欧洲数字身份钱包是送给谷歌和苹果的一份厚礼。

欧洲数字身份钱包是送给谷歌和苹果的一份厚礼。
European digital ID wallets rely on safety services of Google and Apple

原始链接: https://waag.org/en/article/european-digital-id-wallets-are-gift-google-and-apple/

欧洲各国政府正在开发数字身份钱包，以方便公民获取公共服务，但其架构中的一个关键缺陷正威胁着其实用性和独立性。通过整合谷歌 Play Integrity API 和苹果设备认证（Managed Device Attestation）等专有“远程认证”服务，这些钱包实际上强迫用户进入了大型科技公司的生态系统。这些 API 的作用不仅限于确保设备安全，它们还强化了谷歌的平台控制力，往往会将使用注重隐私的“去谷歌化”操作系统（如 GrapheneOS）的用户排除在外，且可能违反了《数字市场法案》。当政府强制推行这些工具时，它们自相矛盾地巩固了其声称要监管的科技垄断，损害了自身在数字主权和互操作性方面的目标。专家认为，这种依赖是不必要的；正如瑞士采用更独立的认证机制所证明的那样，开放的、基于硬件的替代方案是存在的。由于这些钱包属于重要的公共基础设施，无论公民选择何种操作系统，它们都必须保持可访问性。为了实现真正的数字自主，欧盟必须强制推行开放、供应商中立的认证标准，并拒绝在公共服务中引入由企业控制的安全框架。

这篇 Hacker News 的讨论聚焦于对欧洲数字身份钱包的尖锐批评，认为这实际上让谷歌和苹果控制了核心的公民基础设施。参与者担心，通过构建依赖于美国控制的移动平台的身份系统，欧盟未能实现其声称的“数字主权”目标。对话突出了三个主要矛盾： * **监管悖论：** 一些人认为，出于好意的监管往往通过提高小型竞争对手的准入门槛来巩固垄断地位，最终迫使政府依赖现有的科技巨头。 * **“转换成本”的现实：** 另一些人指出，欧洲的数字主权面临着文化障碍；即使开发出本土替代方案，公众也已深度融入美国主导的生态系统（iOS/Android/Windows），并抵触更换平台。 * **安全与控制：** 人们对政府权力滥用以及“聊天控制”（Chat Control）或中心化身份系统的风险表示担忧。一些人建议，与依赖大科技公司所谓的“安全”服务相比，开源且与硬件无关的解决方案（例如自主权身份钱包）将提供一条更好、更安全的道路。总的来说，讨论充满了挫败感，用户质疑欧盟究竟是在优先考虑独立性，还是仅仅将公民监控外包给了美国企业。

原文

European governments are rolling out digital identity wallets, which are to be used by citizens to access services, and to verify their age online. As reported by Follow the Money and Android Authority, there is a serious problem with this: these wallets rely on safety services of Google and Apple. These are known as Google Play Integrity API, and Apple’s Managed Device Attestation¹. Such safety services (known as “remote attestation”) are used to ensure that wallet apps run on hardware that is not tampered with. In this article we explain why the EU-wallet case is part of a bigger problem: by embedding these safety services in public infrastructure, Europe risks making society dependent on private companies while serving their corporate interests.

Here is the problem:

Google’s Play Integrity API is not just a security feature: it is reinforcing Google’s control over the Android ecosystem.

Google’s Play Integrity API is an instructive case for how big tech platform companies accrue power. The API is a free piece of software that Google gifts to developers to help with their app development. It allows developers to check whether an app is running on a “genuine certified Android device” to test the integrity of a mobile device. This can help developers reduce abuse by bots, fraud in banking apps, or cheating in game apps.

But in doing so, it also checks whether a device is running a Google-licensed version of Android and treats unlicensed alternatives as a potential security risk. When Google verifies whether an app has been tampered with, it uses the Google Play Store as the source of truth, checking both whether the app has been modified and whether it was installed through the Play Store. As a result, Google’s safety service is designed to exclude operating systems that are not licensed by Google, encourage installation through the Google Play Store, and require users to sign in with a Google account. This is a clear violation of the Digital Market Act (DMA).

