December 2025 answered the fundamental question the digital identity ecosystem has faced since eIDAS 2.0 passed: can wallets from different Member States actually work together across borders? The EUDI Wallets Launchpad in Brussels brought together wallet implementers, relying parties, and technology providers for hands-on conformance testing. Credentials validated successfully across Member State boundaries. Technical sessions addressed real-world challenges, including selective disclosure variations, format transitions between ISO 18013-5 and W3C standards, and error handling when implementations deviate from specifications.
Beyond the testing milestone, regulatory frameworks matured across all three jurisdictions we cover. The EU published four additional implementing regulations establishing standards for qualified trust services, creating new categories including qualified electronic archiving and ledgers. Ireland announced both a 2,000-person pilot for digital wallet age verification and plans to use its 2026 EU Council presidency to push for EU-wide mandatory ID verification for social media accounts, while facing legal challenges to its MyGovID foundation. The UK transitioned its Digital Identity Trust Framework to statutory footing with 48 certified providers.
For enterprises, the Brussels Launchpad provides critical validation: the technology works, but complexity remains. Organisations planning verification infrastructure now have proof that cross-border interoperability is achievable, alongside practical evidence of the challenges involved. The month demonstrated that digital identity infrastructure has moved from "can this work?" to "how do we handle the edge cases in production?"
The European Commission hosted the EUDI Wallets Launchpad in Brussels from 10th to 12th December, an invitation-only event establishing the "EUDI Wallets Implementers Community" to accelerate wallet adoption across Member States.
The event brought together wallet implementers, relying parties, and technology providers for conformance testing and peer-to-peer interoperability validation. Technical sessions covered pseudonyms, zero-knowledge proofs, and core standards implementation. Member States and Large Scale Pilots provided demonstrations.
Why this matters: This is the first large-scale conformance testing event for EUDI Wallets, moving from individual Member State development to cross-border interoperability validation. The establishment of an "Implementers Community" creates ongoing coordination mechanisms beyond one-time events. For organisations planning relying party infrastructure, this event signals which Member States are ready for testing and which are still in early development. The focus on conformance testing validates what POTENTIAL proved: interoperability is achievable but requires rigorous standards compliance.
Vidos perspective: The Vidos team attended the event and participated in conformance testing with EUDI wallet teams across multiple Member States. Our verification infrastructure successfully validated credentials from wallet implementations at different stages of ARF compliance, revealing the practical challenges relying parties will face: handling credentials with varying selective disclosure capabilities, supporting both ISO 18013-5 and W3C formats during transition periods, and managing error states when wallet implementations deviate from specifications. These real-world tests validate our architectural decision to build adaptable verification infrastructure rather than rigid implementations. We'll be publishing detailed technical findings from the conformance testing in a dedicated analysis.
The European Commission published four implementing regulations on 16th December 2025, establishing standards for qualified trust services under eIDAS 2.0:
Qualified Certificates for Website Authentication (Regulation 2025/2527) establishes reference standards for qualified certificates used in Transport Layer Security (TLS) authentication, with a compliance deadline of 6th January 2027. It mandates that web browsers recognise these qualified certificates and display identity data in a user-friendly manner.
Operational Framework for Qualified Trust Service Providers (Regulation 2025/2530) establishes operational requirements, including presumption of compliance for providers adhering to specified standards, mandatory notification of changes before implementation, and extensive risk management frameworks.
Qualified Electronic Ledgers (Regulation 2025/2531) entered into force on 6th January 2026, establishing qualified electronic ledgers designed to create tamper-proof audit trails for legal and regulatory compliance. Ledgers must ensure the origin of data records, unique sequential chronological ordering, and integrity detection for any subsequent changes.
Qualified Electronic Archiving Services (Regulation 2025/2532) introduces qualified electronic archiving as a new trust service, establishing standards for preserving the integrity and authenticity of electronic documents throughout their preservation period. Critically, providers must maintain the trustworthiness of qualified electronic signatures and seals beyond their technological validity period, ensuring the long-term legal validity of digitally signed documents.
