SPID
nationalFull Name: Sistema Pubblico di Identità Digitale
Country: IT
Definition
SPID (Sistema Pubblico di Identità Digitale) is Italy's national public digital identity system, established by the Agenzia per l'Italia Digitale (AgID) and operational since March 2016. It provides Italian citizens, residents, and businesses with a unified digital identity that can be used to access online services from public administrations and participating private-sector organizations. SPID operates through a federated model with multiple certified Identity Providers (IdPs) including Poste Italiane, TIM ID, Infocert, Namirial, and others, offering three levels of assurance (Level 1 for username/password, Level 2 for two-factor authentication, and Level 3 for hardware-based strong authentication). With over 30 million active users and integration with more than 12,000 public administration services, SPID is one of the most widely adopted national eID systems in Europe and serves as a critical foundation for Italy's implementation of the EUDI Wallet, known as the IT-Wallet.
SPID Architecture and the Italian Digital Identity Ecosystem
SPID follows a federated identity architecture based on SAML 2.0, where multiple certified Identity Providers compete in the market to provide digital identity credentials to citizens. When a user wants to access a government service, they are redirected to their chosen SPID Identity Provider, authenticate there, and the IdP sends a SAML assertion to the service provider confirming the user's identity and requested attributes. This multi-provider model was designed to prevent a single point of failure and encourage market competition, resulting in diverse authentication options including mobile apps, SMS OTP, and hardware tokens.
Italy's digital identity ecosystem also includes the CIE (Carta d'Identità Elettronica), the national electronic identity card with an embedded NFC chip that provides Level 3 authentication. The CIE and SPID serve complementary roles: CIE provides the highest assurance level for sensitive operations (such as accessing health records or signing legal documents), while SPID provides convenient everyday authentication for most online services. Both systems feed into the IT-Wallet, which unifies these identity sources into a single, user-friendly mobile application.
The IT-Wallet, launched in pilot phases starting in 2024, uses SPID and CIE as identity proofing mechanisms during wallet activation. Citizens authenticate with their existing SPID Level 2 or higher credentials (or their CIE card via NFC) to prove their identity, after which the IT-Wallet generates device-bound cryptographic keys and requests digital credentials from authorized issuers. This uses the existing 30+ million SPID user base for rapid wallet adoption, as citizens do not need to undergo a separate identity verification process.
From SPID to the EUDI Wallet: Italy's Transition Path
Italy has been among the first EU member states to pilot the EUDI Wallet, with the IT-Wallet serving as both a national and a European digital identity solution. The Italian approach demonstrates how existing national eID infrastructure can accelerate EUDI Wallet adoption rather than being replaced by it. SPID's extensive user base, established trust relationships with citizens, and integration with thousands of services provide a foundation that would take years to build from scratch.
The transition involves several phases. In the initial phase, the IT-Wallet operates alongside SPID, with citizens able to use either system for service access. The IT-Wallet adds capabilities that SPID does not have: offline credential presentation (for physical ID checks), selective disclosure (sharing only necessary attributes), and cross-border recognition under eIDAS 2.0. In the intermediate phase, services will begin preferring or requiring IT-Wallet authentication for new use cases, particularly those involving cross-border scenarios or privacy-sensitive attributes.
In the long-term phase, the IT-Wallet may absorb many of SPID's functions, with the wallet becoming the primary digital identity tool for Italian citizens. However, the timeline for any potential SPID phase-out remains uncertain and depends on political decisions, user adoption rates, and the maturity of the EUDI Wallet ecosystem. The Italian government has emphasized that the transition will be gradual and that no citizen will be left without access to digital identity services during the migration period.
Lessons from SPID for the EU-Wide EUDI Wallet Rollout
SPID's success offers valuable lessons for the broader EUDI Wallet rollout across the EU. First, the multi-provider model demonstrated that market competition among identity providers can drive innovation and improve user experience, a principle that eIDAS 2.0 applies by allowing member states to certify multiple wallet providers. Second, SPID showed that achieving mass adoption requires mandating digital identity acceptance for key services, a lesson reflected in the eIDAS 2.0 requirement for VLOPs and public services to accept EUDI Wallets.
Third, SPID's experience highlighted the importance of user-friendly enrollment processes. The initial SPID enrollment required in-person identity verification, which limited early adoption. Later simplifications (including video identification and CIE-based remote enrollment) dramatically accelerated user growth. The EUDI Wallet enrollment process, which uses existing national eID systems like SPID, CIE, German eID, and others for remote identity proofing, reflects this lesson.
Finally, SPID demonstrated that digital identity infrastructure must be designed for evolution. The system has undergone multiple upgrades since 2016, adding professional identities, legal person identities, and enhanced authentication methods. The EUDI Wallet is designed with similar extensibility in mind, supporting a growing ecosystem of credential types, verification protocols, and use cases that can evolve as European digital governance requirements develop.