Hacker News
EU digital identity wallets criticized for depending on Google and Apple attestation
- Category: Pulse
- Status: discussion
- Sources: Waag analysis, discussion
- Summary: A 2026-06-22 article by Danny Laemmerhirt of the Amsterdam digital-rights organization Waag argues that EU digital identity wallets under eIDAS 2.0 depend on Google and Apple device-attestation services (Google's Play Integrity API and Apple's device attestation) to verify that the wallet app runs on unmodified hardware, which can exclude users of de-Googled operating systems such as GrapheneOS and /e/OS from government services. It reached the front page at 574 points.
- Why it matters: Building public identity infrastructure on proprietary attestation ties citizen access to two vendors' platform-integrity gates, a concrete dependency and exclusion risk for anyone targeting alternative Android distributions, extending the device-attestation and identity-gating theme this digest is tracking.