Panel | Expert/Digital Wallet & Verifiers Q+A

What wallets do we want? To answer this question, Germany is doing an innovation competition where we had a tender and we selected six teams for the funded track and five teams for the non-funded track. Now these teams will compete with each other in three stages and it's a real competition. After each stage, two teams will be gone. So in the end, for each track, only two teams will make it to the end. And what are they competing for? They're competing to be the best solution to become a breakthrough innovation.

So they're building wallet prototypes for the most trustworthy, user-friendly, universally usable EUDI wallets. And that's a very ambitious goal, right? So this is our attempt to learn through running code, learn through iterations. The goal is really to help the public sector to understand through iterations what innovations are needed to get us the wallets we need. And Thomas, who kindly asked the question, was actually on the jury who helped us select this team. Thank you so much for helping us. And if you can please bring out the Teams slide.

So some of our teams have kindly joined us today. Can we have the Teams screen with the remote participants, please? Thank you. So we will have some teams remotely introduce their team and tell us, we don't have time to give you a 10-minute pitch, but in less than a minute, they'll tell you what makes them special, why they believe they're well positioned to compete in this competition and win. And I also want to invite three teams we have in person. So let's see, Google, Yubico, if you folks can come to the stage. So the first team is Animo Solutions.

Timo, take it over. Hi.

Yeah, thanks. I'm Timo from Animo, working on the Animo Easy Fit solution in the Funka project. We're a small company from Utrecht in the Netherlands and have been active in the self-sovereign identity space.

Well, that's what we called it back then, for around five years. And we've worked with a lot of government and organizations, implementing and piloting a lot of verified credential solutions, seen a lot of things that don't work. There are a few things that do work. You may know us from, as the maintainers of Credo, which is an open source framework hosted by the Open Wallet Foundation, where we do a lot of, yeah, learned a lot of working on identity standards. And we're very excited about the direction of the EU wallet and that we get to work on it with Sprint.

I think what sets us apart is that we have a lot of experience with the underlying technical standards of the EU wallet, a lot of experience with privacy preserving technology, and combining that with our care for user experience makes that we can build a very secure and easy to use wallet that, yeah, guarantees that it can be used by government identity wallets. Thank you. Next up is Osada. If we can switch the screen, please. Thank you. Take it over.

Thank you, Christina. Good morning, everybody. I am Andreas Bliess, the CEO and co-founder of Otada. We are one of the leading companies within the German ecosystem. And the project we proposed is EVA, Easy UDI Wallet App. And we focus on 100% decentralized and hardware-backed management of identity data and attributes. From our understanding, this enables an improved usage of credentials in online and on-site scenarios for more inclusive access to the EUDI ecosystem.

And this, we believe, while ensuring the highest standards in terms of security, privacy, and, of course, usability. Thank you. Thank you. Next up is Sirian. Hi. My name is Martin Bunder, and, yeah, thank you. I'm really happy to and proud to be part of this project. What makes us special? I think that we combine a very deep knowledge of the technology and the standards with our years of experience in building and delivering solutions to organizations and to people, and people from technical, sadly, business users to less digital-capable or weaker users.

We bring that together in this project, and I think the most important thing is to create adoption as wide as possible. Thank you. Unfortunately, Governicus and Thijs could not join us, but up next is YubiQ, I believe. Hi. Yes. I'm Fabian. I'm co-founder and CTO at YubiQ. We're a Zurich-based company with a passion for digital consumer products, and we're building some of the most used apps here in Switzerland. We're very happy to take part in this sprint competition, and with Heidi, we will provide a human-centered EID infrastructure with the best-in-class user experience and high security.

This means we will build a complete ecosystem, including a native iOS and Android app to showcase an easy-to-use digital identity solution for the people in Germany. Thank you. We are funded truck, and now we're moving to non-funded truck, and I think first up is Kaprian. Yes.

Hello, everybody there, and thank you for the invitation, Kristina. My name is Andrzej Werner. I'm co-founder and CEO of Kaprian Technologies, and Kaprian stands for linking of various decentralized and autonomous IT systems with the aim of automating processes and creating a wider range of services.

We have been supporting the public transportation sector in automating its business processes using electronic tickets, mainly based on JIT cards, for more than 10 years now, and with the Elio wallet, we want to provide both natural people and legal entities with a tool that allows them to operate in the digital environment as freely and legally and securely as our legal system allows today, so to act on their own, and we support development with our interdisciplinary team and international team, and we're very proud to be a part of that. Thank you. Thank you. Samsung Electronics. Hello.

