11.2. PID Data Model¶
The Person Identification Data (PID) is issued by the PID Provider according to national laws and it MUST be provided in both SD-JWT VC and mdoc-CBOR data format.
Note
Transitional Phase:
During the transitional phase before full EUDIW operability, PID will be provided only in SD-JWT VC format.
The main scope of the PID is allowing natural persons to be authenticated for access to a service or to a protected resource. The PID MUST be provided according to data model requirements defined in EU_2024/2977 and Section 2 of the ARF PID Rulebook v1.3 [EIDAS-ARF], the User attributes provided within the Italian PID are the ones listed below:
Current Family Name
Current First Name
Date of Birth
Place of Birth
Nationality
User identification number across public Relying Party services (for example the taxpayer identification number)
In addition to the User attributes listed above, the PID includes also the following metadata attributes (EU_2024/2977 and Section 2 of the ARF PID Rulebook v1.3 [EIDAS-ARF]):
Issuing authority
Issuing country
Expiry Date
Validity status information
Identity and data proofing information
Some attributes, such as the taxpayer identification number and the identity and data proofing information, are provided as domestic extensions defined by the Italian IT-Wallet specification. It is NOT part of the ARF PID Rulebook (Annex 3.01, PID Rulebook v1.3), but is permitted under ARF requirement PID_06, which allows Member States to define additional domestic attributes beyond those specified in Commission Implementing Regulation (CIR) 2024/2977 (EU_2024/2977). In particular, the identity proofing information is REQUIRED for Italian PIDs to ensure:
The evaluation of User authentication method used.
The level of Assurance compliance of identity proofing during the enrollment process, according to the LoA defined by the eIDAS Regulation.
The auditability upon the User attributes verification processes.
Attributes that are domestic extensions MUST be included in the domestic namespaces that are defined in Section PID Data Model in SD-JWT VC Format and Section PID Data Model in mdoc-CBOR Format for SD-JWT VC and mdoc-CBOR PIDs respectively.
11.2.1. PID Data Model in SD-JWT VC Format¶
The SD-JWT VC PID defined in this specification MUST use the vct claim value set with urn:eudi:pid:it:1, according to the domestic PID extensions defined in the ARF PID Rulebook v1.3 (see also ARF HLR PID_14, Section 4.2, extending the base type urn:eudi:pid:).
Note
Transitional Phase:
During the transitional phase before full EUDIW operability, national implementations MAY use the vct value urn:it-wallet:pid:1. Upon reaching full EUDIW operability, all implementations MUST transition to the EUDI-compliant identifier urn:eudi:pid:it:1 specified above.
According to EU_2024/2977 and Section 4 of the ARF PID Rulebook v1.3 [EIDAS-ARF], the PID in SD-JWT VC format includes the following User Attributes:
Claim |
Description |
Reference |
|---|---|---|
given_name |
REQUIRED. String. Current First Name. |
Section 5.1 of OIDC and Commission Implementing Regulation EU_2024/2977 |
family_name |
REQUIRED. String. Current Family Name. |
Section 5.1 of OIDC and Commission Implementing Regulation EU_2024/2977 |
birthdate |
REQUIRED. String. Date of Birth. It MUST be set according to ISO8601-1 (YYYY-MM-DD format). |
Commission Implementing Regulation EU_2024/2977 |
place_of_birth |
REQUIRED. JSON Object. Place of Birth. At least one of country, region, locality MUST be present. |
Commission Implementing Regulation EU_2024/2977 |
nationalities |
REQUIRED. Array of strings. One or more alpha-2 country codes as specified in ISO 3166-1. |
Commission Implementing Regulation EU_2024/2977 |
personal_administrative_number |
REQUIRED if |
Commission Implementing Regulation EU_2024/2977 |
tax_id_code |
REQUIRED if |
Domestic extension |
All the User attributed listed above MUST be selectively disclosable. In addition to the mandatory metadata attributes defined in SD-JWT header JOSE Parameters Table and SD-JWT Parameters Table, the following metadata attributes are REQUIRED for a PID:
date_of_expiry
sub (domestic extension)
iat
cnf
status
verification (domestic extension)
11.2.1.1. SD-JWT-VC PID Non-Normative Example¶
In the following, the non-normative example of the payload of a PID represented in JSON format.
{
"iss": "https://pidprovider.example.org",
"sub": "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs",
"iat": 1683000000,
"exp": 1883000000,
"issuing_authority": "PID Provider Organization",
"issuing_country": "IT",
"date_of_expiry": "2033-03-19",
"status": {
"status_list": {
"idx": 1234,
"uri": "https://pidprovider.example.org/status"
}
},
"vct": "urn:eudi:pid:it:1",
"vct#integrity": "55f5fe57f1e491d49f33672784528532d9d",
"verification": {
"trust_framework": "it_cie",
"assurance_level": "high"
},
"given_name": "Mario",
"family_name": "Rossi",
"birthdate": "1980-01-10",
"tax_id_code": "TINIT-XXXXXXXXXXXXXXXX",
"place_of_birth": {
"locality": "Roma"
},
"nationalities": [
"IT"
]
}
The corresponding SD-JWT version for PID is given by
{
"alg": "ES256",
"typ": "dc+sd-jwt",
"kid": "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw",
"x5c": [
"<Issuer X.509 Certificate>"
]
}
{
"_sd": [
"GHYjuGUthjtB4q4Oz_ZSGPmCokLOpv2kpFNzz1LfFUY",
"Jkbj8aLr-z2_c-HVxCbiw6YXFNHiyLSv1xGjN8lRogI",
"MWJufQz_DFWc9cR4yxq8XqmTZfglkg2D2Sxa3UFN4Qk",
"_C7hoKFt0kV190v2GXIwLUIiDbc_7LcyofQmgDfute8",
"tI5s2A_Ez6oZv6plZzUPjYAL-SJGiAUFyRbhzLsluGU",
"uIapUlDTKsB5wN7BF6xuBNTtl74gl5iCu_aQ5nj3YL8"
],
"exp": 1883000000,
"iss": "https://pidprovider.example.org",
"sub": "NzbLsXh8uDCcd7noWXFZAfHkxZsRGC9Xs",
"iat": 1683000000,
"issuing_authority": "PID Provider Organization",
"issuing_country": "IT",
"date_of_expiry": "2033-03-19",
"status": {
"status_list": {
"idx": 1234,
"uri": "https://pidprovider.example.org/status"
}
},
"vct": "urn:eudi:pid:it:1",
"vct#integrity": "55f5fe57f1e491d49f33672784528532d9d",
"verification": {
"trust_framework": "it_cie",
"assurance_level": "high"
},
"_sd_alg": "sha-256",
"cnf": {
"jwk": {
"kty": "EC",
"crv": "P-256",
"x": "TCAER19Zvu3OHF4j4W4vfSVoHIP1ILilDls7vCeGemc",
"y": "ZxjiWWbZMQGHVWKVQ4hbSIirsVfuecCE6t4jT9F2HZQ"
}
}
}
The disclosure list is presented below.
Claim given_name:
SHA-256 Hash:
Jkbj8aLr-z2_c-HVxCbiw6YXFNHiyLSv1xGjN8lRogIDisclosure:
WyJrZ2h0ZTVNRE5IYlFmZEpIcDg4cENBIiwgImdpdmVuX25hbWUiLCAiTWFyaW8iXQContents:
["kghte5MDNHbQfdJHp88pCA", "given_name", "Mario"]
Claim family_name:
SHA-256 Hash:
MWJufQz_DFWc9cR4yxq8XqmTZfglkg2D2Sxa3UFN4QkDisclosure:
WyJoWDFURXpfejg3N19YQXRyM0NPYVdnIiwgImZhbWlseV9uYW1lIiwgIlJvc3NpIl0Contents:
["hX1TEz_z877_XAtr3COaWg", "family_name", "Rossi"]
Claim birthdate:
SHA-256 Hash:
uIapUlDTKsB5wN7BF6xuBNTtl74gl5iCu_aQ5nj3YL8Disclosure:
WyJZV3RJMDZ4RGRDeXZUYWxjSW5URTNBIiwgImJpcnRoZGF0ZSIsICIxOTgwLTAxLTEwIl0Contents:
