Organisation Wallet Overview

The Organisation Wallet by iGrant.io facilitates the issuer, holder, and verifier of verifiable credentials based on the eIDAS 2.0 framework. It incorporates the latest amendments, the EU Architectural Reference Framework (ARF), and Implementing Regulations (IR/IA). The platform is available as both an on-premise solution and a Platform-as-a-Service (PaaS), with multi-tenant capabilities, making it suitable for applications requiring the issuance or verification of credentials. It supports various types of credentials, including PID (Person Identification Data), LPID (Legal Person Identification Data), EAAs (Electronic Attribute Attestations), Payment Wallet Attestations, and QEAAs (Qualified Electronic Attribute Attestations) and more.

Key Features

The key capabilities of iGrant.io Enterprise Wallet (For Organisations) include:

Support Multi-Tenant with Self-Service Capability: The wallet supports multiple organisations within a single instance while ensuring data privacy and segregation. It provides a user-friendly self-service interface for credential issuance and verification management.

Interoperability: Seamlessly integrates with existing systems and supports data portability across different platforms supporting OpenID4VCI/OpenID4VP (JWT/SD-JWT) and Aries RFCs.

Support for Multiple Trust Anchors: The wallet supports multiple trust registries, both ledgers and non-ledger ones. The ledger-based trust registry support includes European Blockchain Service Infrastructure, EU Trust List (as per ETSI TS 119 612), IDUnion, Sovrin, NordXDataspace (Indy) etc.)

Support for Multiple EAAs: The wallet features a modular architecture that integrates various EAAs, seamlessly incorporating new types without significant system overhauls.

Webhook Support: This feature enables real-time notifications and automatic updates within digital wallet workflows, enhancing efficiency and user experience by instantly syncing transaction events.
Security and Data Privacy: All EAAs will be protected through cryptographic functions that comply with SOG-IS/BSI CSP2 security standards, ensuring user data remains secure in transit and at rest. The privacy considerations will adhere to the eIDAS2 requirements, addressing critical issues of unobservability and unlinkability.

Flexible Key Management Options

• iGrant.io Secure Vault: A default option where iGrant.io manages key storage and liability, ensuring a fully hosted and secure solution. Future support for a QTSP service is under consideration.
• HashiCorp Secure Vault: Allows customers to integrate their own key management systems, with or without an HSM, offloading key storage liability to the organisation.
• Use of QTSPs: Offers third-party QTSP integration via a value-added reseller (VAR) model, where key management and signing liabilities are transferred to the external provider chosen by the organisation.

Deployment Options

• Deployment Option #01: On-Premise: In the on-premise option, you can deploy the dockerised images on your local server or your cloud.
• Deployment Option #02: PaaS: In the platform-as-a-service option, iGrant.io manages the service with a certain level of configurability.

Try out

To explore our Organisation Wallet by iGrant.io, please contact support@igrant.io to gain access. Our team will assist you in setting up and navigating the features tailored for enterprise use.