Why this matters: These four regulations move eIDAS 2.0 from framework legislation to specific technical requirements with compliance deadlines. The establishment of qualified electronic archiving and ledgers as new trust service categories creates new market opportunities while setting standards for existing services. For enterprises, these regulations define what "qualified" means for trust services, affecting procurement decisions and compliance assessments. The 6th January 2027 deadline for website authentication certificates means organisations have 24 months to achieve compliance.
Vidos perspective: These regulations establish the trust infrastructure layer that digital credentials depend on. Qualified electronic archiving ensures credentials remain verifiable over time. Qualified ledgers provide audit trails for credential issuance and verification. These foundational services enable the long-term reliability that enterprises require for regulatory compliance and legal defensibility. Organisations building credential verification infrastructure need to ensure compatibility with these qualified trust services.
Industry assessments of Member State readiness for the December 2026 European Identity Wallet launch deadline reveal significant variation across the EU.
Countries considered very likely to meet the deadline include Austria, Italy, and Poland, with Poland building on its existing national app, mObywatel. Several Member States face substantial challenges: the Netherlands has signaled it is unlikely to meet the December 2026 deadline; Malta's product will be available but not fully functional; and Bulgaria has not yet begun work on a state-provided digital ID wallet.
Industry experts project 30-50 wallets across Europe by December 2026, though not all will be fully interoperable initially. Analysts note that while some countries will meet the requirement with a basic, compliant wallet, others may still be in extended pilot or phased rollout modes through 2027.
Why this matters: These readiness assessments provide the first complete view of which Member States will meet the December 2026 deadline and which will require extensions or phased rollouts. The projection of 30-50 wallets acknowledges that multiple wallet providers per Member State is the likely outcome, not a single national solution everywhere. For enterprises planning verification infrastructure, this means preparing for varied wallet capabilities and standards compliance levels across Member States. Early mover countries (Austria, Italy, Poland) provide testing opportunities in 2026, while lagging countries create implementation challenges for organisations needing pan-EU coverage.
Vidos perspective: The varied readiness levels create specific technical requirements for verification infrastructure. Organisations operating across Europe cannot wait for universal wallet availability. Early movers like Austria, Italy, and Poland provide testing opportunities in 2026, but verification systems must handle credential requests gracefully when users' Member States haven't deployed wallets yet. This requires fallback mechanisms, clear error messaging, and support for alternative verification methods during transition periods. Our verification infrastructure is designed for this phased rollout reality, not an idealised scenario where all 27 Member States launch simultaneously.
The Architecture Reference Framework (ARF) continues iterative development. Current status: ARF 1.6 was released in early 2025, ARF 2.0 has been available since 29th May 2025, and version 2.7 is published and in development.
Technical standards referenced: ISO/IEC 18013-5:2021, ISO/IEC TS 18013-7:2024, OpenID4VP, SD-JWT, mdoc formats, W3C Verifiable Credentials Data Model 2.0, ETSI TS 119 461 v2.1.1.
Why this matters: The ARF provides the technical blueprint ensuring wallets remain interoperable across Member States. While less visible than regulatory announcements, this ongoing refinement is foundational to the ecosystem actually working. For technical teams, tracking ARF changes is essential for avoiding integration rework as standards evolve.
Vidos perspective: We track ARF evolution closely as it directly impacts verification infrastructure architecture. The shift from version 2.0 to 2.7 within a year demonstrates standards are still stabilising, not locked. Our approach prioritises version tolerance: supporting credentials validated against ARF 2.0 while preparing for emerging requirements. The technical standards referenced (ISO/IEC 18013-5, OpenID4VP, SD-JWT, W3C VC 2.0) represent the core formats our verification infrastructure must handle. Organisations building verification systems today should architect for standards evolution, not assume current specifications are final.
