What the Wallet is
The Wallet is a citizen's digital wallet that performs the following functions:
- strong electronic identification system, based on at least two authentication factors
- repository of digital certificates (also called attributes or attestations) certifying a quality or status of a citizen or an organisation (educational certificate, residence permit, medical prescription, boarding pass, driving licence, etc.)
- qualified electronic signature tool, for non-professional purposes
- electronic payment instrument
This means that, over time, citizens will be able to use the Wallet to interact more easily with the public administration, but also with private entities, avoiding having to repeat the same procedures each time or produce again documents that are already available in digital form.
The evolutionary path
The path leading to the Wallet is the result of an evolution that has been underway for several years.
An important first step was
app IO (
Article 64-bis of Legislative Decree 07/03/2005, no. 82), designed as a single access point to digital public services. With IO, a simpler relationship between citizen and administration began to be built, bringing notifications, payments and services together in a single digital environment.
This first phase was then followed by the
IT-Wallet (
Article 20 of Decree-Law 02/03/2024, no. 19), namely the Italian digital wallet that allows genuine digital credentials to be stored and used. The IT-Wallet therefore represents the evolution of app IO from a model based on the individual service to a model based on identity and digital attestations.
The next step is the
EUDI Wallet (
EU Regulation 2024/1183 of the European Parliament and of the Council, 11/04/2024), namely the European digital identity wallet. In this case, the perspective extends beyond national borders. The European objective is to make available a Wallet that is recognised and interoperable in all Member States, enabling citizens to use their digital credentials also in cross-border contexts. It is a very important change, because it means moving digital identity from a national dimension to a European dimension, with common rules and shared standards.
The evolutionary path of the Wallet describes a precise transformation: first citizens access services from a single point, then they obtain a national tool to manage digital credentials and finally they become part of a European system in which those credentials can be recognised and used much more broadly.
The actors involved
To understand how the Wallet works, it is also useful to know the actors that make its use possible.
The first actor is the
authentic source, i.e. the entity that holds the original and official data. It may be an administration, a public register or an institutional database. In practice, it is the place where the information considered true and reliable is held.
The second actor is the
issuer, namely the entity that takes the official data and transforms it into a digital credential that can be used in the Wallet. Its task is not to create the content, but to certify it in digital form, making it usable within the Wallet in a simple and secure way.
The third actor is the
relying party, that is, the entity that receives and verifies the credential. It may be a public administration, a bank, a service provider or any other entity that needs to check whether that credential is authentic and valid.
This system shows that the Wallet is not a simple application, but an organised ecosystem. There are those who hold the original data, those who issue it in digital form and those who verify it. Only thanks to this balance can citizens use reliable credentials in their everyday digital relationships.
A closer look at issuers
The credentials that can enter the Wallet have a value that depends on who the issuing entity is.
A first category concerns
personal identification data (PID), i.e. the most sensitive credentials, directly linked to the citizen’s official identity. These are the fundamental pieces of information that make it possible to identify a person with certainty.
A second category is that of
qualified electronic attestations of attributes (QEAA). This includes credentials that have particular legal value, such as a university degree or a driving licence in digital format. These attestations can replace or complement paper documents (university degree, driving licence, etc.), while maintaining a high level of reliability.
A third category includes
attestations issued by or on behalf of a public authority (Pub-EAA), linked to officially recognised qualities, statuses or rights. This is the case, for example, of a municipality issuing a residence certificate, a residence permit or a disabled parking permit.
Finally, there are electronic attestations of attributes (EAA) that are less sensitive and do not have strong legal value, but are nevertheless useful in everyday life, such as a gym membership card or a transport pass. These too, in perspective, may find a place in the Wallet.
As can be seen, the Wallet can therefore contain very different types of information: some have significant public and legal value, others serve to simplify ordinary activities, but all of them, if correctly issued and verified, help make the relationship between citizens and digital services more fluid.
