11.2. PID Data Model¶
The Person Identification Data (PID) is issued by the PID Provider according to national laws and it MUST be provided in both SD-JWT VC and mdoc-CBOR data format.
Note
Transitional Phase:
During the transitional phase before full EUDIW operability, PID will be provided only in SD-JWT VC format.
The main scope of the PID is allowing natural persons to be authenticated for access to a service or to a protected resource. The PID MUST be provided according to data model requirements defined in EU_2024/2977 and Section 2 of the ARF PID Rulebook v1.3 [EIDAS-ARF], the User attributes provided within the Italian PID are the ones listed below:
Current Family Name
Current First Name
Date of Birth
Place of Birth
Nationality
User identification number across public Relying Party services (for example the taxpayer identification number)
In addition to the User attributes listed above, the PID includes also the following metadata attributes (EU_2024/2977 and Section 2 of the ARF PID Rulebook v1.3 [EIDAS-ARF]):
Issuing authority
Issuing country
Expiry Date
Validity status information
Identity and data proofing information
Some attributes, such as the taxpayer identification number and the identity and data proofing information, are provided as domestic extensions defined by the Italian IT-Wallet specification. It is NOT part of the ARF PID Rulebook (Annex 3.01, PID Rulebook v1.3), but is permitted under ARF requirement PID_06, which allows Member States to define additional domestic attributes beyond those specified in Commission Implementing Regulation (CIR) 2024/2977 (EU_2024/2977). In particular, the identity proofing information is REQUIRED for Italian PIDs to ensure:
The evaluation of User authentication method used.
The level of Assurance compliance of identity proofing during the enrollment process, according to the LoA defined by the eIDAS Regulation.
The auditability upon the User attributes verification processes.
Attributes that are domestic extensions MUST be included in the domestic namespaces that are defined in Section PID Data Model in SD-JWT VC Format and Section PID Data Model in mdoc-CBOR Format for SD-JWT VC and mdoc-CBOR PIDs respectively.
11.2.1. PID Data Model in SD-JWT VC Format¶
The SD-JWT VC PID defined in this specification MUST use the vct claim value set with urn:eudi:pid:it:1, according to the domestic PID extensions defined in the ARF PID Rulebook v1.3 (see also ARF HLR PID_14, Section 4.2, extending the base type urn:eudi:pid:).
Note
Transitional Phase:
During the transitional phase before full EUDIW operability, national implementations MAY use the vct value urn:it-wallet:pid:1. Upon reaching full EUDIW operability, all implementations MUST transition to the EUDI-compliant identifier urn:eudi:pid:it:1 specified above.
According to EU_2024/2977 and Section 4 of the ARF PID Rulebook v1.3 [EIDAS-ARF], the PID in SD-JWT VC format includes the following User Attributes:
Claim |
Description |
Reference |
|---|---|---|
given_name |
REQUIRED. String. Current First Name. |
Section 5.1 of OIDC and Commission Implementing Regulation EU_2024/2977 |
family_name |
REQUIRED. String. Current Family Name. |
Section 5.1 of OIDC and Commission Implementing Regulation EU_2024/2977 |
birthdate |
REQUIRED. String. Date of Birth. It MUST be set according to ISO8601-1 (YYYY-MM-DD format). |
Commission Implementing Regulation EU_2024/2977 |
place_of_birth |
REQUIRED. JSON Object. Place of Birth. At least one of country, region, locality MUST be present. |
Commission Implementing Regulation EU_2024/2977 |
nationalities |
REQUIRED. Array of strings. One or more alpha-2 country codes as specified in ISO 3166-1. |
Commission Implementing Regulation EU_2024/2977 |
personal_administrative_number |
REQUIRED if |
Commission Implementing Regulation EU_2024/2977 |
tax_id_code |
REQUIRED if |
Domestic extension |
All the User attributed listed above MUST be selectively disclosable. In addition to the mandatory metadata attributes defined in SD-JWT header JOSE Parameters Table and SD-JWT Parameters Table, the following metadata attributes are REQUIRED for a PID:
date_of_expiry
sub (domestic extension)
iat
cnf
status
verification (domestic extension)
11.2.1.1. SD-JWT-VC PID Non-Normative Example¶
In the following, the non-normative example of the payload of a PID represented in JSON format.
