[{"data":1,"prerenderedAt":812},["ShallowReactive",2],{"eidas2/financial-services":3},{"id":4,"title":5,"author":6,"body":7,"description":797,"extension":798,"meta":799,"navigation":800,"path":801,"publishedAt":802,"seo":803,"stem":804,"tags":805,"updatedAt":802,"__hash__":811},"eidas2Articles/eidas2/financial-services.md","eIDAS 2 for Financial Services: What Banks Need to Know","Tamino Baumann",{"type":8,"value":9,"toc":760},"minimark",[10,33,36,41,44,72,75,142,145,147,151,154,210,215,223,227,239,243,250,252,256,259,345,347,351,366,370,373,377,389,392,396,409,412,416,419,480,483,487,490,505,508,512,519,521,525,528,531,534,537,539,543,552,572,575,577,581,584,599,603,610,613,615,619,622,646,649,653,666,690,703,705,709,713,716,720,723,727,730,734,737,741,744,748,751,755,758],[11,12,13,18,19,23,24,28,29,32],"p",{},[14,15,17],"a",{"href":16},"/eidas2","eIDAS 2"," (Regulation (EU) 2024/1183) requires banks, fintechs, and payment institutions to accept the ",[14,20,22],{"href":21},"/eidas2/eudi-wallet","EU Digital Identity Wallet (EUDI Wallet)"," for customer authentication by the end of 2027. For financial services this goes further than a new login method: the European Commission has published a dedicated specification — ",[25,26,27],"strong",{},"TS12",", released in December 2025 — that defines how the wallet performs ",[25,30,31],{},"Strong Customer Authentication (SCA)"," under PSD2, and the EU's new anti-money laundering rules recognise wallet-based identification for customer due diligence. This guide covers the deadlines, the three roles financial institutions play, how wallet-based SCA works, reusable KYC, qualified e-signatures for contracts, and how to build a compliant solution.",[34,35],"hr",{},[37,38,40],"h2",{"id":39},"what-eidas-2-changes-for-financial-services","What eIDAS 2 changes for financial services",[11,42,43],{},"eIDAS 2 entered into force on 20 May 2024 and obliges every EU Member State to provide at least one certified EUDI Wallet to citizens and residents by the end of 2026. For financial institutions, four changes matter most:",[45,46,47,54,60,66],"ol",{},[48,49,50,53],"li",{},[25,51,52],{},"Mandatory wallet acceptance."," The regulation explicitly names banking and financial services among the sectors that must accept the EUDI Wallet for strong user authentication — for sign-in, step-up authentication, and onboarding — by the end of 2027.",[48,55,56,59],{},[25,57,58],{},"Wallet-based SCA under PSD2."," A dedicated specification (TS12) defines how the EUDI Wallet handles Strong Customer Authentication for payments, logins, account access, and direct debit mandates — so the wallet can stand in for a bank's own authenticator app.",[48,61,62,65],{},[25,63,64],{},"Reusable KYC."," The core identity credential, also known as PID, in every certified EUDI wallet is verified at the EU's strictest assurance level, and the new Anti-Money Laundering Regulation recognises it for verifying customer identity. Identity verification that today costs a document check and a video call becomes a single PID credential presentation.",[48,67,68,71],{},[25,69,70],{},"A new issuance channel."," Banks can issue their own credentials — SCA attestations, account ownership confirmations, KYC attestations — directly into customer wallets, turning verified customer data into a reusable asset.",[11,73,74],{},"The compliance timeline is compact:",[76,77,78,94],"table",{},[79,80,81],"thead",{},[82,83,84,88,91],"tr",{},[85,86,87],"th",{},"Date",[85,89,90],{},"Milestone",[85,92,93],{},"Relevance for financial institutions",[95,96,97,109,120,131],"tbody",{},[82,98,99,103,106],{},[100,101,102],"td",{},"20 May 2024",[100,104,105],{},"Regulation (EU) 2024/1183 enters into force",[100,107,108],{},"Legal framework established",[82,110,111,114,117],{},[100,112,113],{},"5 December 2025",[100,115,116],{},"TS12 v1.0 published",[100,118,119],{},"The rules for wallet-based SCA under PSD2 are final",[82,121,122,125,128],{},[100,123,124],{},"End of 2026",[100,126,127],{},"Member States must provide certified wallets",[100,129,130],{},"Customers begin holding wallets",[82,132,133,136,139],{},[100,134,135],{},"End of 2027",[100,137,138],{},"Acceptance deadline for banks",[100,140,141],{},"Banks and financial institutions must accept the EUDI Wallet