["YWtI06xDdCyvTalcInTE3A", "birthdate", "1980-01-10"]
Claim tax_id_code:
SHA-256 Hash:
_C7hoKFt0kV190v2GXIwLUIiDbc_7LcyofQmgDfute8Disclosure:
WyItejM0Y0oxZ0M1VUJQQ0l4OE9oTmlRIiwgInRheF9pZF9jb2RlIiwgIlRJTklULVhYWFhYWFhYWFhYWFhYWFgiXQContents:
["-z34cJ1gC5UBPCIx8OhNiQ", "tax_id_code","TINIT-XXXXXXXXXXXXXXXX"]
Claim place_of_birth:
SHA-256 Hash:
tI5s2A_Ez6oZv6plZzUPjYAL-SJGiAUFyRbhzLsluGUDisclosure:
WyJYY1hsUFZDcWpITnZlQkNubFZQWWdBIiwgInBsYWNlX29mX2JpcnRoIiwgeyJsb2NhbGl0eSI6ICJSb21hIn1dContents:
["XcXlPVCqjHNveBCnlVPYgA", "place_of_birth", {"locality":"Roma"}]
Claim nationalities:
SHA-256 Hash:
GHYjuGUthjtB4q4Oz_ZSGPmCokLOpv2kpFNzz1LfFUYDisclosure:
WyJLTmM1LUdrOUNRaF9UZEdicUJLSTdBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIklUIl1dContents:
["KNc5-Gk9CQh_TdGbqBKI7A", "nationalities", ["IT"]]
The combined format for the PID issuance is given by:
eyJhbGciOiAiRVMyNTYiLCAidHlwIjogImRjK3NkLWp3dCIsICJraWQiOiAiZEI2N2dM
N2NrM1RGaUlBZjdONl83U0h2cWswTURZTUVRY29HR2xrVUFBdyIsICJ4NWMiOiBbIjxJ
c3N1ZXIgWC41MDkgQ2VydGlmaWNhdGU-Il19.eyJfc2QiOiBbIkdIWWp1R1V0aGp0QjR
xNE96X1pTR1BtQ29rTE9wdjJrcEZOenoxTGZGVVkiLCAiSmtiajhhTHItejJfYy1IVnh
DYml3NllYRk5IaXlMU3YxeEdqTjhsUm9nSSIsICJNV0p1ZlF6X0RGV2M5Y1I0eXhxOFh
xbVRaZmdsa2cyRDJTeGEzVUZONFFrIiwgIl9DN2hvS0Z0MGtWMTkwdjJHWEl3TFVJaUR
iY183TGN5b2ZRbWdEZnV0ZTgiLCAidEk1czJBX0V6Nm9adjZwbFp6VVBqWUFMLVNKR2l
BVUZ5UmJoekxzbHVHVSIsICJ1SWFwVWxEVEtzQjV3TjdCRjZ4dUJOVHRsNzRnbDVpQ3V
fYVE1bmozWUw4Il0sICJleHAiOiAxODgzMDAwMDAwLCAiaXNzIjogImh0dHBzOi8vcGl
kcHJvdmlkZXIuZXhhbXBsZS5vcmciLCAic3ViIjogIk56YkxzWGg4dURDY2Q3bm9XWEZ
aQWZIa3hac1JHQzlYcyIsICJpYXQiOiAxNjgzMDAwMDAwLCAiaXNzdWluZ19hdXRob3J
pdHkiOiAiUElEIFByb3ZpZGVyIE9yZ2FuaXphdGlvbiIsICJpc3N1aW5nX2NvdW50cnk
iOiAiSVQiLCAiZGF0ZV9vZl9leHBpcnkiOiAiMjAzMy0wMy0xOSIsICJzdGF0dXMiOiB
7InN0YXR1c19saXN0IjogeyJpZHgiOiAxMjM0LCAidXJpIjogImh0dHBzOi8vcGlkcHJ
vdmlkZXIuZXhhbXBsZS5vcmcvc3RhdHVzIn19LCAidmN0IjogInVybjpldWRpOnBpZDp
pdDoxIiwgInZjdCNpbnRlZ3JpdHkiOiAiNTVmNWZlNTdmMWU0OTFkNDlmMzM2NzI3ODQ
1Mjg1MzJkOWQiLCAidmVyaWZpY2F0aW9uIjogeyJ0cnVzdF9mcmFtZXdvcmsiOiAiaXR
fY2llIiwgImFzc3VyYW5jZV9sZXZlbCI6ICJoaWdoIn0sICJfc2RfYWxnIjogInNoYS0
yNTYiLCAiY25mIjogeyJqd2siOiB7Imt0eSI6ICJFQyIsICJjcnYiOiAiUC0yNTYiLCA
ieCI6ICJUQ0FFUjE5WnZ1M09IRjRqNFc0dmZTVm9ISVAxSUxpbERsczd2Q2VHZW1jIiw
gInkiOiAiWnhqaVdXYlpNUUdIVldLVlE0aGJTSWlyc1ZmdWVjQ0U2dDRqVDlGMkhaUSJ
9fX0.v1sAwJ6Rftl_Mt0qn2nlSghgCk1dDAx4ll4Upe01o_UAij5W9v9oiPhop5vCq4M
KTmDGYoip7vbyPzuxcvT67w~WyJrZ2h0ZTVNRE5IYlFmZEpIcDg4cENBIiwgImdpdmVu