{
"iss": "https://pidprovider.example.org",
"sub": "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs",
"iat": 1683000000,
"exp": 1883000000,
"issuing_authority": "PID Provider Organization",
"issuing_country": "IT",
"date_of_expiry": "2033-03-19",
"status": {
"status_list": {
"idx": 1234,
"uri": "https://pidprovider.example.org/status"
}
},
"vct": "urn:eudi:pid:it:1",
"vct#integrity": "55f5fe57f1e491d49f33672784528532d9d",
"verification": {
"trust_framework": "it_cie",
"assurance_level": "https://trust-anchor.example.it/loa/high"
},
"given_name": "Mario",
"family_name": "Rossi",
"birthdate": "1980-01-10",
"tax_id_code": "TINIT-XXXXXXXXXXXXXXXX",
"place_of_birth": {
"locality": "Roma"
},
"nationalities": [
"IT"
]
}
The corresponding SD-JWT version for PID is given by
{
"alg": "ES256",
"typ": "dc+sd-jwt",
"kid": "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw",
"x5c": [
"<Issuer X.509 Certificate>"
]
}
{
"_sd": [
"GHYjuGUthjtB4q4Oz_ZSGPmCokLOpv2kpFNzz1LfFUY",
"Jkbj8aLr-z2_c-HVxCbiw6YXFNHiyLSv1xGjN8lRogI",
"MWJufQz_DFWc9cR4yxq8XqmTZfglkg2D2Sxa3UFN4Qk",
"_C7hoKFt0kV190v2GXIwLUIiDbc_7LcyofQmgDfute8",
"tI5s2A_Ez6oZv6plZzUPjYAL-SJGiAUFyRbhzLsluGU",
"uIapUlDTKsB5wN7BF6xuBNTtl74gl5iCu_aQ5nj3YL8"
],
"exp": 1883000000,
"iss": "https://pidprovider.example.org",
"sub": "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs",
"iat": 1683000000,
"issuing_authority": "PID Provider Organization",
"issuing_country": "IT",
"date_of_expiry": "2033-03-19",
"status": {
"status_list": {
"idx": 1234,
"uri": "https://pidprovider.example.org/status"
}
},
"vct": "urn:eudi:pid:it:1",
"vct#integrity": "55f5fe57f1e491d49f33672784528532d9d",
"verification": {
"trust_framework": "it_cie",
"assurance_level": "https://trust-anchor.example.it/loa/high"
},
"_sd_alg": "sha-256",
"cnf": {
"jwk": {
"kty": "EC",
"crv": "P-256",
"x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc",
"y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ"
}
}
}
The disclosure list is presented below.
Claim given_name:
SHA-256 Hash:
Jkbj8aLr-z2_c-HVxCbiw6YXFNHiyLSv1xGjN8lRogIDisclosure:
WyJrZ2h0ZTVNRE5IYlFmZEpIcDg4cENBIiwgImdpdmVuX25hbWUiLCAiTWFyaW8iXQContents:
["kghte5MDNHbQfdJHp88pCA", "given_name", "Mario"]
Claim family_name:
SHA-256 Hash:
MWJufQz_DFWc9cR4yxq8XqmTZfglkg2D2Sxa3UFN4QkDisclosure:
WyJoWDFURXpfejg3N19YQXRyM0NPYVdnIiwgImZhbWlseV9uYW1lIiwgIlJvc3NpIl0Contents:
["hX1TEz_z877_XAtr3COaWg", "family_name", "Rossi"]
Claim birthdate:
SHA-256 Hash:
uIapUlDTKsB5wN7BF6xuBNTtl74gl5iCu_aQ5nj3YL8Disclosure:
