SID-PRIV-04 — Pseudonymous Authentication
| Property | Value |
|---|---|
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Privacy Controls |
Description
Wallet user can authenticate towards relying parties using pseudonyms without revealing their real identity:
(1) Wallet instance supports pseudonymous authentication towards relying parties as required by eIDAS Article 5a. (2) User can create, manage, and select per-relying-party pseudonyms. (3) Pseudonyms SHALL be unlinkable across relying parties — different RPs cannot correlate the same user. (4) Pseudonymous presentations SHALL still be cryptographically bound to the wallet unit for non-repudiation where required.
Not yet implemented. Design must consider interaction with SD-JWT key binding, mDOC device authentication, and the rawSign API for pseudonym key management.
Components
Source References
Framework Requirements
FitCEM Wallet Instance: FIT-AU-12