for strong user authentication",[11,143,144],{},"Micro and small enterprises (fewer than 50 employees and at most €10 million in annual turnover) are exempt from the acceptance obligation.",[34,146],{},[37,148,150],{"id":149},"the-three-roles-banks-play-under-eidas-2","The three roles banks play under eIDAS 2",[11,152,153],{},"Every digital identity ecosystem has three actors — and a typical bank will end up playing at least two of them.",[76,155,156,169],{},[79,157,158],{},[82,159,160,163,166],{},[85,161,162],{},"Role",[85,164,165],{},"What it means for a bank",[85,167,168],{},"Obligation",[95,170,171,184,197],{},[82,172,173,178,181],{},[100,174,175],{},[25,176,177],{},"Verifier (relying party)",[100,179,180],{},"Accept wallet credentials for sign-in, step-up authentication, onboarding, and SCA",[100,182,183],{},"Mandatory, unless exempt as a micro or small enterprise",[82,185,186,191,194],{},[100,187,188],{},[25,189,190],{},"Issuer",[100,192,193],{},"Issue SCA attestations, account confirmations, or KYC attestations into customer wallets",[100,195,196],{},"Required in practice for wallet-based SCA; strategic otherwise",[82,198,199,204,207],{},[100,200,201],{},[25,202,203],{},"Wallet provider",[100,205,206],{},"Offer a certified wallet, or embed wallet capabilities into an existing banking app",[100,208,209],{},"Optional",[211,212,214],"h3",{"id":213},"verifier-the-mandatory-role","Verifier: the mandatory role",[11,216,217,218,222],{},"As a ",[14,219,221],{"href":220},"/eidas2/verifier","verifier",", a bank requests and checks credentials (e.g. PID, SCA) from customer EUDI wallets. This requires the bank to register as a relying party with a national registrar, declaring which customer data it will request, and implementing the technical solution that requests and validates that every credential received from EUDI wallets is genuine, still valid, and actually belongs to the person presenting it. This is the role the end-of-2027 deadline attaches to.",[211,224,226],{"id":225},"issuer-required-for-sca-strategic-beyond-it","Issuer: required for SCA, strategic beyond it",[11,228,229,230,234,235,238],{},"As an ",[14,231,233],{"href":232},"/eidas2/issuer","issuer",", a bank places credentials into customer EUDI wallets. The role is often framed as optional, but for Strong Customer Authentication it is not: wallet-based SCA only works if the customer's bank has first issued an ",[25,236,237],{},"SCA attestation"," into the wallet. Beyond SCA, banks can issue credentials such as account ownership or KYC confirmations that customers could reuse with other services.",[211,240,242],{"id":241},"wallet-provider-the-optional-role","Wallet provider: the optional role",[11,244,217,245,249],{},[14,246,248],{"href":247},"/eidas2/wallet-provider","wallet provider",", a bank offers the wallet itself. The certified path means meeting the EU's highest security requirements and passing a formal certification audit. Banks that pursue it keep the entire authentication experience — including SCA — inside their own app, which is where many customers already manage their finances daily.",[34,251],{},[37,253,255],{"id":254},"core-eidas-2-banking-use-cases-at-a-glance","Core eIDAS 2 Banking use cases at a glance",[11,257,258],{},"The table below summarises the core banking use cases under eIDAS 2; the sections that follow cover them in detail.",[76,260,261,277],{},[79,262,263],{},[82,264,265,268,271,274],{},[85,266,267],{},"Use case",[85,269,270],{},"What the EUDI Wallet enables",[85,272,273],{},"Bank's role",[85,275,276],{},"Driver",[95,278,279,296,313,329],{},[82,280,281,287,290,293],{},[100,282,283],{},[14,284,286],{"href":285},"#strong-customer-authentication-with-the-eudi-wallet","Strong Customer Authentication",[100,288,289],{},"Enables payment approval, login, account access, and direct debit mandates under PSD2 (TS12) via the EUDI Wallet",[100,291,292],{},"Issuer + Verifier",[100,294,295],{},"Mandatory where SCA applies",[82,297,298,304,307,310],{},[100,299,300],{},[14,301,303],{"href":302},"#reusable-kyc-and-customer-onboarding","Reusable KYC & onboarding",[100,305,306],{},"A single PID presentation replaces document capture, liveness, and video identification",[100,308,309],{},"Verifier",[100,311,312],{},"High value; available as wallets roll