My name is Dzej Przelewski, and I'm a product manager for digital identity at Samsung Wallet, so we're thrilled to participate in the FUNK EUDI wallet product challenge as an EUDI wallet provider. It facilitates real-life applications such as identity verification or SIM card registration or bank account opening through digital identity utilities.

Security and privacy are fundamental to wallet design, ensuring a trustworthy environment for wallet interactions and delivering a user experience that empowers individuals to fully utilize digital identity within Samsung Wallet, so really happy to be here with you guys. Thank you. We'll go through our remote participants, and now we have our in-person participants, so Google, take it over. Hi. My name is Dirk Balfanz. I work at Google, and I represent the Android Open Source Wallet EUDI Germany team or something. I forget the name exactly. What sets us apart? I'll mention three things.

One is the commitment to open source. If we make it to the end, we will have contributed everything we built here as part of this to the open source. We've been doing that with the Open Wallet Foundation, and we plan to do that here as well. Second thing I'll mention is the expertise we bring to the table. The folks on the team are very familiar with the Android ecosystem, which is very heterogeneous, what works, what doesn't work. We understand what it takes to build things at scale for billions of users.

And the third thing I would mention is that we're in a unique position to ask the question, what if the operating system worked a little different? What if we had an extra web platform API? Are there benefits potentially here for user experience, better security, better privacy? So we plan to ask ourselves the question, experiment with, for example, the digital identity credential API in the browser. And if it turns out that, indeed, those bring extra benefits, then we're also in a position to make changes to Android, say, or help facilitate changes in the web platform. Okay.

Hey, I'm Adrian, cofounder of Lizzy, and we're a startup based in Frankfurt, Berlin. We initiated and lead the ID Union Consortium, a research consortium here in Germany. And we do have a wallet already. I think that's the reason why we were selected, which is available in 13 languages and enables user centric testing. We're also compatible with the test beds of the large scale pilots and also, yeah, had to initiate the open ID for VC protocols. And we're actually the first wallet to implement it in a pilot.

And yeah, if you're willing and happy to join the challenge and want to implement use cases, we also have the API software for it. So feel free to reach out to me, and let's get that going.

Hi, John Bradley, the principal architect at Yubico. So I'm here representing team Sunet. So our project comes out of the DC4EU large scale pilot, Sunet, Yubico, and Junet in a pan-European open source project. Our labs created a progressive web app wallet. What makes us a bit different is that we don't believe that people, in order to have digital credentials in Europe, people shouldn't be forced to have a mobile phone. Not everyone does. So we're looking at, it may be harder to do some of this stuff without the presumption that everyone has a mobile phone.

But we need to support different deployment models so that we have the sort of inclusiveness that we need. Also, coming from the research and education side, where we run sort of the largest federations in the world, representing thousands and thousands of identity issuers and receivers. We're already working on transnational pilots for DC4EU with Japan, the U.S., and other locations. So we're already looking at how trust can scale inside the EU and beyond, because education is a global phenomenon.

So we're trying to address some of the bigger problems, but of course we're going to have the most wonderful wallet and kick everyone else's ass. But we also want to work with Google and Apple and all of that, because we're friends. Thank you. If you want to learn more, this is not the only thing our project is doing. Torsten and Paul have a session later today, I think, 2.30, so I would encourage you to join there. Maybe we can double-click in the next panel the selection process a little bit.

But we have the jury from different corners, security experts, UX experts, private and public sector, civil society representatives, and these teams will continue to face the scrutiny of this jury, so wish them good luck. And huge thank you to the EIC team, thank you so much for helping us pull this together last minute.

I really, really appreciate it. And again, thank you to the panelists for allowing me to do this. Now back to Daniel and Anil, and thank you so much, the teams, again, for joining us on stage or remotely, and thank you all for listening.

Thank you, Christina. John, you just mentioned inclusiveness, and I think that's a really important topic. I'm outing myself, I love how the German team is trying to be inclusive. This is the exact opposite of running a little tender with a premeditated outcome and trying to do everything in the back. So I really think you're doing an amazing job here. And in the vein of doing this in an inclusive way and trying to involve Anil, over to you, and how the process looks like in the United States with the Department of Homeland Security.