WyJZV3RJMDZ4RGRDeXZUYWxjSW5URTNBIiwgImJpcnRoZGF0ZSIsICIxOTgwLTAxLTEwIl0Contents:
["YWtI06xDdCyvTalcInTE3A", "birthdate", "1980-01-10"]
Claim tax_id_code:
SHA-256 Hash:
_C7hoKFt0kV190v2GXIwLUIiDbc_7LcyofQmgDfute8Disclosure:
WyItejM0Y0oxZ0M1VUJQQ0l4OE9oTmlRIiwgInRheF9pZF9jb2RlIiwgIlRJTklULVhYWFhYWFhYWFhYWFhYWFgiXQContents:
["-z34cJ1gC5UBPCIx8OhNiQ", "tax_id_code","TINIT-XXXXXXXXXXXXXXXX"]
Claim place_of_birth:
SHA-256 Hash:
tI5s2A_Ez6oZv6plZzUPjYAL-SJGiAUFyRbhzLsluGUDisclosure:
WyJYY1hsUFZDcWpITnZlQkNubFZQWWdBIiwgInBsYWNlX29mX2JpcnRoIiwgeyJsb2NhbGl0eSI6ICJSb21hIn1dContents:
["XcXlPVCqjHNveBCnlVPYgA", "place_of_birth", {"locality":"Roma"}]
Claim nationalities:
SHA-256 Hash:
GHYjuGUthjtB4q4Oz_ZSGPmCokLOpv2kpFNzz1LfFUYDisclosure:
WyJLTmM1LUdrOUNRaF9UZEdicUJLSTdBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIklUIl1dContents:
["KNc5-Gk9CQh_TdGbqBKI7A", "nationalities", ["IT"]]
The combined format for the PID issuance is given by:
eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCIsICJraWQiOiAiZEI2N2dM
N2NrM1RGaUlBZjdONl83U0h2cWswTURZTUVRY29HR2xrVUFBdyIsICJ4NWMiOiBbIjxJ
c3N1ZXIgWC41MDkgQ2VydGlmaWNhdGU-Il19.eyJfc2QiOlsiR0hZanVHVXRoanRCNHE
0T3pfWlNHUG1Db2tMT3B2MmtwRk56ejFMZkZVWSIsIkprYmo4YUxyLXoyX2MtSFZ4Q2J
pdzZZWEZOSGl5TFN2MXhHak44bFJvZ0kiLCJNV0p1ZlF6X0RGV2M5Y1I0eXhxOFhxbVR
aZmdsa2cyRDJTeGEzVUZONFFrIiwiX0M3aG9LRnQwa1YxOTB2MkdYSXdMVUlpRGJjXzd
MY3lvZlFtZ0RmdXRlOCIsInRJNXMyQV9FejZvWnY2cGxaelVQallBTC1TSkdpQVVGeVJ
iaHpMc2x1R1UiLCJ1SWFwVWxEVEtzQjV3TjdCRjZ4dUJOVHRsNzRnbDVpQ3VfYVE1bmo
zWUw4Il0sImV4cCI6MTg4MzAwMDAwMCwiaXNzIjoiaHR0cHM6Ly9waWRwcm92aWRlci5
leGFtcGxlLm9yZyIsInN1YiI6Ik56YkxzWGg4dURDY2Q3bm9XWEZaQWZIa3hac1JHQzl
YcyIsImlhdCI6MTY4MzAwMDAwMCwiaXNzdWluZ19hdXRob3JpdHkiOiJQSUQgUHJvdml
kZXIgT3JnYW5pemF0aW9uIiwiaXNzdWluZ19jb3VudHJ5IjoiSVQiLCJkYXRlX29mX2V
4cGlyeSI6IjIwMzMtMDMtMTkiLCJzdGF0dXMiOnsic3RhdHVzX2xpc3QiOnsiaWR4Ijo
xMjM0LCJ1cmkiOiJodHRwczovL3BpZHByb3ZpZGVyLmV4YW1wbGUub3JnL3N0YXR1cyJ
9fSwidmN0IjoidXJuOmV1ZGk6cGlkOml0OjEiLCJ2Y3QjaW50ZWdyaXR5IjoiNTVmNWZ
lNTdmMWU0OTFkNDlmMzM2NzI3ODQ1Mjg1MzJkOWQiLCJ2ZXJpZmljYXRpb24iOnsidHJ
1c3RfZnJhbWV3b3JrIjoiaXRfY2llIiwiYXNzdXJhbmNlX2xldmVsIjoiaHR0cHM6Ly9
0cnVzdC1hbmNob3IuZXhhbXBsZS5pdC9sb2EvaGlnaCJ9LCJfc2RfYWxnIjoic2hhLTI
1NiIsImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJUQ0F
FUjE5WnZ1M09IRjRqNFc0dmZTVm9ISVAxSUxpbERsczd2Q2VHZW1jIiwieSI6Ilp4aml
XV2JaTVFHSFZXS1ZRNGhiU0lpcnNWZnVlY0NFNnQ0alQ5RjJIWlEifX19.v1sAwJ6Rft
l_Mt0qn2nlSghgCk1dDAx4ll4Upe01o_UAij5W9v9oiPhop5vCq4MKTmDGYoip7vbyPz