out",[82,314,315,321,324,326],{},[100,316,317],{},[14,318,320],{"href":319},"#issuing-credentials-the-bank-as-a-trusted-data-source","Credential issuance",[100,322,323],{},"Issue SCA, account-ownership, and KYC attestations into customer wallets as reusable assets",[100,325,190],{},[100,327,328],{},"Required for SCA; strategic beyond it",[82,330,331,337,340,342],{},[100,332,333],{},[14,334,336],{"href":335},"#qualified-e-signatures-for-contracts","Qualified e-signatures",[100,338,339],{},"Customers sign loan, mortgage, and account contracts from the wallet with handwritten-equivalent legal effect",[100,341,309],{},[100,343,344],{},"Optional; high value",[34,346],{},[37,348,350],{"id":349},"strong-customer-authentication-with-the-eudi-wallet","Strong Customer Authentication with the EUDI Wallet",[11,352,353,354,358,359,365],{},"SCA has been mandatory for electronic payments since PSD2 took effect: customers must approve payments and account access with two independent authentication factors. What is new is the ",[355,356,357],"em",{},"how",". In December 2025 the European Commission published ",[14,360,364],{"href":361,"rel":362},"https://github.com/eu-digital-identity-wallet/eudi-doc-standards-and-technical-specifications/blob/main/docs/technical-specifications/ts12-electronic-payments-SCA-implementation-with-wallet.md",[363],"nofollow","Technical Specification 12 (TS12)",", the official specification for performing SCA with the EUDI Wallet. It is binding for wallet providers — and it is the leading guideline banks should plan against. In addition to the specification, there will be dedicated playbooks published that further specify the SCA usage patterns and standards.",[211,367,369],{"id":368},"how-the-wallet-meets-the-psd2-requirements","How the wallet meets the PSD2 requirements",[11,371,372],{},"PSD2 Article 97 requires SCA whenever a customer initiates an electronic payment, accesses a payment account online, or does anything else that carries a fraud risk. SCA means combining at least two of three factor types: something the customer knows (a PIN or passphrase), something they have (a device holding cryptographic keys in certified secure hardware), and something they are (biometrics such as fingerprint or face). The EUDI Wallet covers all three, and every approval records which two factors were used — giving payment service providers the audit trail required.",[211,374,376],{"id":375},"the-sca-attestation-a-credential-from-the-bank","The SCA attestation: a credential from the bank",[11,378,379,380,382,383,388],{},"Wallet-based SCA starts with the bank, not the wallet. Before a customer can approve anything, their bank issues an ",[25,381,237],{}," into the wallet — a credential proving that this wallet belongs to this customer and, where relevant, to a specific account or card. A bank can issue one per customer, per account (carrying the IBAN), or per card (carrying the card scheme and digits). TS12 specifies the ",[14,384,387],{"href":385,"rel":386},"https://docs.walt.id/concepts/digital-credentials/sd-jwt-vc",[363],"SD-JWT VC"," credential format for these attestations.",[11,390,391],{},"Two properties matter for fraud and risk teams. The attestation is bound to the wallet's secure hardware, so it cannot be copied to another device. And its validity is tied to the wallet itself — if the wallet is revoked, the bank's attestations in it automatically become invalid. Banks can additionally restrict which parties are allowed to request the attestation at all.",[211,393,395],{"id":394},"dynamic-linking-what-the-customer-sees-is-what-gets-approved","Dynamic linking: what the customer sees is what gets approved",[11,397,398,399,402,403,408],{},"For remote payments, PSD2 requires ",[25,400,401],{},"dynamic linking",": the customer must see the amount and the payee, and the approval must be tied to exactly those details. TS12 builds this into the protocol. The approval request — sent to the wallet over ",[14,404,407],{"href":405,"rel":406},"https://docs.walt.id/concepts/data-exchange-protocols/openid4vp",[363],"OID4VP",", the standard presentation protocol — carries the real transaction details: amount, currency, and who is being paid. The wallet displays them prominently on the confirmation screen, the customer approves