For sure, thank you, Daniel. I think I'm just going to have, while I'm doing the introductions, I'm going to have our companies come up on stage as well. So if you could, I would appreciate that. Thank you. For those of you who may have listened to my presentation the first day, you know that within our context, within the Silicon Valley Innovation Program, we actually believe in finding global talent and technologies in order to solve the problem. And I think we have more people hiding behind the stage as well. So we will, yes, please have a, gentlemen, have a seat.

So we had a solicitation a year or so ago that was focused on solving some specific problems. Just rewinding back to 2017, we started work on the decentralized identity journey to enable capabilities for cross-border trade, cross-border travel. And one of the things that we discovered as part of that journey was that our expectation that the issuer ecosystem, the wallet ecosystem, and the verifier ecosystem that would move in tandem did not prove true. They sort of moved at different paces. There were different pressures that were applied to each of them.

So one of the things that we did is sort of react to that by ensuring that there was a diversity of capabilities that we would be able to draw upon in order to solve our problems. So what you see is companies that were selected as part of a solicitation that we had last year that is seeking to address that challenge. I am not in the R&D space. I'm in the business of shaping product in order to solve a problem. And before I introduce each of these companies, let me give you a little bit of insight into what they are working on so that they don't have to start from scratch on this one.

So the parts of the U.S. government that are working with these companies are among the oldest. They are as old as America. They are customs, they are cross-border travel, they are immigration and citizenship. As I mentioned on the panel earlier, one of the things that is very, very important for us is basically ensuring that from a user journey perspective, if there is a EU member state citizen that wants to interact with the U.S. government coming across the border, you will actually interact with the U.S. Customs and Border Protection.

These are the blue uniforms officers that you will encounter in our airports, in our land border crossings, and if you're coming by sea, in our ports. You will actually be asked to provide credentials, attestations that show that you are allowed to enter into the country. If you're seeking to live and work in the U.S., you will actually have to interact with the U.S. Citizenship and Immigration Services that give you employment authorization documents, permanent residency, certificates of naturalization and citizenship, and things like that.

So they are the primary entities that are working with these companies. We also have a very strong focus on ensuring that the capabilities that we deliver are privacy respecting and provide agency and control to individuals. So our third sponsor for the project is our DHS Privacy Office as well. These companies are showing us, because three of them are from Europe and three of them are American, how to do it in a globally interoperable way.

And while building out their capabilities, they are also required to actually give back to the community by ensuring that there is a set of open source SDKs and building blocks that deal with cryptography, that deal with metadata management, that deal with secure storage that actually hopefully will be usable for the broader community as well. So on that note, let me introduce each of these companies. I'm not going in the order that they're seated because I think I'm hoping that I have a better order than that. I'm going to pick on Wayne first. So Wayne Chang is the CEO of Spruce ID.

Spruce is a company that we selected because they have a very interesting modular architecture for their solutions. They are currently the underlying wallet for our California DMV app. We have a great partnership with that particular organization. And the thing that Wayne and the team will be doing is ensuring that they enhance their support for our core standards and specifications that we outlined in how we are implementing our technologies.

The ability to use W3C verifiable credentials, decentralized identifiers, and ideally multiple protocols in order to move those things from point A to point B. Wayne and team will be working on that and also obviously providing the open source components that are necessary to enable that as well. His counterpart from Europe here, and I like symmetry, so forgive me if I do this, right? So is Andreas from Switzerland. They obviously also have an incredibly modular architecture as well.

They're also basically focusing on ensuring that the components that they're bringing to the table, the protocols they support are flexible, plug and play, so that it can serve a broad ecosystem as well. They have different focuses and different areas. I sort of see them as one going one way, the other one going the other way, but they will meet and they will interoperate as well. I will say that what unites us is our love for the Rust programming language. Boom.

Yes, yes, yes. Thank you. So let me pick on these two gentlemen as well. Verification is not done just in software. It's not just a mobile app. It is not just a web verification. So even though that is not all they do, Yash, who is a CTO of Credence ID, their background is in hardware readers. They are the hardware readers that are implemented at our checkpoints. They are the hardware readers that are implemented at point of sales, and he has one in his hand at this point in time.

The beauty of the hardware reader infrastructure is that basically is that simply with a software update, they can basically verify additional credential types, talk with additional protocols as well. So the thing that, you know, Yash and the team will be working on, because they already support ISO 13-5, 18013-5 MDL standard for verification, they will be basically baking in into their suite of products, both the software and the hardware pieces. The ability to, you know, do verification of the W3C standards and the credentials and the protocols that are used as well.