X25hbWUiLCAiTWFyaW8iXQ~WyJoWDFURXpfejg3N19YQXRyM0NPYVdnIiwgImZhbWlse
V9uYW1lIiwgIlJvc3NpIl0~WyJZV3RJMDZ4RGRDeXZUYWxjSW5URTNBIiwgImJpcnRoZ
GF0ZSIsICIxOTgwLTAxLTEwIl0~WyItejM0Y0oxZ0M1VUJQQ0l4OE9oTmlRIiwgInRhe
F9pZF9jb2RlIiwgIlRJTklULVhYWFhYWFhYWFhYWFhYWFgiXQ~WyJYY1hsUFZDcWpITn
ZlQkNubFZQWWdBIiwgInBsYWNlX29mX2JpcnRoIiwgeyJsb2NhbGl0eSI6ICJSb21hIn
1d~WyJLTmM1LUdrOUNRaF9UZEdicUJLSTdBIiwgIm5hdGlvbmFsaXRpZXMiLCBbIklUI
l1d~
11.2.2. PID Data Model in mdoc-CBOR Format¶
The PID in mdoc-CBOR format MUST use the docType eu.europa.ec.eudi.pid.1 in compliance with ARF HLR PID_04.
The PID attributes MUST be encoded as specified in Section 3 of the ARF PID Rulebook v1.3 [EIDAS-ARF] and organized in the following namespaces:
Standard ARF PID attributes: namespace
eu.europa.ec.eudi.pid.1Italian domestic extensions: namespace
eu.europa.ec.eudi.pid.it.1
According to EU_2024/2977 and Section 3 of the ARF PID Rulebook v1.3 [EIDAS-ARF], the PID in mdoc-CBOR format includes the following User Attributes:
elementIdentifier |
Description |
Namespace |
|---|---|---|
given_name |
REQUIRED. (tstr). Current First Name. |
|
family_name |
REQUIRED. (tstr). Current Family Name. |
|
birth_date |
REQUIRED. (full-date). Date of Birth. It MUST be encoded as full-date string according to RFC 8949. |
|
place_of_birth |
REQUIRED. (map). Place of Birth. At least one of |
|
nationality |
REQUIRED. (array of tstr). One or more Alpha-2 country codes as specified in ISO 3166-1. Encoded as CDDL type |
|
personal_administrative_number |
REQUIRED if |
|
tax_id_code |
REQUIRED if |
|
In addition to the mandatory metadata attributes defined in MobileSecurityObject Table and mdoc-CBOR Metadata Attributes Table, the following metadata attributes are REQUIRED for a PID:
Attribute |
Location |
|---|---|
expiry_date |
|
sub |
|
validityInfo.signed |
MobileSecurityObject |
verification |
|
status |
MobileSecurityObject (as defined in Section 6.3 of TOKEN-STATUS-LIST) |
Note
Key differences from SD-JWT encoding:
The ARF PID Rulebook v1.3 uses different claim names between SD-JWT and mdoc-CBOR formats:
mdoc uses
birth_date(notbirthdateas in SD-JWT)mdoc uses
expiry_date(notdate_of_expiryas in SD-JWT)mdoc uses
nationality(notnationalitiesas in SD-JWT). Note: both formats encode the value as an array of country codes.
See Section 3.1.1 (mdoc encoding) and Section 4.1.1 (SD-JWT encoding) of the ARF PID Rulebook v1.3 for the complete mapping.