with two factors, and the wallet returns a response that is cryptographically tied to the exact details shown, along with a fresh one-time code that serves as the authentication code PSD2 requires.",[11,410,411],{},"If anything changes after approval — the amount, the payee — the approval no longer matches and the authentication fails. Dynamic linking is enforced by the protocol.",[211,413,415],{"id":414},"four-situations-one-consistent-experience","Four situations, one consistent experience",[11,417,418],{},"TS12 defines four standardised transaction types, covering the situations in which PSD2 requires SCA. Each has fixed display rules, so every wallet presents them to customers consistently:",[76,420,421,434],{},[79,422,423],{},[82,424,425,428,431],{},[85,426,427],{},"Transaction type",[85,429,430],{},"Used for",[85,432,433],{},"What the customer sees",[95,435,436,447,458,469],{},[82,437,438,441,444],{},[100,439,440],{},"Payment confirmation",[100,442,443],{},"Approving credit transfers and card payments",[100,445,446],{},"Payee, amount, currency, execution date, any recurrence terms",[82,448,449,452,455],{},[100,450,451],{},"Login and risk-based authentication",[100,453,454],{},"Online banking sign-in and high-risk actions",[100,456,457],{},"The service and the action being approved",[82,459,460,463,466],{},[100,461,462],{},"Account information access",[100,464,465],{},"Granting access to account data, including to open banking providers",[100,467,468],{},"A description of the access and who is requesting it",[82,470,471,474,477],{},[100,472,473],{},"E-mandate",[100,475,476],{},"Setting up direct debits and recurring payments",[100,478,479],{},"Mandate reference, creditor, validity period, purpose",[11,481,482],{},"The wallet also keeps a log of every SCA approval — successful or failed — giving customers an auditable history and banks a consistent evidence trail.",[211,484,486],{"id":485},"two-ways-customers-will-use-it","Two ways customers will use it",[11,488,489],{},"TS12 distinguishes two setups, based on who asks for the authentication:",[491,492,493,499],"ul",{},[48,494,495,498],{},[25,496,497],{},"In the bank's own channels."," The bank requests the SCA attestation back from the wallet.",[48,500,501,504],{},[25,502,503],{},"Through third parties."," A merchant or payee collects payment consent directly (comparable to today's commercial pay wallets), or an open banking provider embeds the authentication in its own flow, in line with PSD2's existing provisions.",[11,506,507],{},"TS12 lets banks issue separate attestation types for the two scenarios, so stricter rules can be applied to attestations exposed to third parties. Sector rulebooks, developed by the financial industry on top of TS12, will refine the details further.",[211,509,511],{"id":510},"what-this-means-for-an-sca-roadmap","What this means for an SCA roadmap",[11,513,514,515,518],{},"The practical consequence: to offer wallet-based SCA, a bank acts as issuer ",[355,516,517],{},"and"," verifier at the same time — issuing SCA attestations into wallets, requesting approvals with transaction details, validating the responses, and revoking attestations when needed.",[34,520],{},[37,522,524],{"id":523},"reusable-kyc-and-customer-onboarding","Reusable KYC and customer onboarding",[11,526,527],{},"Customer onboarding is where eIDAS 2 delivers the most immediate measurable value. Today's remote onboarding chains together document capture, liveness detection, video identification, and manual review. With the EUDI Wallet, the same result is a single credential presentation: the customer shares their government-issued identity credential (PID) — verified at the EU's strictest assurance level — and the bank validates it cryptographically in seconds.",[11,529,530],{},"The regulatory groundwork is in place. The new Anti-Money Laundering Regulation (Regulation (EU) 2024/1624) recognises eIDAS-based digital identification as a valid way to verify customer identity.",[11,532,533],{},"Selective disclosure strengthens the compliance position further: the wallet lets customers share only the data a process actually requires — date of birth without the full address, for instance — which aligns directly with GDPR data minimisation.",[11,535,536],{},"What the wallet does