uxcvT67w~WyJrZ2h0ZTVNRE5IYlFmZEpIcDg4cENBIiwgImdpdmVuX25hbWUiLCAiTWF
yaW8iXQ~WyJoWDFURXpfejg3N19YQXRyM0NPYVdnIiwgImZhbWlseV9uYW1lIiwgIlJv
c3NpIl0~WyJZV3RJMDZ4RGRDeXZUYWxjSW5URTNBIiwgImJpcnRoZGF0ZSIsICIxOTgw
LTAxLTEwIl0~WyItejM0Y0oxZ0M1VUJQQ0l4OE9oTmlRIiwgInRheF9pZF9jb2RlIiwg
IlRJTklULVhYWFhYWFhYWFhYWFhYWFgiXQ~WyJYY1hsUFZDcWpITnZlQkNubFZQWWdBI
iwgInBsYWNlX29mX2JpcnRoIiwgeyJsb2NhbGl0eSI6ICJSb21hIn1d~WyJLTmM1LUdr
OUNRaF9UZEdicUJLSTdBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIklUIl1d~
11.2.2. PID Data Model in mdoc-CBOR Format¶
The PID in mdoc-CBOR format MUST use the docType eu.europa.ec.eudi.pid.1 in compliance with ARF HLR PID_04.
The PID attributes MUST be encoded as specified in Section 3 of the ARF PID Rulebook v1.3 [EIDAS-ARF] and organized in the following namespaces:
Standard ARF PID attributes: namespace
eu.europa.ec.eudi.pid.1Italian domestic extensions: namespace
eu.europa.ec.eudi.pid.it.1
According to EU_2024/2977 and Section 3 of the ARF PID Rulebook v1.3 [EIDAS-ARF], the PID in mdoc-CBOR format includes the following User Attributes:
elementIdentifier |
Description |
Namespace |
|---|---|---|
given_name |
REQUIRED. (tstr). Current First Name. |
|
family_name |
REQUIRED. (tstr). Current Family Name. |
|
birth_date |
REQUIRED. (full-date). Date of Birth. It MUST be encoded as full-date string according to RFC 8949. |
|
place_of_birth |
REQUIRED. (map). Place of Birth. At least one of |
|
nationality |
REQUIRED. (array of tstr). One or more Alpha-2 country codes as specified in ISO 3166-1. Encoded as CDDL type |
|
personal_administrative_number |
REQUIRED if |
|
tax_id_code |
REQUIRED if |
|
In addition to the mandatory metadata attributes defined in MobileSecurityObject Table and mdoc-CBOR Metadata Attributes Table, the following metadata attributes are REQUIRED for a PID:
Attribute |
Location |
|---|---|
expiry_date |
|
sub |
|
validityInfo.signed |
MobileSecurityObject |
verification |
|
status |
MobileSecurityObject (as defined in Section 6.3 of TOKEN-STATUS-LIST) |
Note
Key differences from SD-JWT encoding:
The ARF PID Rulebook v1.3 uses different claim names between SD-JWT and mdoc-CBOR formats:
mdoc uses
birth_date(notbirthdateas in SD-JWT)mdoc uses
expiry_date(notdate_of_expiryas in SD-JWT)mdoc uses
nationality(notnationalitiesas in SD-JWT). Note: both formats encode the value as an array of country codes.
See Section 3.1.1 (mdoc encoding) and Section 4.1.1 (SD-JWT encoding) of the ARF PID Rulebook v1.3 for the complete mapping.
