In the digital era, the security and privacy of personal and sensitive information has become a critical concern. Digital identity wallets have been introduced as a result of the new European regulation known as eIDAS 2.0. The digital identity wallet offers a practical and secure method for individuals to manage their personal data across various online platforms through a decentralized digital identity management model, without the reliance on centralized identity providers. However, since the model is relatively new, the security and privacy threats are still not fully known; this makes it difficult to prevent data breaches, unauthorized access, and violations of user privacy.
This session will delve into the emerging threats by providing a high-level overview of potential threats applicable to the digital identity wallet, derived from academic literature, technical specifications, and relevant regulations (including eIDAS 2.0). Furthermore, it will include an analysis of existing digital identity wallet solutions, and an assessment of adopted security measures against identified threats. This analysis aims to provide an overview of available and effective mitigation strategies against a set of identified threats.