The European Data Protection Supervisor published TechDispatch #3/2025 on 15th December: "Digital Identity Wallets: The path towards a data protection by design and by default approach."
The publication provides an in depth analysis of privacy risks, including integrity and confidentiality concerns, over-disclosure, and transaction linkability. It assesses the EUDI Wallet under the eIDAS 2.0 framework and analyses anonymous credentials and zero-knowledge proof technologies, while identifying critical limitations of the ISO/IEC 18013-5 standard for unlinkability.
EDPS stated: "The EUDIW project will play an important role in people's future digital interactions and personal lives. A comprehensive and coherent 'data protection by design and by default' approach, from the conception to the rollout, is therefore essential."
Why this matters: This is the official privacy guidance for EUDI Wallet implementations, not academic commentary. The EDPS identification of ISO/IEC 18013-5 limitations for unlinkability affects mobile driving licence implementations across Member States. The emphasis on data protection by design means privacy considerations must be architectural decisions, not compliance add-ons. For organisations building verification infrastructure, this guidance defines privacy expectations that relying parties must support.
Vidos perspective: The EDPS analysis directly impacts how we architect verification requests and handle credential responses. The identification of ISO/IEC 18013-5 unlinkability limitations means relying parties cannot assume mobile driving licence credentials provide transaction unlinkability by default. Our verification infrastructure implements selective disclosure at the request level: organisations specify minimum required attributes rather than requesting full credentials. The EDPS emphasis on over-disclosure risk validates our approach of validating only attributes needed for specific decisions. When verification infrastructure requests more data than necessary, it creates privacy risks and compliance exposure. Organisations should audit their verification requests now to ensure they align with data minimisation principles before EDPS guidance becomes enforcement criteria.
The European Commission ran a public consultation from 2nd to 30th December on a draft implementing act based on Article 5a(24) of the European Digital Identity Regulation. The consultation addressed reference standards for remote identity proofing during wallet user onboarding.
Ronny Khan, senior advisor at the Norwegian Digitalisation Agency stated: "This is technology-neutral and does not exclude, but rather includes, fully automated methods. For now, this is about upgrading the existing eIDAS user base to the wallet, but may form the basis for starting from zero at a later stage."
Why this matters: This consultation determines how citizens will be onboarded to wallets remotely, affecting the user experience and security of the initial identity proofing process. The technology-neutral approach allows for automated methods, reducing friction for users and costs for providers. The statement about "upgrading the existing eIDAS user base" suggests citizens with existing eID credentials can transition to wallets with reduced friction compared to new users starting from zero.
Vidos perspective: The distinction between upgrading existing eID users and onboarding from zero creates two verification pathways with different assurance requirements. When users transition from existing eID credentials, relying parties need verification infrastructure that can validate the proofing credential itself: confirming the eID meets ETSI TS 119 461 standards and the identity proofing was performed by a qualified provider. This differs from verifying credentials issued by the wallet post-onboarding. Organisations planning verification infrastructure should prepare for heterogeneous wallet populations: some users onboarded through qualified remote proofing, others through in-person processes, and others through existing eID credential upgrades. Each pathway produces different attestations about identity assurance levels. Verification systems must handle these variations and apply appropriate trust policies based on the onboarding method.
Tánaiste Simon Harris announced on 29th-30th December that Ireland's EU Council presidency in 2026 will push for EU-wide ID-verified social media accounts to limit anonymous abuse, bot activity, and coordinated disinformation campaigns.
Harris backed an Australian-style age verification regime to prevent children from accessing social media. Media Minister Patrick O'Donovan is expected to bring forward detailed proposals during the presidency, likely involving rewriting parts of the EU's Digital Services Act.
Harris stated: "We have a digital age of consent in Ireland, which is 16, but it's simply not being enforced."
Why this matters: This is the first announcement of specific policy priorities for Ireland's 2026 EU Council presidency, giving Ireland agenda-setting power for the first half of 2026. The proposal to rewrite parts of the Digital Services Act means potential EU-wide regulatory changes, not just Irish national policy. For social media platforms and digital services operating in the EU, this signals potential mandatory ID verification requirements at the EU level, not just the Member State level.
Minister for Media Patrick O'Donovan announced on 6th December that Ireland's digital wallet is "very close" to launch, with a pilot scheme planned for Q1 2026. The wallet is linked to the existing MyGovID system and is being designed with OGCIO (Office of the Government Chief Information Officer) and the Department of Social Protection.
On 10th December, the government announced pilot programme details: approximately 2,000 people, both over 18 and under 18, to prove age verification when navigating onto different platforms. The wallet will be available as an app and allow the government to send alerts, information, and public notices.
A senior government source compared the age verification plan to the smoking ban in terms of public health significance for protecting children online.
A senior government source noted the urgency of establishing age verification mechanisms for online platforms. Legislation described as "complicated" will follow the pilot, to be developed with the Departments of Social Protection, Education, and Children.
Why this matters: Ireland is the first EU Member State to announce a specific pilot for age verification using government digital wallets, moving beyond theoretical frameworks to actual implementation with defined participant numbers and timelines. The Q1 2026 timeline means results will be available before the December 2026 EU deadline, potentially influencing other Member States' approaches. The inclusion of both over-18 and under-18 participants tests the full age verification use case. The wallet's capability to send government alerts creates a communications channel beyond identity verification, suggesting broader digital government integration.
Vidos perspective: Age verification presents specific technical requirements distinct from identity verification. Successful implementations require selective disclosure capabilities where users prove they meet age thresholds without revealing exact birthdates or full identity details. The MyGovID wallet's alignment with EUDI Wallet standards positions it to support privacy-preserving age verification protocols. For verification infrastructure, this means supporting range proofs and zero-knowledge credentials alongside traditional attribute verification. The pilot will reveal whether privacy-preserving approaches can meet both regulatory requirements and user acceptance thresholds at scale.
Civil liberties organisations raised concerns about MyGovID's legal basis in December. The Data Protection Commissioner ruled in June 2025 that the 'SAFE2' mechanism was illegal, giving the government until March 2026 to establish legal footing. MyGovID continues operating as a pilot project while under DPC investigation since July 2021.
Why this matters: The March 2026 deadline for establishing legal footing coincides with the wallet pilot timeline. For enterprises, this creates uncertainty about the long-term reliability of MyGovID as identity infrastructure. Organisations planning Irish identity verification integrations should monitor legal framework developments and maintain fallback verification methods during the transition period.
On 9th December, the government updated official information on Gov.ie: "The Government Digital Wallet app will be a place to securely keep digital versions of important documents on a mobile phone or digital device."
The Government Digital Wallet app will be able to store a range of government-issued documents, including a user’s: driving licence, birth certificate, death certificate, and European Health Insurance card. When shared with a relying party, authenticity is verified. This framework will create a foundation for future EU-wide interoperability.
Why this matters: This official description confirms Ireland's wallet will store government-issued documents with cryptographic verification, not just display static images. The emphasis on EU-wide interoperability signals alignment with EUDI Wallet requirements. The inclusion of birth and death certificates alongside driving licences shows Ireland is targeting life events use cases from the Digital Public Services Plan 2030.
Vidos perspective: The document types listed (driving licence, birth certificate, death certificate, EHIC) represent different verification use cases with distinct requirements. Driving licences follow ISO/IEC 18013-5 with established verification protocols. Vital records certificates (birth, death) lack standardised digital credential formats, requiring Ireland to define schemas that balance interoperability with local legal requirements. EHIC cards have existing cross-border acceptance frameworks but limited digital credential precedents. For verification infrastructure, this heterogeneity means supporting multiple credential formats and validation rules within a single wallet implementation. Organisations building relying party systems for Irish credentials should prepare for document-type-specific verification logic rather than assuming uniform credential structures. The life events use cases compound complexity: a single transaction may require verifying multiple credential types simultaneously.