Deadlines
The European Union has established that Member States must make at least one European Wallet available by the end of 2026. At the same time, certain regulated private sectors (banking, finance, energy, transport, telecommunications, etc.) will also be required by the end of 2027 to accept identification via Wallet.
The Wallet is not a distant scenario, but a change already underway, destined to have a concrete impact on the way services, documents and digital credentials will be accessed in the coming years.
AgID implementation guidelines
To ensure that the Wallet actually works, technical guidance, shared standards and precise operational criteria are needed. This is precisely where AgID’s implementation guidelines come into play.
These guidelines must clarify, among other things, what characteristics the public Wallet and private wallets must have, how private entities may be accredited, what services will be made available to administrations and authorised entities, how interoperability with databases and information systems must be guaranteed, what security measures must be complied with, and how the source code of the different software components must be made available.
The implementation guidelines serve to translate the regulatory framework into a system that actually works. Without common technical rules, the risk would be to have tools that are incompatible with one another or insufficiently secure. With these rules, by contrast, the Wallet can become a reliable infrastructure, usable on a large scale and uniformly recognised.
At present, the last two implementing decrees required by Article 64-quater, paragraphs 3 and 5, of the Digital Administration Code (Legislative Decree 07/03/2005, no. 82) are still pending.
The first will have to define the technical and operational structure of the IT-Wallet, regulating the characteristics of the public wallet and private wallets, the accreditation criteria for private entities, interoperability standards, security measures, methods of use through the PDND and the rules concerning the release of source code.
The second decree will instead have to establish the application and timing aspects, clarifying the tasks of the companies responsible for managing the infrastructure, the launch date of the public IT-Wallet, the deadlines by which public administrations must make data and attestations available, the time from which private entities will be able to offer their own wallets and any economic rules relating to paid services, without prejudice to the principle that the public wallet is free of charge.
Testing Consortia
Before the Wallet becomes fully operational, Europe has chosen to test it through large international consortia. These projects are used to test concrete use cases and understand how the system can work in practice.
Among the main consortia is:
- POTENTIAL, focused on digital public services, driving licences, healthcare and SIMs;
- NOBID focuses primarily on digital payments;
- APTITUDE works on transport, mobility and banking services;
- WE BUILD is dedicated in particular to services for businesses, the supply chain and the cross-border use of business credentials;
- DC4EU tests the use of digital credentials in education, professional qualifications and social security. Finally;
- EWC aims at the operational validation of the Wallet in frequent use cases, such as identification, electronic signature, payments and access to services.
These consortia are important because they make it possible to verify, in the field, security, interoperability, ease of use and mutual recognition between different countries. In this way, when the Wallet truly enters the everyday life of citizens and businesses, the system will already have gone through a concrete and structured testing phase.
The emergence of the Business Wallet
The most recent phase in the evolution of the Wallet concerns the so-called
Business Wallet. While the discussion has so far focused mainly on natural persons, a new perspective is now opening up that also involves businesses, entities and organisations.
Just as citizens will be able to use their own digital wallet to prove identity and attributes, a business will also be able to have a similar tool to securely prove its legal identity, its certificates, powers of representation, delegations and other official attributes.
This perspective was reinforced by the
proposal for a European regulation establishing European Business Wallets (COM/2025/838), which aims to establish European Business Wallets. In summary, the text aims to enable businesses and public institutions to identify themselves, authenticate themselves and exchange data and attestations with full legal value throughout the European Union. The objective is to reduce administrative burdens, simplify compliance requirements and make relationships between businesses, public administrations and European markets more fluid.
The point of arrival
The Wallet represents much more than a technological novelty, because it is the sign of a deeper change in the relationship between people, organisations and digital services. The objective is not simply to digitise existing documents, but to create a system in which identities, credentials and attributes can be used in a secure, simple and recognised way. This is why the national and European Wallet is destined to become one of the most important instruments of digital citizenship in the coming years.