/Logo%202023.svg "Logo 2023"){kind=small}
/Group.svg "Group"){kind=small}
3 min read
The EUDI (European Digital Identity) wallet solution reference architecture (ARF) is designed to provide a secure framework for managing digital identities across various services. However, it is essential to identify and address potential vulnerabilities within the ARF. Failure to do so will compromise the security, privacy and integrity of the system.
Key Vulnerabilities of the EUDI Wallet Reference Architecture (ARF)
The vulnerabilities are depicted in this diagram from ARF and further described below.
- Description: An unauthorized service could masquerade as a participant in the EUDI wallet scheme to interact with a legitimate wallet and extract personal data or authentication secrets.
- Assessment: Ensuring the authenticity of services interacting with the wallet is crucial to prevent unauthorized access to sensitive information.
- Description: Unauthorized modification of the EUDI wallet’s source code or runtime operations can alter its data flow and control environment.
- Assessment: This vulnerability compromises the integrity of the wallet. Measures such as code obfuscation and secure configuration are essential to mitigate this risk.
- Description: Weak access controls and cryptographic key material management can prevent definitive proof that a person performed a specific action.
- Assessment: Non-repudiation ensures that actions performed within the wallet are traceable and accountable, which is critical for trust and compliance.
- Description: The EUDI wallet might expose sensitive information to individuals who are not authorized to access it.
- Assessment: Protecting confidentiality is paramount. This includes securing storage, encrypting payloads, and implementing access token protection to prevent unauthorized information disclosure.
- Description: Degrading or denying the use of the EUDI wallet can adversely affect valid users from performing routine tasks.
- Assessment: Availability of the service must be ensured to maintain user trust and functionality. Robust anti-DoS mechanisms should be in place to protect against such threats.
- Description: Exploiting a vulnerability in the EUDI wallet to gain elevated access permissions to extract secrets or sensitive information.
- Assessment: Proper authorization controls are necessary to prevent unauthorized elevation of privileges, thereby safeguarding sensitive information within the wallet.
OBSERVATIONS
Identifying and addressing the key vulnerabilities in the EUDI wallet reference architecture (ARF) is essential to ensure the security and integrity of the system. By implementing robust security measures and continuously assessing potential threats, the EUDI wallet can maintain its reliability and protect sensitive user information. A significant challenge will be implementing these robust security measures across the wide variety of hardware models and chipsets available in the market. For a successful deployment, relying solely on hardware, such as requiring a phone to support a Wallet Secure Cryptographic Device (WSCD), is not sufficient. A more comprehensive approach is needed.
The ARF fails to address the security requirements that ensure these types of threats are fully mitigated. While adhering to the OWASP MASVS (Mobile Application Security Verification Standard) is a necessary step, truly mitigating these threats requires a comprehensive security strategy that separates wallet development from security measures. This separation should be managed as part of a Security DevOps initiative. By integrating security into every phase of the development and operational lifecycle, the EUDI wallet can achieve the level of protection necessary to safeguard digital identities effectively.
how cryptomathic can help
In a similar effort, Cryptomathic has supported BOSA, the Federal Public Service Policy and Support in Belgium, in developing and securing their digital identity wallet. By providing expertise and security assurance, we helped BOSA meet the stringent requirements necessary to protect their citizens' digital identities, as detailed in this press release. This collaboration highlights the importance of a holistic security approach in digital identity projects across Europe.
Cryptomathic provides an SDK called Mobile Application Security Core (MASC) that addresses these vulnerabilities. Learn how we helped protect the Belgium EUDI wallet, making it one of the most secure deployments in Europe. Contact Cryptomathic today to guide you in the mitigation strategy and how to best address these vulnerabilities. When it comes to protecting citizens and the personal data collected and shared from the wallet, there should be no compromises.
stay up to date
This blog is the first in a series from our mobile application security expert, Jan Lindquist, covering the security and privacy of EUDI wallets. Future blogs will cover:
- Security DevOps
- Removing the stress of security concerns from developers
- Assessing the lack of ENISA security requirements and the negative impact this may have on EUDI wallet future
To be among the first to receive these expert insights, simply fill out this form and we'll let you know when each blog is published: