AusweisApp vs IT-Wallet: Complete Comparison

Head-to-Head Comparison

Winner by Category

Architecture and Technical Approach

Germany and Italy represent two of the EU's largest economies taking distinctly different paths to their EUDI Wallet implementations. Germany's AusweisApp is built on the Signed Credential with Cloud Support (C') model, anchoring credential security in the hardware secure element of the German eID card. Developed through collaboration between SPRIND, BSI, and Bundesdruckerei, this architecture ensures that cryptographic keys remain on the physical card and never leave the user's possession.

Italy's IT-Wallet takes a mobile-first approach, designed to work smoothly with the existing SPID and CIE (Carta d'Identità Elettronica) infrastructure managed by AgID (Agenzia per l'Italia Digitale). The IT-Wallet uses smartphone capabilities as its primary platform, with the goal of making digital identity as simple as opening an app. Italy's architecture prioritizes accessibility and mass adoption, building on the remarkable success of SPID which has onboarded 37 million users.

The fundamental difference is that Germany builds security from the hardware up, while Italy builds accessibility from the user experience down. Germany's open source commitment through OpenCoDE gives full transparency into the codebase, while Italy's development has been more centralized through AgID. Both approaches comply with the EU Architecture Reference Framework requirements.

Security Models Compared

Germany's security pedigree is among the strongest in Europe. BSI certification for AusweisApp components follows Common Criteria evaluation at high assurance levels, with the German eID card chip meeting EAL5+ requirements. The Online-Ausweis has been operating since 2010 without a major security breach, demonstrating 15 years of production resilience. Every credential operation requires the physical eID card, creating a two-factor authentication model that combines something the user has with something the user knows.

Italy's IT-Wallet security builds on the SPID framework, which uses a tiered identity assurance model (Level 1, 2, and 3). For EUDI Wallet operations requiring high assurance, IT-Wallet uses the CIE's NFC capabilities similar to Germany's approach. However, for everyday operations, SPID-based authentication through the smartphone provides a more streamlined experience. AgID has implemented additional biometric verification layers and device binding to strengthen the mobile-only authentication path.

The key distinction is that Germany requires hardware-backed authentication for all EUDI operations, while Italy offers a tiered model where simpler transactions can use software-based SPID authentication and high-assurance operations use the CIE card. This makes Italy more flexible but potentially less uniform in its security guarantees across use cases.

User Experience and Adoption

Italy's greatest advantage is its massive existing user base. With 37 million SPID users already accustomed to digital identity, the transition to IT-Wallet has a built-in audience that dwarfs most other EU implementations. Italy's mobile-first design means users can complete most operations entirely on their smartphone, without needing any physical card or additional hardware.

Germany's AusweisApp has been available since 2017, but adoption has been slower than Italy's SPID rollout. The requirement to use the physical eID card with NFC creates a usability barrier that Italy has largely avoided. However, German users who have adopted the Online-Ausweis report high satisfaction with the security assurance it provides.

Both countries are investing in pilot programs to refine user experience before full launch. Italy's active pilot phase is generating real-world feedback, while Germany's development phase benefits from lessons learned across other early-launching EU member states. The Italian approach of launching and iterating contrasts with Germany's more cautious development philosophy.

Cross-Border Interoperability

Germany and Italy are both major participants in the EU Large Scale Pilots testing cross-border credential recognition. Given the large number of Italian residents in Germany and German tourists in Italy, cross-border interoperability between these two wallets is a high-priority scenario. Under eIDAS 2.0, both wallets must accept credentials from the other, regardless of the underlying technical architecture.

The standardized credential formats ensure interoperability at the data layer, while the EU Trust Framework handles the cryptographic verification. A German citizen presenting their AusweisApp credentials at an Italian hotel check-in will go through the same standardized verification flow as an Italian citizen using IT-Wallet. The different security architectures are abstracted away at the verification protocol level.

Both countries have committed to supporting the full range of mandatory credential types specified in eIDAS 2.0, including Person Identification Data (PID), mobile driving licenses, and qualified electronic attestations. This ensures that cross-border use cases from tourism to employment to healthcare are covered by both implementations.

Which Should You Choose?

Use the wallet provided by your country of residence. German residents will use AusweisApp; Italian residents will use IT-Wallet. Both wallets will work across all EU member states, so there is no advantage to choosing one over the other for cross-border purposes.

From an evaluation standpoint, Germany excels in hardware security certification, open source transparency, and standards compliance. Italy excels in user adoption scale, mobile convenience, and iterative development speed. Together, they demonstrate that the EUDI framework is flexible enough to accommodate both security-first and adoption-first strategies.