German EUDI Wallet Implementation Will Require Apple or Google Account to Function
The EU's Digital Identity Initiative Depends on US Tech Giants
Germany's implementation of the EU Digital Identity Wallet (EUDI) will require users to have an Apple or Google account to function, according to official architecture documentation. The revelation has sparked concern about vendor lock-in in a system designed to give citizens digital sovereignty.
The Architecture
The German EUDI Wallet requires a Hardware Keystore (HKS) — the secure element in mobile devices — to protect cryptographic keys. This means:
- Apple devices — Use the Secure Enclave, accessible only through Apple's ecosystem
- Android devices — Use Google Play Services' hardware-backed keystore
The Lock-in Problem
For the wallet to meet 'high assurance level' security requirements, the device's hardware security must be certified. Currently, only Apple and Google devices meet these standards. This creates a dependency chain:
EU digital identity → German implementation → Apple/Google hardware keystore → Apple/Google account
Privacy Concerns
The architecture documentation reveals that security depends on the 'absence of exploitable vulnerabilities in the mobile device operating system.' This means:
- A bug in iOS or Android could compromise the entire identity system
- Users must trust Apple and Google to maintain device security
- No alternative for users who want to avoid US tech platforms
The Broader Context
The EUDI Wallet is a flagship EU digital sovereignty initiative, intended to give every EU citizen a secure digital identity. The irony of depending on US companies for its operation has not been lost on critics.
What Critics Say
- Digital rights advocates argue the EU should support open hardware security standards
- Security researchers note that platform dependency creates single points of failure
- Privacy advocates worry about data flowing through US company infrastructure