Skip to main content

Data Source

Description: The role responsible for collecting, storing, and controlling personal data which persons, operators, and data using services may wish to access and use. Reference: Understanding MyData Operator

Data Using Service

Description: The role responsible for processing personal data from one or more data sources to deliver a service. Reference: Understanding MyData Operator

Decentralized Identifier (DID)

Description: A Decentralized Identifier (DID) is a type of identifier that is globally unique, resolvable with high availability, and cryptographically verifiable. DIDs are typically associated with cryptographic material, such as public keys and service endpoints, for establishing secure communication channels. Reference: DID Primer

Electronic Attestation of Attributes

Description: 'electronic attestation of attributes' means an attestation in electronic form that allows the authentication of attributes. Reference: eIDAS 2 Definitions

Elliptic-curve Diffie–Hellman

Description: Elliptic-curve Diffie–Hellman (ECDH) is a key agreement protocol that allows two parties, each having an elliptic-curve public-private key pair, to establish a shared secret over an insecure channel. This shared secret may be directly used as a key, or to derive another key. Reference: RFC6090

European Digital Identity Wallet

Description: 'European Digital Identity Wallet' means an electronic identification, which allows the user to securely store, manage and validate identity data and electronic attestations of attributes, to provide them to relying parties and to other users of European Digital Identity Wallets, and to sign by means of qualified electronic signatures or to seal by means of qualified electronic seals. Reference: eIDAS 2 Definitions

European Digital Identity Wallet Architecture and Reference Framework

Description: A toolbox including a technical Architecture and Reference Framework (ARF), a set of common standards and technical specifications, and a set of common guidelines and best practices. Reference: ARF 1.3.0

German eID system

Description: Architecture for the German electronic Identity Card and electronic Resident Permit is specified in the BSI Technical Guideline TR-03127. Reference: BSI TR-03127


Description: The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). Reference: GDPR as in EU Regulations


Description: A natural, living human being. Reference: Understanding MyData Operator

JSON Web Token

Description: JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted. Reference: RFC7519

Hardware Security Module

Description: A HSM is a device for providing cryptographic functionalities whereas the life cycle of cryptographic keys and the performance of cryptographic functions is managed within a highly protected hardware environment.

Identity Owner

Description: The entity, such as a natural person, a legal person, or a device, which is subject of verifiable credentials from credential issuers and being in control of the reception, storage, and sharing of such credentials with relying parties. Reference: ARF 1.2.0

Level of Assurance

Description: Degree of confidence in the claimed identity of a person – how certain a service provider can be that it is you, the one using your eID to authenticate to the service, not someone else pretending to be you. In other words, it refers to the difficulty of using someone else’s eID to access an online service. Reference: eIDAS Levels of Assurance

Message Authentication Code

Description: The result of a HMAC performance Reference: RFC8446

OpenID for Verifiable Credential Issuance

Description: OAuth protected API for the issuance of Verifiable Credentials. Reference:

OpenID for Verifiable Presentations

Description: A mechanism on top of OAuth 2.0 [RFC6749] that enables presentation of Verifiable Credentials as Verifiable Presentations. Reference:

Organisation Wallet

Description: An Organisation Wallet is a digital tool for businesses to securely manage (issue, store, and verify) verifiable credentials. It ensures compliance with standards like OpenID4VC (eIDAS 2.0), Aries Inteorop Profile using AnonCreds, JWT, SD-JWT credential formats etc, providing interoperability and robust security. The wallet automates credential management processes, enhancing efficiency and ensuring regulatory compliance with data protection laws like GDPR, eiDAS2.0 etc. Organisation Wallets can issue PID, LPID, (Q)EAAs etc depending on the organisation. Reference:

Person Identification Data

Description: 'person identification data' means a set of data, issued in accordance with Union or national law, enabling the identity of a natural or legal person, or of a natural person representing a natural or legal person, to be established. Reference: eIDAS 2 Article 3 (45)

Person Identification Data Provider

Description: A Member State or other legal entity providing Person Identification Data to Users. Reference: ARF 1.2.0

Proof of Possession

Description: Evidence provided by the Wallet regarding the possession of the respective key material. Reference: eIDAS 2 Article 3 (45)

Qualified Electronic Attestation of Attributes

Description: 'qualified electronic attestation of attributes' means an electronic attestation of attributes, which is issued by a qualified trust service provider and meets the requirements laid down in Annex V. Reference: eIDAS 2 Article 3 (45)

Qualified Electronic Signature

Description: 'qualified electronic signature' means an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures. Reference: eIDAS 2

Qualified Trust Service Provider

Description: A Trust Service Provider who provides one or more Qualified Trust Services and is granted the qualified status by the supervisory body. Reference: ARF 1.3.0

Relying Party

Description: 'relying party' means a natural or legal person that relies upon an electronic identification, European Digital Identity Wallets or other electronic identification means, or a trust service. Reference: eIDAS 2 Article 3 (6)

Selective Disclosure for JWT

Description: A composite structure, consisting of an Issuer-signed JWT (JWS, RFC7515), Disclosures and optionally a Key Binding JWT that supports selective disclosure. Reference: IETF Draft for Selective Disclosure JWT

SD-JWT-based Verifiable Credentials

Description: Verifiable Credentials with JSON payloads with and without selective disclosure based on the SD-JWT format. Reference: IETF Draft for Selective Disclosure JWT

Self-Sovereign Identity (SSI)

Description: A model for managing digital identities where individual identity holders can fully create and control their verifiable credentials without being forced to request permission from an intermediary or centralized authority and give control over how their personal data is shared and used. Reference: W3C DID Core

Trusted List

Description: Repository of information about authoritative entities in a particular legal or contractual context which provides information about their current and historical status. Reference: ARF 1.3.0

TSP (Trust Service Provider)

Description: A natural or a legal person who provides one or more Trust Services, either as a qualified or as a non-qualified Trust Service Provider. Reference: ARF 1.3.0

User (Holder)

Description: A natural or legal person using a EUDI Wallet. Also referred to as Holder. Reference: ARF 1.3.0

Verifiable Credential

Description: A credential created by an Issuer in a way that the integrity and authenticity of the credential can be cryptographically verified. Reference: OpenID4VCI

WSCD (Wallet Secure Cryptographic Device)

Description: Hardware-backed secure environment for creating, storing, and/or managing cryptographic keys and data. Examples include Secure Elements (SE), Trusted Execution Environments (TEEs), and (remote or local) Hardware Security Modules (HSM). Reference: ARF 1.3.0

Secure Element

Description: Secure Elements are physical components in electronic devices that securely store and protect sensitive data and applications and may provide certain secure cryptographic operations. Reference: Secure Elements for mobile platforms