not replace is the bank's wider due diligence: sanctions and PEP screening, risk assessment, and ongoing monitoring remain the institution's responsibility.",[34,538],{},[37,540,542],{"id":541},"issuing-credentials-the-bank-as-a-trusted-data-source","Issuing credentials: the bank as a trusted data source",[11,544,545,546,551],{},"Banks hold some of the most rigorously verified personal and financial data in the economy — and under eIDAS 2 that data becomes issuable. Using ",[14,547,550],{"href":548,"rel":549},"https://docs.walt.id/concepts/data-exchange-protocols/openid4vci",[363],"OID4VCI",", the standard issuance protocol, a bank can deliver credentials into customer EUDI wallets:",[491,553,554,560,566],{},[48,555,556,559],{},[25,557,558],{},"SCA attestations"," — the prerequisite for wallet-based authentication, covered above.",[48,561,562,565],{},[25,563,564],{},"Account attestations"," — proof of account ownership that customers present to employers, landlords, or other payment services.",[48,567,568,571],{},[25,569,570],{},"KYC attestations"," — confirmation that due diligence has been completed, reusable across the bank's own group entities or, subject to the applicable rulebook, with partners.",[11,573,574],{},"Most bank-issued credentials fall into the standard attestation category that any registered business in the eIDAS 2 framework can issue. Where a credential needs the same legal standing as a paper original, banks can work with a Qualified Trust Service Provider to issue it as a qualified attestation. Either way, issuers register in the trust ecosystem, issue in the mandated formats, and operate a revocation mechanism so credentials can be invalidated when circumstances change.",[34,576],{},[37,578,580],{"id":579},"qualified-e-signatures-for-contracts","Qualified e-signatures for contracts",[11,582,583],{},"Banking runs on signed agreements — loan and mortgage contracts, account-opening documents, payment mandates, securities paperwork. Today these are often signed in a branch, by post, or through a separate e-signature provider. eIDAS 2 collapses that into the wallet.",[11,585,586,587,590,591,594,595,598],{},"Every certified EUDI Wallet must let its holder create a ",[25,588,589],{},"Qualified Electronic Signature (QES)"," — the only form of electronic signature that carries the ",[25,592,593],{},"same legal effect as a handwritten signature"," across all EU member states. For natural persons signing for non-professional purposes, the regulation requires this to be available ",[25,596,597],{},"free of charge",", so a retail customer signing a mortgage incurs no separate signing fee.",[211,600,602],{"id":601},"how-wallet-based-signing-works-for-a-bank","How wallet-based signing works for a bank",[11,604,605,606,609],{},"The signature is produced by a Qualified Signature Creation Device (QSCD) that the wallet integrates, using a qualified certificate from a Qualified Trust Service Provider (QTSP). Crucially, ",[25,607,608],{},"the bank does not need to become a trust service provider to use this."," As the relying party, the bank presents the document to be signed; the wallet creates the QES; the bank receives a signed document — in one of the required formats (e.g. PAdES) — whose qualified signature it can validate cryptographically against the QTSP's certificate.",[11,611,612],{},"Because the signer's identity is already proven at Level of Assurance High by the PID in the wallet, there is no separate identity check for each signing event required.",[34,614],{},[37,616,618],{"id":617},"build-vs-buy-how-to-build-a-compliant-solution","Build vs buy: how to build a compliant solution",[11,620,621],{},"Whether acting as verifier, issuer, or both, a bank faces the same decision as every other organisation in the ecosystem: how much of the solution to build, and how much to buy. The customer-facing applications — onboarding flows, the banking app, the approval screens — are where a bank differentiates and will always be built in-house or with existing partners. The identity layer underneath — credential formats, exchange protocols, trust checks, key management, revocation — is standardised by definition and changes every time the EU specifications evolve. For that layer, there are three possible implementation