital transactions and interactions for citizens and businesses alike.

The technical specifications for PID within these digital wallets are designed to ensure data integrity, authenticity, and user control. Each attribute must be issued by a trusted source, cryptographically signed, and capable of being selectively disclosed. This shift from physical documents to verifiable digital credentials demands a high level of technical precision and security in their creation, storage, and presentation. For any organization looking to leverage or integrate with the EU Digital Identity Wallet ecosystem, understanding these granular technical requirements is paramount.

Key Technical Specifications for PID in Digital Wallets

Implementing eIDAS 2.0 compliant PID in digital wallets involves several layers of technical considerations:

  1. Attribute Structure and Semantics: PID attributes must adhere to a predefined data model, ensuring consistency in data types, formats, and meaning across the EU. This includes standardizing fields like 'given name', 'family name', 'date of birth', 'place of birth', 'current address', and national identification numbers. The precise semantics prevent ambiguity and facilitate automated processing.
  2. Verifiable Credential (VC) Framework: PID will be encapsulated within Verifiable Credentials, a W3C standard. This means each attribute or set of attributes is issued by an authorized entity (e.g., government agency), cryptographically signed, and can be presented by the user to a relying party. The technical implementation must support the issuance, storage, and verification of these VCs, including their cryptographic proofs.
  3. Secure Storage and Access Control: The digital wallet must provide a highly secure environment for storing PID. This involves robust encryption, secure hardware elements (where applicable), and strict access controls. Users must have explicit control over their data, including the ability to consent to specific attribute disclosures, in line with GDPR principles.
  4. Interoperability Protocols: For PID to be truly useful, wallets must interoperate seamlessly with various relying parties (e.g., banks, e-commerce sites, government services). This requires adherence to common communication protocols and APIs for requesting, presenting, and verifying PID attributes. These protocols will likely build upon OpenID Connect for Verifiable Credentials (OIDC4VC) and other established standards.
  5. Data Minimization by Design: A core principle of eIDAS 2.0 is data minimization. The technical specifications must enable users to selectively disclose only the necessary PID attributes for a given transaction, rather than sharing their entire identity. This requires granular control mechanisms within the wallet interface and corresponding technical capabilities in the underlying VC framework.

Challenges and Solutions in PID Implementation

The technical demands of eIDAS 2.0 PID present several challenges for developers and organizations:

Challenge 1: Ensuring Data Integrity and Authenticity. How can relying parties trust that the PID presented by a digital wallet is genuine and hasn't been tampered with? The solution lies in robust cryptographic signatures from trusted issuers and a secure verification process. Didit's ID Verification capabilities, including OCR, MRZ, and barcode scanning, can be instrumental in the initial robust verification of identity documents before PID is issued, ensuring the foundational data is accurate and authentic. Our Passive & Active Liveness detection further prevents fraudulent issuance attempts using deepfakes or spoofing.

Challenge 2: Interoperability Across Diverse Systems. Different countries and service providers may have varying technical stacks. Ensuring seamless exchange and verification of PID requires adherence to common standards and flexible integration options. Didit's modular architecture and clean APIs are designed for exactly this, allowing organizations to integrate identity verification workflows into any system, facilitating interoperability.

Challenge 3: Compliance and Regulatory Adherence. Navigating the complexities of GDPR, eIDAS 2.0, and local data protection laws can be daunting. Systems must be built with privacy-by-design principles, including configurable data retention policies. Didit acts as a data processor, offering controls like adjustable data retention periods (from 1 month to unlimited) in the Business Console, and enterprise options for in-country processing, supporting compliance efforts.

Challenge 4: User Experience and Adoption. While technically robust, the digital wallet must also be user-friendly. Complex verification flows can deter adoption. Simplifying the process while maintaining high security is key. Didit's developer-first approach, with an instant sandbox and public documentation, empowers developers to create seamless, intuitive user experiences for identity verification.

How Didit Helps

Didit is uniquely positioned to help organizations navigate the technical complexities of eIDAS 2.0 Person Identification Data (PID) in digital wallets. Our AI-native, developer-first identity platform offers the flexible and robust tools necessary for secure and compliant identity verification.

With Didit, you can:

  • Ensure PID Accuracy and Authenticity: Leverage Didit's advanced ID Verification (OCR, MRZ, barcodes) and NFC Verification (ePassport/eID) to establish a high level of assurance for the foundational identity data used to generate PID. Our Passive & Active Liveness detection and 1:1 Face Match capabilities prevent identity fraud at the point of issuance or during subsequent verification steps.
  • Build Modular and Compliant Workflows: Didit's modular architecture allows you to compose verification workflows tailored to eIDAS 2.0 requirements. Our no-code orchestration engine in the Business Console lets you define precise rules for PID issuance and verification, ensuring data minimization and user consent are upheld. For compliance, our AML Screening & Monitoring helps meet regulatory obligations associated with user onboarding.
  • Maintain Data Privacy and Control: As a data processor, Didit provides robust data retention controls directly within the Business Console, allowing you to configure policies from 1 month to unlimited, or delete sessions on demand. Enterprise accounts can also access in-country processing for local data residency, supporting GDPR and other data protection regimes.
  • Accelerate Integration and Development: Didit is built for developers, offering an instant sandbox, comprehensive public documentation, and clean APIs. This developer-first approach significantly reduces integration time and allows your team to focus on building innovative digital wallet solutions without getting bogged down by identity verification infrastructure.
  • Benefit from Cost-Effective Solutions: Didit offers Free Core KYC, a pay-per-successful-check model, and no setup fees. This allows organizations of all sizes to implement advanced identity verification solutions without prohibitive upfront costs, making eIDAS 2.0 compliance more accessible.

Ready to Get Started?

Ready to see Didit in action? Get a free demo today.

Start verifying identities for free with Didit's free tier.

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page
eIDAS 2.0 PID: Digital Wallet Technical Specs Explained.