11.2.2.1. mdoc-CBOR PID Non-Normative Example¶
A non-normative example of a PID in mdoc-CBOR format (diagnostic notation) is shown below:
{
"nameSpaces": {
"eu.europa.ec.eudi.pid.1": [
24(<<
{
"digestID": 1,
"random": h'E0B70BCEFBD43686F345C9ED429343AA',
"elementIdentifier": "expiry_date",
"elementValue": 1004("2024-02-22")
}
>>),
24(<<
{
"digestID": 2,
"random": h'960CB15A2EA9B68E5233CE902807AA95',
"elementIdentifier": "issuing_country",
"elementValue": "IT"
}
>>),
24(<<
{
"digestID": 3,
"random": h'9D3774BD5994CCFED248674B32A4F76A',
"elementIdentifier": "issuing_authority",
"elementValue": "Ministero dell'Interno"
}
>>),
24(<<
{
"digestID": 4,
"random": h'EB12193DC66C6174530CDC29B274381F',
"elementIdentifier": "given_name",
"elementValue": "Mario"
}
>>),
24(<<
{
"digestID": 5,
"random": h'DB143143538F3C8D41DC024F9CB25C9D',
"elementIdentifier": "family_name",
"elementValue": "Rossi"
}
>>),
24(<<
{
"digestID": 6,
"random": h'6059FF1CE27B4997B4ADE1DE7B01DC60',
"elementIdentifier": "birth_date",
"elementValue": 1004("1956-01-12")% the tag 1004 defines the value
is a full date
}
>>),
24(<<
{
"digestID": 7,
"random": h'FX8VVN1YN6NBH3CKYPJTNPJIVJ5KDMFA',
"elementIdentifier": "place_of_birth",
"elementValue": {"locality": "Roma"}
}
>>),
24(<<
{
"digestID": 8,
"random": h'RGLXZ5CHND8Y2UUMHXXMJWPCHNH9HVIX',
"elementIdentifier": "nationality",
"elementValue": ["IT"],
}
>>)
],
"eu.europa.ec.eudi.pid.it.1": [
24(<<
{
"digestID": 9,
"random": h'44DD0606C5F5FDD206H8C84H3F67F5HEEH',
"elementIdentifier": "sub",
"elementValue": "550e8400-e29b-41d4-a716-446655440000"
}
>>),
24(<<
{
"digestID": 10,
"random": h'22bb8384b3e3ebb084f6a62f1d45d3fccf',
"elementIdentifier": "tax_id_code",
"elementValue": "TINIT-RSSMRA56A12H501U"
}
>>),
24(<<
{
"digestID": 12,
"random": h'33cc9495c4f4fcc195g7b73g2e56e4gddg',
"elementIdentifier": "verification",
"elementValue": {
"trust_framework": "it_cie",
"assurance_level": "https://trust-anchor.example.it/loa/high",
}
}
>>)
]
},
"issuerAuth": [
<< {1: -7} >>, % protected header with the value alg:ES256
{
33: h'30820215308201BCA003020102021404AD30C…'% 33->X5chain:COSE X_509
},
<<
24(<<
{
"docType": "eu.europa.ec.eudi.pid.1",
"version": "1.0",
"validityInfo": {
"signed": 0("2023-02-22T06:23:56Z"),
"validFrom": 0("2023-02-22T06:23:56Z"),
"validUntil": 0("2024-02-22T00:00:00Z")
},
"valueDigests": {
"eu.europa.ec.eudi.pid.1": {
1: h'0F1571A97FFB799CC8FCDF2BA4FC2909929…',
2: h'E2382149255AE8E955AF9B8984395…',
3: h'BBC77E6CCA981A3AD0C3E544EDF86…',
4: h'AA5D5C57B6E7D88FC6F98895E4F67…',
5: h'BB6E6C68D1B4B4EC5A2AE9206F5t4…',
6: h'F8A5966E6DAC9970E0334D8F75E25…',
7: h'1F1A0F7CCDD79b29EB4B22F96F54F…',
8: h'1A0F7EEDB46B37AS4N22R96D83F3F…'
},
"eu.europa.ec.eudi.pid.it.1": {
9: h'C8FF5E58G89FCE97G45533CE3E4B…',
10: h'F9EE4D36F67DBD75E23311AC1C29…',
12: h'A2BC5E47G78ECD86F34422BD2D3A…'
}
},
"deviceKeyInfo": {
"deviceKey": {
1: 2, % kty:EC2 (Eliptic curves with x and y coordinate pairs)
-1: 1, % crv:p256
-2: h'B820963964E53AF064686DD9218303494A…', % x-coordiantes
-3: h'0A6DA0AF437E2943F1836F31C678D89298E9…'% y-ccordiantes
}
},
"status": {
"status_list": {
"idx": 0,
"uri": "https://issuer.example.org/statuslists/1"
}
},
"digestAlgorithm": "SHA-256"
}
>>)
>>,
h'1AD0D6A7313EFDC38FCD765852FA2BD43DEBF48BF5A580D'
]
}