Citizens can use EUDI Wallet credentials across multiple devices with secure cloud backup and synchronization.
EUDI Wallets support multi-device synchronization enabling users to access credentials on smartphone, tablet, and smartwatch. End-to-end encryption protects credentials during cloud backup and device synchronization. Users set up new devices by transferring credentials from existing device or restoring from encrypted backup. The system prevents vendor lock-in with interoperable backup formats. Multi-device support critical for device replacement, upgrades, and everyday convenience.
Why Multi-Device Support Is Essential for EUDI Wallet Adoption
The average European citizen uses 2.8 connected devices, including smartphones, tablets, laptops, and increasingly, smartwatches. Locking digital identity credentials to a single device would create an artificial constraint that does not reflect how people actually interact with technology. A citizen might use their smartphone for everyday credential presentations, their tablet for signing documents at home, and their smartwatch for quick age verification at a store. Multi-device synchronization makes the EUDI Wallet fit naturally into existing technology habits rather than forcing users to change their behavior.
Device loss and replacement are also critical concerns. Smartphones are lost, stolen, or broken with regularity. If a citizen's identity credentials exist only on a single device with no backup or transfer capability, device loss becomes an identity crisis. The citizen cannot access government services, verify their identity for financial transactions, or present credentials to employers or service providers until a new device is provisioned and all credentials are re-issued from scratch. This process could take weeks, during which the citizen effectively loses their digital identity.
The multi-device architecture ensures continuity. When a device is lost or damaged, the citizen immediately accesses their credentials on any other linked device. If all devices are lost simultaneously, the encrypted cloud backup enables full wallet restoration on a new device within minutes. This resilience is not merely a convenience feature but a fundamental requirement for a system that citizens will depend on for critical identity functions.
End-to-End Encryption: The Security Foundation
The security architecture for multi-device synchronization is built on end-to-end encryption that ensures no intermediary, including cloud storage providers, wallet software vendors, and government agencies, can access credential data during transfer or storage. When credentials are synchronized between devices, they are encrypted on the sending device using keys derived from the user's personal authentication factors and decrypted only on the receiving device after the user authenticates locally. The data traverses networks and cloud infrastructure in an encrypted state that is mathematically unreadable without the user's keys.
The encryption scheme uses a combination of public-key cryptography for device-to-device communication and symmetric encryption for cloud backups. Each device generates its own key pair during wallet activation, and devices in a synchronization group share public keys through a secure pairing process. When a credential is added or updated on one device, the update is encrypted with the other devices' public keys and transmitted through the synchronization service. Only the intended recipient devices can decrypt the update using their private keys, which never leave the device's secure hardware.
Cloud backups use a different key derivation approach based on the user's recovery passphrase. This passphrase, combined with a hardware-bound key component, generates an encryption key that protects the backup data. The recovery passphrase is never transmitted to any server, stored in any cloud service, or shared with any entity. The user must remember or securely record this passphrase, as its loss makes backup recovery impossible. This design ensures that even if the cloud storage is breached, the encrypted backup data remains useless to attackers.
Device Pairing and Transfer Protocols
Adding a new device to an existing wallet synchronization group follows a secure pairing protocol. The user initiates the pairing from their primary device, which generates a temporary QR code or numeric confirmation code. The new device scans the code or the user enters the confirmation number, establishing a secure channel between the two devices. The primary device then authenticates the user through biometric verification and transfers the credential data to the new device through the encrypted channel. The entire process takes approximately 60 seconds.
For device replacement when the old device is no longer available, the user initiates a cloud backup restoration on the new device. They install the wallet application, enter their recovery passphrase, and authenticate using any available second factor such as a linked email address or phone number. The wallet downloads the encrypted backup from cloud storage, decrypts it using the recovery passphrase-derived key, and restores all credentials. The user can then remotely revoke the old device's access to prevent any potential unauthorized use.
Cross-platform transfers between iOS and Android devices use a platform-agnostic protocol that does not depend on Apple's or Google's proprietary cloud services. This is a deliberate design choice to ensure that citizens are not locked into a specific mobile platform. A citizen switching from iPhone to Android, or vice versa, can transfer their complete wallet without depending on either platform's ecosystem or losing any credential data in the transition.
Preventing Vendor Lock-In with Interoperable Formats
The EUDI Wallet ecosystem supports multiple wallet providers, with each EU member state potentially offering its own wallet implementation and additional certified providers offering alternatives. This competitive market requires interoperable credential formats and backup standards to prevent vendor lock-in. A citizen who starts with their member state's default wallet provider must be able to switch to an alternative provider without losing their credentials or going through re-issuance processes.
The Architecture Reference Framework defines standardized credential formats based on the W3C Verifiable Credentials Data Model and the ISO/IEC 18013-5 standard for mobile driving licenses. All wallet providers must support these formats for both storage and export. When a citizen transfers from one wallet provider to another, the credentials are exported in these standard formats and imported by the new provider. The cryptographic signatures on the credentials remain valid regardless of which wallet stores them, ensuring continuous verifiability.
The interoperability requirement extends to backup formats. The European Commission mandated a standardized backup format that all certified wallet providers must support for both export and import. This means a citizen who has been using a German wallet provider can move to a French wallet provider and restore their backup smoothly. The standardization also protects citizens against provider discontinuation: if a wallet provider ceases operations, citizens can migrate to any other certified provider using their standard-format backup.
Smartwatch Integration and Future Device Support
Smartwatch support represents a particularly interesting frontier for EUDI Wallet multi-device synchronization. Modern smartwatches from Apple, Samsung, and Google include NFC capabilities and secure hardware elements that can store cryptographic credentials. For quick, everyday credential presentations such as age verification at a store, tap-to-enter at a gym, or ticket verification at transit stations, the smartwatch provides the fastest possible interaction. The user simply holds their wrist near the reader, authenticates with a quick glance or wrist-raise gesture, and the credential is presented in under two seconds.
The smartwatch wallet implementation stores a subset of credentials selected by the user for quick access. Given the limited storage and interface constraints of smartwatches, not all credentials need to be synchronized to the wrist device. Users configure which credentials are available on their watch, typically choosing those used most frequently in physical settings such as transit passes, membership cards, and age attestations. More complex credential operations such as document signing, detailed credential review, and multi-attribute presentations remain on the smartphone or tablet.
Looking further ahead, the multi-device architecture is designed to accommodate future device types including augmented reality glasses, connected vehicles, and smart home systems. As the Internet of Things expands, the ability to securely present identity credentials from a wider range of devices will become increasingly important. The EUDI Wallet's device-agnostic synchronization protocol ensures that new device types can be supported as they emerge, without requiring fundamental changes to the wallet architecture or credential formats.
Tags
Stay Updated
Follow the latest EUDI Wallet developments, country launches, and industry adoption news.