paths:",[491,623,624,634,640],{},[48,625,626,629,630,633],{},[25,627,628],{},"Build apps, buy infrastructure"," ",[355,631,632],{},"(recommended)"," — build only the customer-facing applications and use a proven, standards-compliant provider for the identity layer. Fastest time to market, lowest regulatory and technical risk.",[48,635,636,639],{},[25,637,638],{},"Build apps, own infrastructure"," — use open-source identity infrastructure to retain full control of the stack, while still avoiding implementing the credential formats, protocols, and trust validation from scratch.",[48,641,642,645],{},[25,643,644],{},"Build everything in-house"," — implement and maintain the full stack internally, and keep it current as the specifications evolve. Viable only for institutions with a dedicated identity engineering team.",[11,647,648],{},"Most organisations choose one of the first two paths. The deadlines are fixed, engineers with deep experience in these protocols are scarce and the underlying specifications are still moving.",[211,650,652],{"id":651},"the-waltid-solution","The walt.id solution",[11,654,655,656,660,661,665],{},"walt.id covers both of the first two paths. The ",[14,657,659],{"href":658},"/community-stack","walt.id Community Stack"," provides open-source issuer, verifier, and wallet infrastructure for institutions that want to own their stack; the ",[14,662,664],{"href":663},"/eidas2#infrastructure","walt.id Enterprise Stack"," is the managed offering on top of it — built on open-source technology used by more than 42,000 developers, governments, and businesses. For financial services specifically:",[491,667,668,673,684],{},[48,669,670,672],{},[25,671,309],{}," — accept the EUDI Wallet for onboarding, login, and SCA, with trust, revocation, and wallet-authenticity checks handled automatically. Transaction details for SCA — amount, currency, payee — are verified as specified in TS12, and results can be passed to existing AML, fraud, or risk systems during verification.",[48,674,675,677,678,683],{},[25,676,190],{}," — issue SCA attestations, account confirmations, and KYC attestations in all mandated formats (SD-JWT VC, ",[14,679,682],{"href":680,"rel":681},"https://docs.walt.id/community-stack/concepts/digital-credentials/mdoc-mdl-iso",[363],"ISO/IEC 18013-5",", W3C VC), with credential data validated against the official schemas and revocation built into the issuance workflow.",[48,685,686,689],{},[25,687,688],{},"Wallet"," — launch a wallet app or embed compliant wallet capabilities into an existing banking app, with flexible key management from on-device to HSM-backed, plus everything needed for the certified wallet-provider path.",[11,691,692,693,697,698,702],{},"A role-by-role compliance breakdown is available in the ",[14,694,696],{"href":695},"/white-paper/eidas2-implementers-guide","eIDAS 2 Implementers Guide"," or ",[14,699,701],{"href":700},"/contact","reach out to our team"," to learn more.",[34,704],{},[37,706,708],{"id":707},"frequently-asked-questions","Frequently asked questions",[211,710,712],{"id":711},"what-does-eidas-2-mean-for-banks","What does eIDAS 2 mean for banks?",[11,714,715],{},"eIDAS 2 (Regulation (EU) 2024/1183) requires banks and other financial institutions that use strong user authentication to accept the EUDI Wallet for customer authentication by the end of 2027. It also enables wallet-based Strong Customer Authentication (SCA) under PSD2, identity verification at Level of Assurance High for onboarding and KYC, and gives banks the option to issue their own credentials — such as account or SCA attestations — into customer wallets.",[211,717,719],{"id":718},"when-do-banks-have-to-accept-the-eudi-wallet","When do banks have to accept the EUDI Wallet?",[11,721,722],{},"By the end of 2027. eIDAS 2 (Regulation (EU) 2024/1183) requires banking and financial services to accept the EUDI Wallet. Micro and small enterprises are exempt. Member States must provide wallets to citizens by the end of 2026.",[211,724,726],{"id":725},"can-the-eudi-wallet-be-used-for-strong-customer-authentication-under-psd2","Can the EUDI Wallet be used for Strong Customer Authentication under PSD2?",[11,728,729],{},"Yes. Technical Specification 12 (TS12), published by the European Commission in December 2025, defines how