On 16th December, Ireland's Joint Committee on Artificial Intelligence published its First Interim Report containing 85 recommendations, including the establishment of a National AI Office by August 2026, mandatory algorithmic impact assessments, and the recommendation that algorithms be completely banned for children. The committee is chaired by Deputy Malcolm Byrne (Fianna Fáil).
Why this matters: The recommendation to ban algorithmic recommendations for children connects directly to the age verification wallet programme. If platforms cannot show algorithmically recommended content to children, they need reliable age verification to determine user age. This creates a regulatory push for wallet adoption beyond the wallet team's direct efforts.
On 1st December, the majority of measures in Part 2 of the Data (Use and Access) Act 2025 came into force, placing the UK Digital Identity and Attributes Trust Framework on statutory footing. The framework is now officially referred to as the "DVS Trust Framework" in government communications.
At launch, 48 DVS providers with 57 certified services had gained certification and applied to join the statutory register. Three statutory Supplementary Codes came into force: Right to Work (0.4), Right to Rent (0.4), and DBS (Disclosure and Barring Service) (0.4). The current Trust Framework version is Gamma (0.4), with version 1.0 planned for 2026.
John Peart, CEO of OfDIA, stated: "This regime of standards, governance, and oversight helps to ensure the public can trust digital verification services offered under it in the UK."
Why this matters: This is the UK's first statutory digital identity framework, moving from voluntary industry standards to legal requirements. The 48 certified providers represent supply-side readiness, but the transition to statutory status creates regulatory certainty for enterprises considering adoption. Three supplementary codes now have legal backing, making digital verification an accepted method for right to work, right to rent, and DBS checks. For organisations, this means digital verification moves from experimental to legally recognised.
Vidos perspective: The transition to statutory footing marks a significant milestone for UK digital identity infrastructure, but the real work begins now. As we outlined in our recent strategic submission to OfDIA, certification frameworks alone do not drive adoption. Relying parties face challenges around acceptance ambiguity and cross-border complexity as primary barriers to deploying production deployments.
With EU eIDAS 2.0 requiring Member States to issue digital identity wallets by the end of 2026, the next 18 months represent a decisive window. UK organisations will increasingly need to verify credentials from 27 EU Member States alongside domestic ones. The framework's value strengthens significantly when organisations can serve both UK and international markets through a single verification infrastructure investment.
The presence of certified providers represent supply-side readiness. In our view, demand-side adoption, measured by relying parties replacing legacy document-based processes with DVS-certified services, remains the key metric for ecosystem success.
On 2nd December, representatives from ADVP, TechUK, AVPA, and DVS provider executives met with Darren Jones, Chief Secretary to the Prime Minister, at the Cabinet Office. The key message is that no final decisions were made on the government digital ID scheme, and consultation is expected in early 2026.
David Crack, ADVP Chair, stated: "We have been banging on the door, now we have been let in."
Why this matters: The reopening of dialogue suggests the government recognises the need for private-sector input as the statutory framework goes live. This meeting followed months of industry uncertainty about the government's plans for a national digital ID scheme. The commitment to consultation before final decisions provides an opportunity for certified providers to influence implementation approaches. For enterprises, this signals that the market structure is still taking shape and multiple service models may emerge.
Vidos perspective: Through our TechUK membership and direct engagement with OfDIA, we're tracking how consultation outcomes will affect verification infrastructure requirements. The market structure decisions made in early 2026 will determine whether organisations need to integrate with a single government service or multiple certified providers. Our verification infrastructure is designed to support both models, allowing organisations to adapt as policy crystallises without re-architecting their systems.
The GOV.UK One Login app received updates on 12th December, with maintenance planned for January 2026. As of October 2025, over 11 million people have proven their identity through GOV.UK One Login, with more than 80 government services onboarded. The target for full adoption by all central government services remains the end of 2027.
