Backup and Recovery: Credential Backup and Recovery

Backup and recovery in the EUDI Wallet ecosystem encompasses the processes and technologies that enable users to preserve and restore their digital identity credentials when their device is lost, stolen, damaged, or replaced. This is a critical usability requirement: without effective backup and recovery, losing a smartphone would mean losing all digital identity credentials, requiring users to go through the full identity proofing and credential issuance process from scratch. The challenge lies in balancing convenience with security, as the anti-cloning requirements prevent simple copying of credentials between devices.

EUDI Wallet backup and recovery is more complex than typical app data backup because of the security requirements. Credentials are bound to device-specific cryptographic keys stored in the secure element, and these keys cannot be exported or copied. This means that a straightforward cloud backup of the wallet data would not allow credentials to function on a new device, since the new device has a different secure element with different keys.

The solution separates what can be backed up from what must be re-issued. Credential metadata (the list of credentials, their types, issuer information, and user preferences) can be encrypted and backed up to cloud storage. However, the credentials themselves, including their cryptographic bindings, must be freshly issued to the new device after recovery. The backup accelerates this process by providing issuers with the information needed to quickly re-issue credentials without requiring the user to start from zero.

This approach maintains the anti-cloning guarantee (credentials never exist on two devices simultaneously) while minimizing the inconvenience of device replacement. The goal is to make the recovery process take minutes rather than days, restoring the user's complete credential portfolio as quickly as possible.

The backup process begins automatically when the user activates their EUDI Wallet. The wallet creates an encrypted backup of its state, including the list of stored credentials, issuer endpoints, user display preferences, and consent history. This backup is encrypted on-device using AES-256 with a key derived from the user's authentication factors (biometric template hash combined with a device-derived secret) before being uploaded to secure cloud storage.

The backup is incrementally updated as the user receives new credentials, revokes old ones, or changes settings. Only the differences are transmitted, minimizing bandwidth usage and storage requirements. The backup provider (typically the member state's EUDI Wallet infrastructure or a qualified cloud provider) stores the encrypted data without the ability to decrypt it, as the encryption key never leaves the user's device.

Some EUDI Wallet implementations also support local backup options, such as encrypted export to a personal USB drive or secure file, providing an alternative for users who prefer not to use cloud storage. These local backups follow the same encryption standards but require the user to manually manage the backup media.

Recovery begins when the user installs the EUDI Wallet app on their new device. The first step is identity verification: the user proves their identity using their eID card (via NFC), a video identification call, or another high-assurance identity proofing method. This step ensures that only the legitimate wallet owner can initiate recovery and prevents unauthorized individuals from claiming someone else's credentials.

After identity verification, the wallet retrieves the encrypted backup from cloud storage and decrypts it using a key derived from the user's newly registered authentication factors. The wallet then contacts each credential issuer listed in the backup, presents the new device's public key, and requests re-issuance of each credential. The issuers verify the request against the old device's revoked credentials and issue fresh credentials bound to the new device.

Throughout this process, the old device's credentials are revoked in the status registries, ensuring there is no overlap period where credentials are valid on both the old and new devices. The entire recovery process is designed to be completed within a single user session, typically taking a few minutes for the standard set of credentials.