DIDShield: A Privacy-Centric Approach to Digital Wallet Security
Lead Participant:
UNIVERSITY OF SHEFFIELD
Abstract
**DIDShield** is an innovative cybersecurity project designed to address critical privacy and security challenges in digital wallets, particularly within the European Union Digital Identity Wallet (EUDI) framework. In response to the EU Digital Identity Regulation (eIDAS 2.0), which mandates stringent security and privacy protections for digital identity systems, DIDShield offers a cutting-edge Software-as-a-Service (SaaS) compiler that seamlessly integrates with legacy digital wallet infrastructures to enhance privacy, security, and resilience.
The EUDI regulation explicitly requires advanced security and privacy features, such as **unlinkability**, **untraceability**, **selective disclosure**, and **Sybil resistance**, to safeguard user identities and prevent unauthorized tracking or data correlation. Current digital wallet architectures fall short of these requirements, creating an urgent need for robust solutions. DIDShield addresses these gaps by leveraging Decentralized Identifiers (DID) as its core technology. It enables secure authentication, encrypted pseudonym generation, and zero-knowledge proof mechanisms that ensure privacy even in adversarial environments.
DIDShield's framework goes beyond simple credential management, where we will introduce a **privacy-centric compiler** that upgrades legacy digital wallets, embedding essential security features like **data minimization**, **pseudonymous authentication**, and **collusion resistance** against identity providers (IdPs) and relying parties (RPs). This ensures that user transactions remain private, even if service providers are compromised. Roughly speaking, one of the key innovations of DIDShield is its ability to provide strong privacy guarantees, including protection against tracking and profiling by malicious actors. The system ensures that transactions remain unlinkable, preventing unauthorized entities from correlating user activities across different services. Additionally, the framework is resilient against Sybil attacks, safeguarding digital wallets from identity-based threats commonly exploited in decentralized environments.
Recognizing the **EU's call** for innovative solutions to meet these regulatory demands, DIDShield stands out as a leading candidate to support the EUDI Wallet initiative. Its ability to deliver **crypto-agility**---adapting to evolving security standards, including post-quantum cryptography---positions it as a future-proof solution.
Moreover, DIDShield has attracted commercial interest from industry leaders such as **The Dingle Group**, signalling strong market potential. As digital wallets face increasing cyberattacks, data breaches, and identity theft threats, DIDShield provides the robust, privacy-preserving foundation needed to build user trust and regulatory compliance in the digital economy.
This project aims to strengthen digital wallets' security and foster trust among users, regulators, and service providers by delivering a scalable, privacy-centric solution. By addressing both current vulnerabilities and emerging threats, DIDShield is poised to become a cornerstone of secure digital identity management in Europe and beyond.
The EUDI regulation explicitly requires advanced security and privacy features, such as **unlinkability**, **untraceability**, **selective disclosure**, and **Sybil resistance**, to safeguard user identities and prevent unauthorized tracking or data correlation. Current digital wallet architectures fall short of these requirements, creating an urgent need for robust solutions. DIDShield addresses these gaps by leveraging Decentralized Identifiers (DID) as its core technology. It enables secure authentication, encrypted pseudonym generation, and zero-knowledge proof mechanisms that ensure privacy even in adversarial environments.
DIDShield's framework goes beyond simple credential management, where we will introduce a **privacy-centric compiler** that upgrades legacy digital wallets, embedding essential security features like **data minimization**, **pseudonymous authentication**, and **collusion resistance** against identity providers (IdPs) and relying parties (RPs). This ensures that user transactions remain private, even if service providers are compromised. Roughly speaking, one of the key innovations of DIDShield is its ability to provide strong privacy guarantees, including protection against tracking and profiling by malicious actors. The system ensures that transactions remain unlinkable, preventing unauthorized entities from correlating user activities across different services. Additionally, the framework is resilient against Sybil attacks, safeguarding digital wallets from identity-based threats commonly exploited in decentralized environments.
Recognizing the **EU's call** for innovative solutions to meet these regulatory demands, DIDShield stands out as a leading candidate to support the EUDI Wallet initiative. Its ability to deliver **crypto-agility**---adapting to evolving security standards, including post-quantum cryptography---positions it as a future-proof solution.
Moreover, DIDShield has attracted commercial interest from industry leaders such as **The Dingle Group**, signalling strong market potential. As digital wallets face increasing cyberattacks, data breaches, and identity theft threats, DIDShield provides the robust, privacy-preserving foundation needed to build user trust and regulatory compliance in the digital economy.
This project aims to strengthen digital wallets' security and foster trust among users, regulators, and service providers by delivering a scalable, privacy-centric solution. By addressing both current vulnerabilities and emerging threats, DIDShield is poised to become a cornerstone of secure digital identity management in Europe and beyond.
Lead Participant | Project Cost | Grant Offer |
|---|---|---|
| UNIVERSITY OF SHEFFIELD | £22,757 | £ 22,757 |
People |
ORCID iD |
| Behzad Abdolmaleki (Project Manager) |