Why this matters: The 11 million user milestone demonstrates that UK citizens are adopting digital identity when provided with clear value propositions through government services. This user base provides a foundation for broader digital credential adoption. The 2027 target for full central government adoption means a substantial portion of government-citizen interactions will require or support digital identity verification within two years.
Vidos perspective: The January maintenance window suggests infrastructure preparation for expanded credential types or verification protocols. As GOV.UK One Login moves toward supporting verifiable credentials alongside its current authentication model, a verification infrastructure that handles multiple credential formats becomes essential. Organisations should prepare for a hybrid environment where users present both GOV.UK credentials and other DIATF-certified digital IDs, depending on the service context.
Mandatory identity verification for company directors continued its phased rollout, with PSCs (Persons with Significant Control) with December birth months required to verify identity by 14th December 2025.
The mandatory verification requirement began on 18th November 2025. Over 1 million individuals verified their identity during the voluntary period from April to November 2025.
Why this matters: The monthly birth-based rollout prevents system overload while maintaining compliance pressure. The 1 million voluntary verifications during the pre-mandatory period demonstrate that clear regulatory requirements drive adoption. This phased approach provides a model for how other sectors could implement mandatory digital identity verification without overwhelming infrastructure.
Vidos perspective: The transition has been planned well but still introduces confusion for users, including interacting with multiple system and services, sending out notifications containing two-week periods when people need to register, up to a year in advance. The true measure of whether this phased approach works will be at the end of November 2026, when the results are visible.
The UK's DVS Framework achieved statutory status on 1st December. The EU’s four additional published implementing regulations on 16th December establishing qualified trust service standards with specific compliance deadlines. Ireland announced pilot programmes with defined participant numbers and timelines.
Why this matters: All three jurisdictions moved from voluntary frameworks to legal requirements during December. This fundamentally changes the adoption dynamic from "should we implement digital identity?" to "how do we achieve compliance by deadline?" For enterprises, this removes market uncertainty about whether digital credentials will achieve adoption. Regulatory requirements create predictable markets where verification infrastructure becomes essential, not optional.
The EDPS published a thorough privacy analysis of EUDI Wallets. Irish civil liberties groups challenged the legal basis of MyGovID. The DPC ruling on SAFE2 illegality creates a March 2026 deadline for establishing legal footing.
Why this matters: Privacy frameworks and legal foundations are receiving scrutiny proportional to implementation progress. As digital identity moves from pilot to production, privacy advocates and regulators are engaging with actual implementations, not theoretical frameworks. For enterprises, this means privacy impact assessments and legal basis documentation are not optional compliance exercises but essential prerequisites. Implementations built on uncertain legal foundations face regulatory obstacles.
The Brussels Launchpad focused on wallet conformance testing and peer-to-peer interoperability. Member State readiness assessments project 30-50 wallets with varied capabilities.
Why this matters: Conformance testing is revealing the gap between standards documentation and interoperable implementations. The projection of the existence of numerous wallets with varied capabilities means relying party infrastructure must handle multiple wallet types with different conformance levels. For organisations building verification infrastructure, this means testing against multiple wallet implementations, not just conforming to standards documentation. The ongoing ARF evolution means standards are still stabilising, requiring adaptable architecture rather than rigid implementations.
The December 2026 deadline for EU Member State wallet issuance is 12 months away. The March 2026 deadline for Ireland to establish legal footing for MyGovID is 3 months away. The January 2027 deadline for website authentication certificate compliance is 24 months away.
Why this matters: These are legal deadlines with regulatory consequences rather than aspirational targets. The 12-month window to December 2026 means Member States are now in final implementation phases. For public sector and enterprises, this creates urgency around verification infrastructure deployment. Organisations waiting for standards to stabilise or implementations to mature risk being on the critical path for regulatory compliance.
The UK achieved a statutory framework with 48 certified private-sector providers. The EU hosts conformance testing for Member State wallet implementations. Ireland announced a government wallet pilot while addressing legal framework requirements for MyGovID.