EUDI Wallets implement SCA under PSD2 Article 97. The wallet covers all three authentication factor categories — knowledge, possession, and inherence — and satisfies dynamic linking by displaying the amount and payee to the payer and cryptographically binding the authentication code to those transaction details.",[211,731,733],{"id":732},"what-is-an-sca-attestation","What is an SCA attestation?",[11,735,736],{},"An SCA attestation is a credential a payment service provider issues into a customer's EUDI Wallet that proves the wallet is associated with a specific payer and, where applicable, a specific account or card. It is cryptographically bound to the wallet's secure hardware, so it cannot be copied to another device, and the customer presents it whenever they approve a login, payment, account access, or direct debit mandate.",[211,738,740],{"id":739},"does-the-eudi-wallet-replace-kyc-checks-for-banks","Does the EUDI Wallet replace KYC checks for banks?",[11,742,743],{},"It replaces the document-collection and verification steps for identity data, not the bank's wider due-diligence obligations. The PID in a certified wallet is verified at Level of Assurance High, and the EU Anti-Money Laundering Regulation (EU) 2024/1624 recognises the EUDI Wallet for verifying customer identity. Screening, risk assessment, and ongoing monitoring remain the bank's responsibility.",[211,745,747],{"id":746},"do-banks-have-to-build-their-own-eudi-wallet","Do banks have to build their own EUDI Wallet?",[11,749,750],{},"No. The verifier requirement — accepting wallets for authentication by the end of 2027 — applies regardless of whether a bank offers a wallet. Becoming a certified wallet provider is optional and requires certification at Level of Assurance High, Wallet Unit Attestation management, and a conformity assessment. Some banks will pursue it to keep the authentication experience inside their own app.",[211,752,754],{"id":753},"can-customers-sign-bank-contracts-with-the-eudi-wallet","Can customers sign bank contracts with the EUDI Wallet?",[11,756,757],{},"Yes. Every certified EUDI Wallet enables its holder to create a Qualified Electronic Signature (QES), which has the same legal effect as a handwritten signature across the EU. Banks can have customers sign loan agreements, mortgage contracts, and account-opening documents directly from the wallet and receive a signed document they can validate. Because the signer's identity is already verified at Level of Assurance High, no separate identity check is needed per signature, and for natural persons signing for non-professional purposes the signature is free of charge.",[34,759],{},{"title":761,"searchDepth":762,"depth":762,"links":763},"",2,[764,765,771,772,780,781,782,785,788],{"id":39,"depth":762,"text":40},{"id":149,"depth":762,"text":150,"children":766},[767,769,770],{"id":213,"depth":768,"text":214},3,{"id":225,"depth":768,"text":226},{"id":241,"depth":768,"text":242},{"id":254,"depth":762,"text":255},{"id":349,"depth":762,"text":350,"children":773},[774,775,776,777,778,779],{"id":368,"depth":768,"text":369},{"id":375,"depth":768,"text":376},{"id":394,"depth":768,"text":395},{"id":414,"depth":768,"text":415},{"id":485,"depth":768,"text":486},{"id":510,"depth":768,"text":511},{"id":523,"depth":762,"text":524},{"id":541,"depth":762,"text":542},{"id":579,"depth":762,"text":580,"children":783},[784],{"id":601,"depth":768,"text":602},{"id":617,"depth":762,"text":618,"children":786},[787],{"id":651,"depth":768,"text":652},{"id":707,"depth":762,"text":708,"children":789},[790,791,792,793,794,795,796],{"id":711,"depth":768,"text":712},{"id":718,"depth":768,"text":719},{"id":725,"depth":768,"text":726},{"id":732,"depth":768,"text":733},{"id":739,"depth":768,"text":740},{"id":746,"depth":768,"text":747},{"id":753,"depth":768,"text":754},"eIDAS 2 banking compliance guide: mandatory EUDI Wallet acceptance by 2027, wallet-based SCA under PSD2 (TS12), reusable KYC, and how banks can build a compliant solution","md",{},true,"/eidas2/financial-services","2026-06-10",{"title":5,"description":797},"eidas2/financial-services",[806,807,808,809,810],"eidas2 banking","eidas2 financial services","reusable kyc","eudi wallet sca","psd2 eidas2","OhsD_J0au8s-14GudcLR401bNv7ZgmoMJu2aWX2f6Ik",1781592068169]