ISO 18013-7 Annex C device request over the DC API - securely define and share credentials on the same device or across devices, with signed and unsigned requests supported in iOS and Android browsers
Passwordless login extension with optional callback URI - tenants running an Identity Provider such as Keycloak can map an EUDI Wallet presentation to an existing user account using native identity matching, without a bespoke resolution endpoint
Claim validation at issuance - credential claims are validated against the credential definition when an offer is created, with a small set of standard claims such as jti permitted as issuer overrides
Age Verification extension - a template covering the claims and structure set out in the Blueprint, so relying parties can issue and verify age-verification credentials
Inspect SD-JWT, JWT, and CBOR in the dashboard - click any record to decode the raw token or mdoc bytes in place, with header, payload, and disclosures laid out side by side with the wire form
Developer API keys - organisation administrators can generate an API key and distribute it via email to multiple developers in the same workflow
ISO 18013-7 Annex C device request over the DC API - the wallet can be selected directly from the browser's wallet picker on iOS or Android to present mobile documents (mdoc), covering same-device and cross-device verification flows
Legacy Hyperledger Indy database removed - a leaner app on iOS and Android with faster load times across common flows, and credentials encrypted at rest under a single, well-maintained storage layer
Per-credential key binding for OpenID4VCI compliance - the wallet can independently prove possession of each credential
Demonstrating Proof of Possession (DPoP) for token and credential requests - when the issuer's metadata advertises DPoP, the wallet binds both the access token and the credential request to its private key, protecting against token replay by another party
Multi-credential and credential-set verification over the DC API - more reliable cross-device verification against verifiers that exercise the full breadth of the W3C Digital Credentials API specification
Issuer JWKS with multiple signing keys - issuers that rotate signing keys or run more than one active key are now handled end-to-end
Backup reliability on Android - backups to Google Drive and DataPod are confirmed only after the file has uploaded successfully
Stability and polish - small visual consistency improvements on the home, connection, and credential card screens, with issuer-supplied background_image artwork honoured in connection metadata on both platforms