Netis is the European counterpart to that. They are obviously, you are probably familiar with Alan. Many of you from his work at EPSI, as well as he is obviously the CTO of Netis from Slovenia. One of the things that we like about Netis' proposal was all of us are in the, especially in the enterprise, we have a fleet of verifiers, right? So we don't have, we don't manage verifiers one C to Z. We don't just manage and configure what they are allowed to verify, what profiles they support, what technologies they support at one at a time, or at least we shouldn't.

So one of the things that basically Netis is bringing to the table, beyond just the verification capabilities, is also the ability to use policy as code in order to provide verification at a, you know, similar to how you would use MDM in order to manage mobile devices as well. So really glad that they are there. The last two gentlemen are interesting to us. So and in that, they are providing what we consider some interesting capabilities that in some ways could be classified as crosscutting. I'll start with Manu Fontaine, who is the CEO of Hushmesh.

Hushmesh believes that the web is something that is a dead end. And that basically there are much more usable for human approaches to how particularly keys are managed. From his perspective, and I'm sure that he will correct me as I go completely off the rails later, is that key management has been one of the hardest challenges in our identity management arena. And the fact that basically that it is being asked to be done by the human is something that is probably not a long-term path to success.

Manu and the team are using their mesh technology in order to basically make key management at scale and automate it for the use and implementation of verifiable credentials and decentralized identifiers. So looking forward to that work and what they will do. Boris from UBQ, similar sounding company, but from our Netherlands, he's bringing something that we believe is critically important. As we all know, even though nobody mentions it or nobody mentions it directly, there are ecosystem realities where you do not have direct access to the secure elements and secure enclaves in mobile devices.

We consider that to be remarkably problematic. And what Boris and the team are bringing is basically secure element as a service. The ability to plug into your wallet, to your issuance infrastructure, to your wallet, to your verifier, a remote, highly secure, highly capable, secure element that actually gives control and agency and a lot of power and security to the individual as well. So we are very happy with the types of technologies that you are all bringing to the table.

And one of the reasons I think that we, by the way, it was not deliberate that three of them happened to be European and three of them happened to be American. They were the best of the crop that applied in this incredibly competitive situation. That just happened to be a nice side benefit that came along for the ride. I know that was a long introduction here, but I hope that was useful. And I'm really glad that Torsten and Christina and others basically have, I believe the translation sparks, is it not?

Yes, they are doing the work that they're doing as well. And I think there is obviously a global appetite in order to ensure that these things actually work at scale, not just in the EU, not just in the US, not just in other jurisdictions, but across the world, because we all need to live and travel broadly. So I look forward to how we can make that happen. And I wanted to use this as an opportunity. I think we have a little bit of time in order to give each of you maybe a couple of sentences and what you see as critically important problem that you are working on.

And I want to be very respectful of the time. So just what your insight here is. Okay.

Hello, everyone. So we decided to focus on the hardest problem in the ecosystem and basically what was the main motivation to introduce wallets and verify credentials is the fact that either verification is hard, impossible, or simply not done because it's too costly. So we decided to focus on that and here standards play an important role and they can both make solution extremely cheap or extremely expensive if there are disagreements between different standardization bodies.

So we accepted this challenge and our goal is basically to streamline the verification process and also map out the rules and policies to the extent that each verifier or relying part is really comfortable with the decision that application and software makes because at the end, this would be, they carry all the liability. So it's a multidimensional problem and we're happy to tackle it.

Hi, everybody. My name is Yash. I'm from California, United States.

For me, for our organization, as we have deployed the current large network of digital ID acceptance in the US, the one thing that we learned, the biggest takeaway was the real judge, the real true metric for all our successes, doesn't matter which continent you are in or what part of the technology you're working on is user adoption. It's the one true metric that unites us all and makes all this effort worth it or not.

So the part that we want to play in that is to give users multiple choices and multiple occasions to use their digital ID because if that app goes on the second page of their phone, it's as good as dead, right? So to give everyday users multiple opportunities to use their digital ID is the problem we're trying to solve. And by creating a global or ubiquitous network of digital ID acceptance, hardware, software, in-person, online, W3C protocols, ISO protocols, get rid of the plastic, right? So I think that's our main focus. Thank you. My name is Wayne Chang, founder and CEO of Spruce ID.

