E-commerce and Online Platforms

E-commerce platforms and online marketplaces face significant new obligations under eIDAS 2.0, particularly when they qualify as very large online platforms (VLOPs) under the Digital Services Act. VLOPs are explicitly listed as mandatory relying parties that must accept the European Digital Identity Wallet for user authentication. Even platforms below the VLOP threshold will benefit from wallet integration, as it provides a standardized mechanism for the identity verification obligations they already face under the DSA, consumer protection directives, and national regulations.

The wallet changes the economics and user experience of identity verification in e-commerce. Current processes for verifying seller identity, checking buyer age, and authenticating users rely on a mix of document uploads, third-party verification services, and self-declaration. The wallet replaces these with instant, cryptographically verified credential presentations that are cheaper to process, harder to forge, and less intrusive for users.

Age verification is one of the most pressing use cases for wallet integration in e-commerce. The Digital Services Act requires platforms to implement measures to protect minors, and national regulations across Member States impose age restrictions on products including alcohol, tobacco, gambling services, and adult content. Current age verification methods range from ineffective (self-declaration checkboxes) to intrusive (full identity document uploads). Neither approach is satisfactory from a compliance, privacy, or user experience perspective.

The EUDIW solves this through selective disclosure. A platform can request a simple age-threshold attestation (for example, "Is the user over 18?") from the wallet. The wallet returns a cryptographically verified yes or no answer without revealing the user's date of birth, name, or any other personal data. This satisfies the age verification obligation while collecting the absolute minimum personal data. For platforms, this means lower data protection liability, simpler compliance documentation, and a frictionless user experience that does not interrupt the purchase flow with document uploads or verification delays.

The DSA and the proposed Platform Workers Directive impose obligations on platforms to verify the identity of traders and service providers operating on their marketplace. Under DSA Article 30, online marketplaces must collect and verify trader identity information before allowing them to offer products or services. The EUDIW provides a high-assurance mechanism for this verification: sellers present their wallet credentials (PID for individual traders, organizational attestations for business sellers), and the platform receives government-verified identity data.

For platforms operating cross-border marketplaces, the wallet eliminates the complexity of verifying identity documents from 27 different Member States. A Polish seller and a Portuguese seller both present standardized wallet credentials that the platform can verify using the same technical infrastructure. This reduces verification costs, accelerates seller onboarding, and increases the reliability of trader identity data. Combined with Qualified Electronic Attestations of Attributes for business registration or professional licensing, the wallet enables a comprehensive trader trust profile built on verified credentials rather than self-reported information.

Consumer trust is the foundation of e-commerce, and the EUDIW strengthens it in multiple ways. Verified seller identity reduces the risk of fraudulent merchants operating on platforms. Wallet-based buyer authentication provides a more reliable identity anchor for transaction dispute resolution than email addresses or social logins. For high-value transactions, platforms can request additional verified attributes (such as delivery address confirmation) to reduce fraud and chargebacks.

The wallet also creates opportunities for enhanced consumer experiences. Verified identity enables personalization without requiring users to create accounts and provide personal data directly to each platform. Loyalty programs and cross-platform user recognition can be built on wallet-based identity rather than tracking cookies or email-based identification. For platforms subject to the Consumer Rights Directive and the Omnibus Directive, wallet-based identity verification supports compliance with requirements around trader transparency and consumer redress mechanisms.

The DSA imposes transparency and accountability requirements on platforms, including obligations around content moderation, advertising transparency, and algorithmic accountability. For VLOPs, these obligations are particularly extensive. Wallet-based authentication can support compliance with several of these requirements. Verified user identity reduces the prevalence of fake accounts and inauthentic behavior. Advertising transparency requirements can be met more easily when advertiser identity is verified through wallet credentials.

Platforms must also consider how wallet-based authentication interacts with their existing identity infrastructure. During the transition period, platforms will need to support both wallet-based and traditional authentication methods. The wallet should be integrated as an additional authentication option that provides higher assurance, with the product experience designed to encourage adoption without forcing users who do not yet have a wallet. Analytics and reporting systems should track wallet adoption rates and the impact on fraud, verification costs, and user conversion to build the business case for expanded wallet integration.

Platform implementation should follow a phased approach. The first priority is determining whether your platform qualifies as a VLOP (over 45 million monthly active users in the EU) and therefore faces mandatory acceptance obligations. Even if you are below this threshold, voluntary wallet integration provides compliance and competitive benefits. Start with the highest-impact use case: for most platforms, this will be age verification (if you sell age-restricted products) or seller identity verification (if you operate a marketplace).

Technical implementation follows the standard relying party integration path: OpenID4VC protocol support, SD-JWT and mdoc credential verification, Trusted List validation, and relying party registration with the national supervisory body. For platforms with large existing user bases, plan a migration strategy that allows existing users to link their wallet to their existing account, providing a verified identity upgrade without requiring re-registration. Monitor the results of Large-Scale Pilots, particularly those testing e-commerce scenarios, for practical integration guidance and UX best practices.