Hi PostmarketOS community!
I’m sharing this link because I’m curious to hear if any PostmarketOS devs or users have looked into the European Digital Identity Wallet (EUDI)?
In the worst case the EUDI could be stepping stone towards a police state. Just look at the heavily critiqued Digital ID proposed in the UK. Excerpt from the EFF:
This [Digital ID] would create a rich environment for hackers or hostile agencies to obtain swathes of personal information on those based in the UK. And if previous schemes in the country are anything to go by, the government’s ability to handle giant databases is questionable.
In contrast, the EUDI looks to be designed in such a way where various attestations to prove your age or other things is meant to be presentable without being tracked by a third party, or always having to “phone home”. See: 4.2.4 Privacy by design.. Overall, this isn’t immune to scope creep towards surveillance. But it is a strong start nonetheless.
I’m bringing this up because I’m curious about building a digital wallet implementation for PostmarketOS. If the EU would support this implementation it would make it easier to be a digital citizen in the EU without being forced to have access to the Google Play Store or the iOS App Store.
Also another relevant source, there was a track about digital wallets at FOSDEM 2025. https://archive.fosdem.org/2025/schedule/track/wallets/
I would be very happy to point at my phone and say it isn’t able to run their facist app, so please don’t
Thanks for the input. Are there concrete parts of the EUDI design that’s fascistic or just the whole thing?
There’s certainly bad ways to do a digital ID like in the UK where it looks like the design “phones home”, see EFF link above. However, the EUDI relies on cryptographically signed certificates and a Certificate Authority chain of trust. Whether you’re offline/online your phone would only present cryptographically signed files for authentication. Quote: “Finally, measures are taken to prevent Users from being tracked by Relying Parties, PID Providers, or Attestation Providers.”
As mentioned I’m already forced to use a couple of identification apps on Android. An alternative for me would be to have a twin sim setup and leave my proprietary phone at home and roam around with my PostmarketOS phone instead. That works fine. But might make it harder to recruit new users.
Finally I’ll say that I agree we shouldn’t blindly trust the government.
“Overall, this isn’t immune to scope creep towards surveillance” in your original post sums up my fears.
As soon as the majority of population goes digital-only, the nice privacy properties can be thrown out of the window, because there will be no alternative. What will you do, claim you’re too old for a phone ID? But you just used the previous one without any problems.
It’d be great to have it, although I already have physical documents, so idk… I can just use those. Does not even require charging batteries.
Maybe others will have more use for that.
Here in Norway we need to use a MinID app to login to various public services, but it is only available in the proprietary app stores for iOS and Android.
Most of banking services in Scandinavia requires a proprietary app called BankID which is co-owned by several banks. Sadly this app is also only available in proprietary app stores.
Apps such as these create a big switching cost for users who want to move to PostmarketOS. Incidentally, EU launched the Digital Markets Act to create more competition amongst platforms including iOS and Android. But it remains to be seen how or if the DMA will affect usage of the aforementioned apps and the EUDI. If the EUDI becomes a trusted authentication method for public services and bank services I could throw proprietary app stores in the bin.