Skip to content
← All news
6 min read

Your phone could lock you out of European public services.

To prove your phone is safe, the EU's ID wallets ask Google and Apple. That quietly decides which phones are allowed to count.

By 2026, every EU country needs a digital ID wallet. Many lean on Google and Apple to judge your phone.

By the end of 2026, every country in the EU has to give its citizens a digital ID wallet: one app that holds your identity documents, signs you into government services, and proves your age online. To decide whether your phone is safe enough to run it, many of these wallets ask Google or Apple. That one design choice quietly lets two American companies help decide which phones are allowed to hold your ID.

What the wallet actually is

Picture your physical wallet: ID card, driving licence, maybe a health card. The EU wants that on your phone instead, under a law called eIDAS 2.0 (Regulation (EU) 2024/1183, in force since May 2024). All 27 member states have to offer at least one certified wallet to citizens and residents by the end of 2026.

Because the wallet holds real identity documents, it has to be sure it is running on a genuine, untampered phone and not a clone or an emulator faking the whole thing. That part is fair. An ID app has every reason to distrust the device until it can check.

How the wallet checks your phone

This check is called remote attestation. Rather than build it from scratch, most wallet teams reach for the tools already sitting on the phone:

  • Google Play Integrity API on Android
  • Apple Managed Device Attestation on iPhone

Both report back whether the device and app look legitimate. On the surface this is sensible. The tools exist, they are maintained by the platform owners, and reusing them is faster than writing your own security layer.

The catch

Google's check does not only ask whether your phone is secure. Its strongest verdict also asks whether you are running Google's licensed version of Android, installed through the Play Store.

So a phone running GrapheneOS or e/OS, hardened Android builds that privacy-conscious people choose precisely because they are locked down, can be marked untrusted. The hardware is fine. The encryption, the verified boot, the update chain are all fine. It is just not Google's Android, so the wallet can refuse to open. This is the argument made by Waag Futurelab, an Amsterdam research lab, in a piece bluntly titled "European digital ID wallets are a gift to Google and Apple."

It is like a library that only lets you in if your shoes are a particular brand. Your shoes are clean, comfortable, and perfectly safe. They are just the wrong brand. The check has stopped being about safety and started being about who made the thing.
The same question, two ways to answer it. One of them cares who made your OS.

Different countries, different calls

The EU's own Architecture Reference Framework recommends Google's approach but does not require it. That leaves each country to decide, and they have not decided the same way.

CountryWhat its wallet uses
ItalyGoogle Play Integrity, reading the EU recommendation as a requirement
NetherlandsGoogle Play Integrity, unconditionally
SwitzerlandAndroid's open hardware attestation, having dropped Play Integrity
Same security goal, three different amounts of Google in the answer.

Switzerland walked away from Play Integrity citing data protection, data sovereignty, and freedom of choice. Its e-ID sits outside the EU mandate technically, but it is solving the identical problem, which is why it keeps coming up as the counterexample: a government wallet that verifies the device without handing the keys to Google.

There is already a less locked-in option

Android ships a second mechanism, hardware key attestation, that checks the same thing: is this a real, secure, untampered device? It leans on the same secure hardware Google's strong verdict relies on. The difference is that it can be configured to trust a hardened OS like GrapheneOS on its own terms, instead of trusting only Google-licensed builds.

GrapheneOS argues its own attestation is actually stronger than Play Integrity's top tier, and it runs a public tool that proves a GrapheneOS device is genuine with no Google in the loop. Their attestation compatibility guide walks through what each check really verifies. The point stands either way: the secure alternative is not hypothetical. Switzerland is shipping it.

Why this is more than a phone preference

A digital ID wallet is not an app you can shrug off. It is turning into the front door to essential services: healthcare, tax portals, age-gated sites, proof of identity for a rental or a bank. When the front door only opens for Google-blessed phones, Google gets a say over access to public infrastructure it does not run.

That sits oddly next to what Europe says it wants. Digital sovereignty, more competition, less dependence on Big Tech. Building the ID layer on Google's attestation pushes the other way, and it turns governments into the enforcers of one company's platform rules. There is even a legal knot in it: the EU's Digital Markets Act is busy pushing Apple and Google to open their platforms up, while wallets built on their attestation quietly do the opposite.

None of this means attestation is wrong. A wallet holding your identity should absolutely refuse to run on a tampered device. The complaint is narrower and harder to wave off: the mechanism many countries picked treats 'secure' and 'made by Google' as the same thing, when a more open mechanism reaches the same security without the lock-in.

It is not settled yet

The good news is that this is being argued in the open. On the EU's own reference wallet, one of the loudest requests on the public tracker is a plain one: remove the requirement for Google Play Integrity.

And on the related EU age-verification app, Scytales, one of its developers, said in July 2025 that the app is white-label and can verify a device in several ways. Play Integrity is only one of them, and hardware key attestation will likely be supported too. That is the crack worth watching: the choice is starting to be framed as one option among several, not a default nobody questioned.

Why a build studio cares

We ship apps that run on other people's phones, and attestation is quietly becoming the gate on who gets in. If you build anything that leans on Play Integrity or Apple's App Attest, whether for payments, logins, or age checks, you are also deciding which of your users get shut out, often without meaning to.

The lesson mirrors one we keep hitting, most recently in our post on Spain's IP blocking: the platform your code runs on is part of your product, not a detail underneath it. A secure default that silently excludes a slice of careful, legitimate users is a support ticket, a bad-press cycle, or a regulator's question waiting to happen. For a national ID wallet, it is all three at once.

Next step: read Waag Futurelab's full argument for the policy side, and GrapheneOS's attestation guide for the technical one. If you are building something that depends on device attestation and want to avoid locking out your own users, write to us at hello@gattyworks.com.

Digital IdentityPrivacyBig TechDigitalIdentityEUDIWalleteIDASPlayIntegrityGrapheneOSDigitalSovereigntyBigTechAndroidDeviceAttestationDigitalRights
04 · BRIEF

Ready to ship?

Send a brief. You will get a written reply, a fixed quote, and a delivery date within 24 hours. If we miss that window, the website fee on your first project is refunded in full.

24h reply, or 100% website fee refunded
Average reply under 4 hours. Always inside 24.