We do have a choice. A more open alternative to Google Play Integrity exists but is being ignored: Android's Hardware Attestation API. It provides hardware-based security checks but without enforcing Google’s ecosystem policy.

Governments are cementing a monopoly they claim to oppose

The EU often states that it wants to break the big tech monopoly. Yet, European member states risk reinforcing Google's ecosystem when they embed the Google Play Integrity API into their digital ID wallet architecture. For example, wallet developers in the Netherlands and Italy have implemented Play Integrity. As a result, users of de-Googled operating systems such as e/OS and GrapheneOS can be excluded from accessing these services.

In this way, governments effectively become enforcers of a private company's platform policies. This stands in tension with Europe's ambition to build digital public infrastructure based on public values such as openness, inclusiveness, and technological sovereignty. It also stands in tension with the regulation underpinning the EU’s identity wallet, which identifies interoperability as a key objective. Users who want the autonomy to use operating systems without pre-installed Google software, Google trackers, and built-in LLMs, are forced to use Google software, if they want to use the wallet. And here, they will not have a choice.

ID wallets are public infrastructure to access critical public services. They should remain interoperable across different devices and operating systems, free from vendor lock-in.

ID wallets are not just any kind of software – they are key means to access government documents and manage logins to public services. Therefore, they are often seen as crucial building blocks of digital public infrastructure. They are a crucial service that has to be available to anyone - independently of Google and Apple. Because the consequence is that alternative de-Googled operating systems are much less attractive to adopt if users cannot use crucial apps like identity wallets to log into government services.

Waag’s own research findings on this topic support this. In the EU-funded Mobifree project, we have researched over the past two years what makes de-Googled mobile software ecosystems valuable for different end-users. A key requirement for many of our 120 testers to switch to de-Googled operating systems was their compatibility with apps for critical services such as payments and government identification apps.

Government developers therefore have to consider deeper stack levels when optimizing interoperability. Since Play Integrity API clearly violates the Digital Markets Act, it also contradicts the goals of ID wallets to advance European sovereignty.

European member states lack a unified approach to implement wallets

Part of the problem lies in the governance of the wallet design process. The EU provides a general technical framework for the wallet architecture, the Architecture Reference Framework. While it does not require European governments to use Google attestation, it does recommend it. This leads to an incoherent European stance towards Google, with some countries not using it, while others enforce Google’s ecosystem.

Some member states, such as Italy, have interpreted the EU’s recommendation to use the Play Integrity API as mandatory. Others, like Switzerland, rely on Android’s attestation mechanism. They dropped Play Integrity due to data protection, data sovereignty, and freedom-of-choice concerns. The Netherlands and Italy use Play Integrity unconditionally. By doing so, they interpret the EU’s recommendations for using Google’s and Apple’s attestation software in very strict terms.

If Europe is serious about digital autonomy, it should rule out Google and Apple attestation entirely from the Architecture Reference Framework and mandate open, hardware-based attestation mechanisms. Countries like Switzerland demonstrate that using Google Play Integrity is not justified, and that other solutions are available.

Public infrastructure demands public accountability, and there are ways to act

Because digital wallets are public infrastructure, their design must be subject to public participation and accountability. The problems and contradictions explained above deserve a public debate. Citizens and developers are raising concerns on national repositories — including Germany's public wallet development tracker (gitlab.opencode.de) and Switzerland's open discussion forum (github.com/orgs/swiyu-admin-ch). These are legitimate channels, but they reach only a narrow technical audience.

If you are an expert working on this topic who wants to promote change, get in touch.

What you can do:

Notes

In this article, we focus on Google’s Play Integrity API. We do so because it has an impact on the use of alternative operating systems based on Android.