SecAppDev 2025 lecture details
Germany’s EUDI Wallet Ecosystem Development
Explore the architecture, governance, and real-world implementation of Germany’s EUDI Wallet ecosystem within the EU Digital Identity Framework.
Tuesday June 3th, 16:00 - 17:30
Room West Wing
Abstract
This session provides a deep dive into the ongoing development of the German EUDI Wallet ecosystem within the broader EU Digital Identity Framework. We’ll cover architectural decisions, trust model design, technical components, and governance structures driving implementation. The talk highlights how Germany aligns with EU-level specifications while addressing national requirements, and reflects on lessons from pilot deployments, interoperability efforts, and open-source contributions shaping the ecosystem’s future.
Key takeaway
National-scale digital identity is built on both compliance and collaboration - Germany’s EUDI Wallet shows how strategy meets technical execution.
Content level
Deep-dive
Target audience
Practitioners and researchers in digital identity, government IT, and cross-border interoperability
Prerequisites
Understanding identity architecture principles and basic familiarity with verifiable credentials (see Kristina's previous session)
Join us for SecAppDev. You will not regret it!
Grab your seat now
Kristina Yasuda
Product Owner, SPRIND - German Federal Agency for Disruptive Innovation
Expertise: Decentralized Identity, Verifiable Credentials, Technical Standards
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Verifiable Credentials: Concepts to Practice
Introductory lecture by Kristina Yasuda in room Lemaire
Monday June 2rd, 14:00 - 15:30
A technical introduction to Verifiable Credentials, highlighting use cases, implementation lessons, interoperability profiles, and recent updates to the related specifications.
Key takeaway: Interoperability in the wallet model requires aligned choices across the stack that meet use case requirements in terms of UX, security, privacy, etc.
My Name Is Not Cassandra: AppSec and "I Told You So"
Advanced lecture by Izar Tarandach in room Lemaire
Wednesday June 4th, 16:00 - 17:15
Lack of authority, an outsider's view of the development process and a faulty language of risk. Are security practitioners fated to point at risk and not be heard?
Key takeaway: "Raw" security can be fun, but does not lead to change. We must adapt our ways in order to impact the environment we want to protect.
OpenAPI as a security tool, not just documentation
Deep-dive lecture by Philippe De Ryck in room Lemaire
Monday June 2rd, 16:00 - 17:30
OpenAPI specs are more than docs—they can drive API security. Learn how to use them in spec/code-first workflows to find vulnerabilities, guide audits, and power security tools for testing, attacks, and runtime protection.
Key takeaway: A well-crafted OpenAPI spec can uncover security issues, guide audits, and power tools for testing, making it a key asset in your API security strategy.