Updated 8 May 2026 with post-Summit notes — see the section at the end of this post. The framing below reflects the agenda as published on 27 April 2026.
The Bitkom eIDAS Summit ran 28–29 April 2026 in Berlin. Day 1 was on-site at the Representation of the State of Baden-Württemberg, in German, with a national focus. Day 2 was English and online for a European audience. The keynote line-up was heavier than any previous edition: Federal Digital Minister Dr. Karsten Wildberger for BMDS, Norbert Sagstetter for the European Commission's Digital Identity Unit, Dr. Markus Reichel as rapporteur from the CDU/CSU group, and Christina Raab (Bitkom Vice President, Accenture DACH CEO) opening the industry side.
The reason this Summit is worth a separate post is not the keynote roster. It is the way the agenda has been structured.
Earlier eIDAS Summits were protocol-led — sessions on OpenID4VP, on mDoc, on selective disclosure, on cryptographic suites. This one is sector-led: the published programme tracked country wallet demos, large-scale pilots, the European Business Wallet, accessibility, trust services in the cloud, content credentials, and age verification as the structural lens.
That shift is the signal. Five takeaways every relying party and merchant should leave with — even those who never logged into the live stream.
1. Sector-specific use cases are now the lens
The Day 2 programme tracked sectors, not protocols. Country wallet demos. Large-scale pilots. The European Business Wallet. Accessibility. Trust services in the cloud. Content credentials. Age verification. That structure tells you who Day 2 is for: relying parties making integration decisions in the next 8 months, not standards bodies refining the spec.
For merchants, the implication is simple. The integration scope is no longer "implement OpenID4VP." It is "implement the wallet in your checkout, with your fallback flow, your support training, your localization, your pre-warming sequence." The protocol is settled. The integration is not.
2. The 100-company MoU is your integrator directory
Germany's Federal Ministry for Digital and State Modernisation (BMDS) signed a Memorandum of Understanding with 100+ companies on 28 April. The signatories include the major German banks, telcos, healthcare systems, transport companies, and a long tail of integrators.
If you are a relying party trying to figure out who can deliver a wallet integration that actually ships in 2026, this list is the answer. It is not a procurement guarantee — these are MoU signatories, not a vetted supplier list — but it is a discovery shortcut. If your integrator is not on it, ask why. If they are, ask which other signatories they have already worked with.
3. The European Business Wallet is the B2B sibling
The European Business Wallet got real airtime on Day 2. It is the B2B sibling to the citizen wallet — same protocol stack, different attribute set, different relying-party expectations.
Most merchants who covered the Summit last week ignored the EBW. Don't. Procurement workflows, supplier onboarding, KYB (know-your-business), B2B authentication, regulated cross-border B2B services — all of these become wallet-native in 2027. The B2C wallet rollout gets the headlines; the B2B wallet rollout gets the durable margin.
4. Germany's 2 January 2027 launch sets the cross-border tone
Germany goes live first. First wallet in production, first relying-party register, first regulated verticals binding. Whatever Germany ships becomes the de-facto standard that every other member state's national wallet has to interoperate with.
For merchants outside Germany, the implication is concrete: even if your home market launches in mid-2027 or 2028, your German customers will arrive with a wallet on 2 January 2027. Cross-border verification flows become the binding constraint, not the German market alone.
5. The policy/merchant gap is now visible
The biggest signal from Day 2 is the gap that nobody on stage named directly. The Bitkom 13 April survey put 52% of Germans at "never heard of the EUDI Wallet" and 5% at "can explain it." Day 2 framed the awareness gap as a marketing problem — something for BMDS, the Commission, and Bitkom to address with public campaigns.
It is not. It is a checkout problem. The 5% who can explain the wallet on 2 January 2027 will be over-represented in your funnel from day one — they are the early adopters, the privacy-conscious, the technically-curious. The other 95% will arrive with confusion. They will need plain checkout copy, a fallback flow, FAQ answers, and support training.
Merchants who treat this as a marketing-department noise will hand their first 12 months to competitors. Merchants who treat it as integration scope will spend Q1 2027 watching an unfamiliar button outperform every legacy verification path they have ever shipped.
Post-Summit notes — 8 May 2026
Five things changed between the Summit's close on 29 April and the second week of May. Each one shifts the merchant-side reading of the agenda above.
One — the activation gap reframed the Bitkom story. Bitkom's follow-up survey on 27 April shifted the headline from "52% never heard of it" to "54% would use it but only 18% have an activated eID with a working PIN." The Summit's communications-track sessions, written for the awareness gap, landed in the room against an activation gap that is harder to close. We unpack the implications for merchants in our activation-gap post.
Two — ENISA's hardest quote arrived on 28 April. The public-review draft of the EUCC for EUDI Wallets carried the single most consequential admission from the cybersecurity track: "In early 2026, no EUDI Wallet has been deployed or certified, and the specification remains work in progress." Biometric Update's coverage frames the implications for the end-2027 Article 5f acceptance deadline.
Three — member states broke ranks on the EU age-verification app. The Commission's 29 April recommendation to deploy a white-label EU AV app drew immediate pushback from Germany, Ireland, France, Poland, and Estonia, with Germany routing age verification through the wallet's age attribute instead. The political track formalised on 6 May in Council document 8985/26. Full analysis in our member-state fragmentation post.
Four — the cross-border critique sharpened. Mirko Mollik's "Worthless outside Europe?" (3 May), written from IIW Mountain View, surfaced what the Summit underplayed: outside the EU, the wallet is being routed around rather than through. For B2B and globally-active relying parties, a meaningful 2027 planning input.
Five — civil-society critique consolidated. The epicenter.works "five problems" open letter (3 May) pulled together the substantive privacy critiques into one document. Two of the five — registration-certificate over-asking and weakened pseudonymity — touch the relying-party flow directly and are worth a read regardless of where you sit on the framing.
Net for a Q3-2026 integration roadmap: the activation-gap and member-state-fragmentation stories are the two takeaways that change the build order. The ENISA admission and the cross-border critique are useful priors for risk language in internal stakeholder discussions but do not, by themselves, alter the integration plan.
What to do Monday morning
We packaged the merchant decision into 5 questions. Score yourself.
- Are you in scope under Article 5f? Which paragraph applies?
- Have you mapped your wallet relying-party registration path?
- Have you scoped your attributes to the minimum needed?
- Is your wallet+fallback flow designed and tested?
- Have you tested against at least two wallet implementations?
5/5 → on track for a clean Q1 2027 launch. 3–4/5 → at risk. 0–2/5 → treat 2027 as a build year, not a launch year.
Full readiness checklist: https://eidas-pro.com/blog/eudi-wallet-readiness-checklist-merchants-5-questions
Why we wrote this
We are eIDAS Pro. We build EUDI Wallet verification infrastructure for merchants — drop-in checkout integrations, fallback flows, sector-specific support training, and the open-source SDK that powers them (@openeudi/core, @openeudi/openid4vp, Apache 2.0).
If you are 8 months from launch and behind on integration scope, we can help. If you are not behind, we want to learn what you got right.
Source: https://eidas-pro.com/blog/eidas-summit-2026-berlin-bitkom-merchant-takeaways
Top comments (0)