Why this matters: The approach each jurisdiction takes to public-private balance determines market structure and opportunities. The UK's statutory framework for private providers creates a competitive market with the government setting standards but not providing services. The EU's Member State wallet approach creates government-operated identity infrastructure in each country. Ireland's government wallet with private-sector engagement represents a hybrid model. For vendors, this means different go-to-market strategies across jurisdictions.
Regulatory frameworks are now statutory. The UK's DVS Framework transition to statutory status and the EU's publication of four more implementing regulations with compliance deadlines move digital identity from industry standards to legal requirements. Organisations can now build business cases on regulatory certainty rather than market predictions.
Cross-border verification requires conformance testing, not just standards compliance. The Brussels Launchpad focus on conformance testing and the projection of a multitude of wallets with varied capabilities means standards documentation alone is insufficient. Organisations must budget for testing against multiple wallet implementations and maintaining compatibility as standards evolve.
Timeline pressures create 12-month implementation windows. With the December 2026 EUDI wallet deployment deadline 12 months away and the November 2027 regulated sector acceptance deadline 23 months away, organisations need verification infrastructure operational in 2026 to meet 2027 compliance requirements. Waiting any longer for complete standards stability or universal wallet availability creates timeline risk.
Qualified trust services create new infrastructure requirements. The latest four EU implementing regulations establishing qualified electronic archiving, qualified electronic ledgers, and qualified website authentication certificates create new trust service categories. Organisations need to understand which trust services their use cases require and plan procurement accordingly.
Implementation support reduces complexity. Vidos has been running training workshops on eIDAS 2.0, EUDI Wallet implementation, and digital credential verification for compliance teams, technology architects, and business leaders. These sessions cover regulatory frameworks, technical architecture, and practical integration patterns.
Verification infrastructure as a distinct architectural layer. Organisations face a build-versus-integrate decision for credential verification capabilities. Building in-house requires maintaining compatibility with evolving standards across multiple jurisdictions. Integrating with wallet-provider verification services creates vendor lock-in risks. Standards-based verification infrastructure that supports W3C Verifiable Credentials, ISO/IEC 18013-5 for mobile driving licences, and OpenID protocols across UK DIATF, EU eIDAS 2.0, and Irish wallet implementations allows organisations to verify credentials from any compliant issuer through a single integration. This architectural approach decouples verification logic from both issuer-specific and wallet-specific implementations.
December 2025 marked digital identity's transition from policy frameworks to statutory requirements. The UK achieved statutory status for its DVS Framework with certified providers. The EU published four implementing regulations establishing qualified trust service standards and hosted conformance testing, revealing interoperability challenges. Ireland launched age verification pilots while facing legal challenges to its identity infrastructure foundation.
The common pattern across jurisdictions is clear: regulatory frameworks are maturing, compliance deadlines are approaching, and implementations are revealing the complexity beneath policy aspirations. The remaining questions are about privacy frameworks, legal foundations, and interoperability details, not whether digital credentials will be deployed.
For organisations, this creates both clarity and urgency. Digital identity verification infrastructure will be required for regulated sectors by November 2027. The opportunity lies in deploying verification infrastructure in 2026 that handles multiple wallet types and standards versions. The risk lies in waiting for complete standards stability that may not arrive before regulatory deadlines create compliance pressure.
Interested in our training workshops on digital identity implementation?
Want to discuss digital credential verification infrastructure, eIDAS 2.0 compliance, or UK DIATF integration?
Contact us to arrange a conversation.
For organisations that missed the Brussels Launchpad in December, Vidos can share insights from conformance testing with Member State wallet teams and discuss verification infrastructure requirements for cross-border interoperability.
This monthly update distils regulatory developments, conformance testing outcomes, and implementation milestones affecting digital identity across the UK, EU, and Ireland. For organisations navigating compliance requirements or exploring digital credential adoption, Vidos provides verification infrastructure that supports any credential format through standards-based APIs.
