A Threat Model for Digital Identity Wallet in the age of eIDAS 2.0
June 27, 2026
3:10 PM
Golden Wave 2
About this session
Digital identity wallets, introduced under eIDAS 2.0, enable decentralized and user-controlled management of personal data across online services. However, as a new model with new entities and interaction patterns, their security and privacy risks remain insufficiently understood. This session presents a structured threat modeling using STRIDE and LINDDUN, and outlines potential threats with key mitigation strategies while inviting community feedback to identify missing threats and mitigations.
About the speaker
About the speakers
Simone is the W3C Security Lead. He has 20+ years of expertise in red/blue Teaming and Web security. He has spoken at OWASP, TEDx, and other events and authored Attacking and Exploiting Modern Web Applications.
Amir Sharif is a researcher in the Security & Trust Research Unit of the Cybersecurity Center at Fondazione Bruno Kessler, Trento, Italy. His research focuses on secure and privacy-by-design of digital identity management solutions. Currently, he is involved in the design of the next generation of Italian digital identity infrastructure, known as Italian Digital Identity Wallet (IT Wallet).
Zahra Ebadi Ansaroudi is a researcher at FBK, Center for Cybersecurity, Trento, Italy. She earned her PhD at the University of Salerno, focusing on cryptography and applied security. Her current work focuses on digital identity research and innovation within the joint laboratory between FBK and the Italian Government Printing Office and Mint, contributing to the Italian Digital Identity Wallet.
.png){kind=logo}