Our mission is to let users control their data across the web. Instead of people signing into a platform, the platform should sign into your data vault. We want to make user agents cool.

Again, they used to mean something else than a string in the HTTP request that got sent along with your browser. It was going to be a digital agent that would be able to defend you and help you navigate through cyberspace, right? So I think that was original intent from a lot of the early documents. I think it's needed ever more now, right? So we really focus on creating end-to-end user experiences that relate to trusted digital interactions and that's really what matters. People don't try to, you know, download a wallet so that they can manage their credentials.

Maybe some of the people in this room, including myself, would like to do that, but I think most people want to get something done, right? So really focusing on delivering outcomes for people, whether it's 30 minutes they save because something's not paper or plastic anymore or they're trying to just be able to do something and not have to drive a few hours to do it, right? These are really the points of utility and use cases that we want to focus on and we want to drive with the use cases and value and do so in a way that is private, secure, and sustainable for customers, right?

So that's ultimately the goal. So leading with the use cases and not the technology.

Hi, Andreas from Prociviso-G, co-CEO. Thank you, Anil, for this advertisement. I think you should apply for sales with us. So if your DHS career is not going well, come to us.

Yeah, besides we have this interoperable technology, we applied with a global use case. So our scenario is a citizen from Switzerland in the future traveling to the US with an EID from Switzerland, applying for work permission, a green card, gets the green card issued from the US in a different standard, both in one wallet. She can apply for work or she gets controlled from the customer's border control and she can show her Swiss EID with the green card as an example and gets verified. And that is a really nice global use case where you connect different countries and different protocols.

And for us, this project is really great because we can adopt our solution even better to the requirements from DHS. Thank you. I always need to compliment Anil also because he explains what we do very well. So I'm going to talk about something else. I really like what Martin said a couple of minutes ago about provenance. It's not about how you get the data, but where the data is actually coming from. That means that in order to do that, you need strong digital identities and then we get into the philosophical discussion how to create that.

What we as UBQ do is enable the data provenance with the agencies of the users on creating their own data so that it's verifiable downstream. And we think that it's critical for a scalable ecosystem, for scalable wallets. And what that will actually enable is we can turn the whole game around. At the end of the day, you have a verifier that needs a set of attributes or data to do their business and have value. On the other hand, we have a user with a real strong identity. If you match these together, you can actually automate that process. I have my strong identity.

I can go around, pick it up everywhere, and then supply it to the verifier with my consent because I gave it to them. And that means that we're going to change things, we're going to make things dynamically. But critical is that I, as a user, have my digital identity with provenance from the government which I can show digitally and then get going. Thank you very much. Yes. Hi. My name is Manny Fontaine. I'm the founder and CEO of HashMash, a Virginia, Washington, D.C. area-based cybersecurity public benefit startup.

And like Anil was saying, we figured out the blueprints to automate decentralized cryptography, pairwise decentralized cryptography at scale. So it's not just for people. It's for any type of entity because underneath every wallet, there's a keychain. And so if you can automate the management of keys, then you can have global assurance of the integrity and quality of the keys and you can start doing all kinds of magic things.

And so to clarify the statement about the web is a dead end, what we mean by that is that just the concept of verifiable credentials is an admission that the web is itself not verifiable. And so what we figured out, to be able to do decentralized key management at scale, we need to have a verifiable infrastructure, which is exactly what we're building. We're calling it the mesh. It's a global infrastructure that's verifiable from the silicon up. Quick show of hands, how many of you are familiar with confidential computing as a technology?

Okay, so it's a decent number. So we basically leverage confidential computing to verify the chips, verify the software, verify the cryptography, and then be able to create an information space that is 100% globally verified.

Thank you, everyone. If your use cases as an organization, whether you're public sector or private sector, touch on cross-border trade, cross-border travel, cross-border application for immigration and status with the United States, please come and talk to us. We are very much interested in ensuring that the capabilities that you need are enabled through the technologies that these companies are bringing to the table.

For us, this is an unclassified project. We work out in the open, so you should feel free to ping any of these companies and you should expect to get an answer that we are able to talk to you about what we are doing and using open standards. So by all means, thank you very much for the opportunity, and please, if you get a chance, please actually talk to the people who are actually doing the work here, right? So thank you all very much.