# 4. Governance and Business Value of the Wallet ## 4**.1 New Capabilities** Implementing the wallet as an EUDIW component gives government a concrete, citizen‑facing asset. With one application, a person can authenticate to public services, prove attributes such as age or professional status, and trigger legally valid signatures. The same application can work with services in other Member States because it follows a common profile. For public services, the wallet becomes a predictable entry point. A tax portal, a municipal service, a student enrolment system, and a cross‑border ePrescription service all see the wallet through the same protocol lens. They request credentials, receive presentations, and verify them using the same trust framework. From a policy perspective, the wallet bridges abstract rights and daily life. Data‑minimisation becomes visible through selective disclosure screens. Unobservability turns into a guarantee that the wallet provider does not learn where citizens log in. Transaction history and data‑rights tools are exposed in a way that ordinary users can grasp without reading legal text. A precise EU profile also creates procurement and delivery value. Clear conformance profiles, interface specifications, test suites, and sandbox examples allow vendors to demonstrate compliance and reduce lock-in. Profiled protocols reduce integration uncertainty because issuers, relying parties, wallet providers, and trust services know which credential formats, trust evidence, and presentation flows must be supported. International interoperability improves because the same ARF-based profile can be recognised across Member States. A well-defined trust model based on registrars, access certificates, registration certificates, and trusted-list-derived trust anchors also simplifies audit evidence, certification preparation, and supervisory review. ## **4.2 Governance model** GovStack Wallet BB specifications are the following: Issuer - Wallet - Holder - Verifier with the Wallet Provider behind the wallet, and a Supervisory Body sitting off to the side as the oversight channel. eIDAS and ARF define a broader governance structure for EUDIW with core actors being: 1. Users of Wallet Units 2. Wallet Providers 3. Person Identification Data (PID) Providers 4. Qualified Electronic Attestation of Attributes (QEAA) and EAA Providers 5. PuB‑EAA Providers 6. Relying Parties – services that consume PID/attestations and rely on them to identify or authorise the user (banks, portals, merchants, etc.). Mapping Wallet BB actors to EUDIW core actors the following would emerge: * User of Wallet Unit / Holder * Wallet Provider / Wallet Provider * PID/QEAA/EAA/PuB‑EAA Providers / various Issuers * Relying Party / Verifier ## **4.2.1 EUDIW actors that are missing or only implicit in GovStack** GovStack Wallet BB has only a generic Issuer and the concept of an Electronic Attribute Attestation (EAA), but no separate provider roles. Hence what is missing as distinct actors: * PID Provider – “high LoA identity” issuer * QEAA Provider – qualified attribute attestations (QTSP) * PuB‑EAA Provider – public‑sector attestations from authentic sources * EAA Provider – non‑qualified attribute attestations * Authentic Source – the actual authoritative registry behind many attributes GovStack Wallet BB mentions Supervisory body, yet does not define responsibilities at large. EUDIW adds: * Conformity Assessment Body (CAB) – evaluates wallet solutions and trust services against the technical/legal profile. * National Accreditation Body (NAB) – accredits CABs. * Supervisory Body – continuous supervision of providers and enforcement. In addition, trust layer in GovStack Wallet BB is assumed, hence trust actors are not defined. EUDIW adds several concrete actors: * Trusted List Provider (TLP) * Access Certificate Authority (Access CA) * Registrar * Provider of Registration Certificates GovStack Wallet BB requires secure storage and “trusted hardware / TEE” generically, but doesn’t define the providers around it. EUDIW infrastructure specifies: * Remote qualified e‑signature creation service (QTSP operated). * Device Manufacturers & related subsystems providers * Attestation Scheme Provider ## **4.3 Financial Considerations** The wallet is not a product that can charge citizens a fee. eIDAS 2.0 requires issuance and basic use, including authentication and non‑professional QES initiation, to be free for natural persons. That rule eliminates certain revenue models and pushes the wallet into the category of public infrastructure. Budgeting for the wallet therefore belongs in multi‑year digital‑government programmes rather than in small, project‑level initiatives. Costs include development or adaptation of the app, backend services for trust and status, WSCD integration work, certification, app‑store distribution, citizen support, and continuous security updates. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://specs.govstack.global/impl-eidas-wallet/4.-governance-and-business-value-of-the-wallet.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.