11.2.2.1. mdoc-CBOR PID Non-Normative Example¶
A non-normative example of a PID in mdoc-CBOR format (diagnostic notation) is shown below:
{
"nameSpaces": {
"eu.europa.ec.eudi.pid.1": [
24(<<
{
"digestID": 1,
"random": h'E0B70BCEFBD43686F345C9ED429343AA',
"elementIdentifier": "expiry_date",
"elementValue": 1004("2024-02-22")
}
>>),
24(<<
{
"digestID": 2,
"random": h'960CB15A2EA9B68E5233CE902807AA95',
"elementIdentifier": "issuing_country",
"elementValue": "IT"
}
>>),
24(<<
{
"digestID": 3,
"random": h'9D3774BD5994CCFED248674B32A4F76A',
"elementIdentifier": "issuing_authority",
"elementValue": "Ministero dell'Interno"
}
>>),
24(<<
{
"digestID": 4,
"random": h'EB12193DC66C6174530CDC29B274381F',
"elementIdentifier": "given_name",
"elementValue": "Mario"
}
>>),
24(<<
{
"digestID": 5,
"random": h'DB143143538F3C8D41DC024F9CB25C9D',
"elementIdentifier": "family_name",
"elementValue": "Rossi"
}
>>),
24(<<
{
"digestID": 6,
"random": h'6059FF1CE27B4997B4ADE1DE7B01DC60',
"elementIdentifier": "birth_date",
"elementValue": 1004("1956-01-12")% the tag 1004 defines the value
is a full date
}
>>),
24(<<
{
"digestID": 7,
"random": h'FX8VVN1YN6NBH3CKYPJTNPJIVJ5KDMFA',
"elementIdentifier": "place_of_birth",
"elementValue": {"locality": "Roma"}
}
>>),
24(<<
{
"digestID": 8,
"random": h'RGLXZ5CHND8Y2UUMHXXMJWPCHNH9HVIX',
"elementIdentifier": "nationality",
"elementValue": ["IT"],
}
>>)
],
"eu.europa.ec.eudi.pid.it.1": [
24(<<
{
"digestID": 9,
"random": h'44DD0606C5F5FDD206H8C84H3F67F5HEEH',
"elementIdentifier": "sub",
"elementValue": "550e8400-e29b-41d4-a716-446655440000"
}
>>),
24(<<
{
"digestID": 10,
"random": h'22bb8384b3e3ebb084f6a62f1d45d3fccf',
"elementIdentifier": "tax_id_code",
"elementValue": "TINIT-RSSMRA56A12H501U"
}
>>),
24(<<
{
"digestID": 12,
"random": h'33cc9495c4f4fcc195g7b73g2e56e4gddg',
"elementIdentifier": "verification",
"elementValue": {
"trust_framework": "it_cie",
"assurance_level": "high",
}
}
>>)
]
},
"issuerAuth": [
<< {1: -7} >>, % protected header with the value alg:ES256
{
33: h'30820215308201BCA003020102021404AD30C…'% 33->X5chain:COSE X_509
},
<<
24(<<
{
"docType": "eu.europa.ec.eudi.pid.1",
"version": "1.0",
"validityInfo": {
"signed": 0("2023-02-22T06:23:56Z"),
"validFrom": 0("2023-02-22T06:23:56Z"),
"validUntil": 0("2024-02-22T00:00:00Z")
},
"valueDigests": {
"eu.europa.ec.eudi.pid.1": {
1: h'0F1571A97FFB799CC8FCDF2BA4FC2909929…',
2: h'E2382149255AE8E955AF9B8984395…',
3: h'BBC77E6CCA981A3AD0C3E544EDF86…',
4: h'AA5D5C57B6E7D88FC6F98895E4F67…',
5: h'BB6E6C68D1B4B4EC5A2AE9206F5t4…',
6: h'F8A5966E6DAC9970E0334D8F75E25…',
7: h'1F1A0F7CCDD79b29EB4B22F96F54F…',
8: h'1A0F7EEDB46B37AS4N22R96D83F3F…'
},
"eu.europa.ec.eudi.pid.it.1": {
9: h'C8FF5E58G89FCE97G45533CE3E4B…',
10: h'F9EE4D36F67DBD75E23311AC1C29…',
12: h'A2BC5E47G78ECD86F34422BD2D3A…'
}
},
"deviceKeyInfo": {
"deviceKey": {
1: 2, % kty:EC2 (Eliptic curves with x and y coordinate pairs)
-1: 1, % crv:p256
-2: h'B820963964E53AF064686DD9218303494A…', % x-coordiantes
-3: h'0A6DA0AF437E2943F1836F31C678D89298E9…'% y-ccordiantes
}
},
"status": {
"status_list": {
"idx": 0,
"uri": "https://issuer.example.org/statuslists/1"
}
},
"digestAlgorithm": "SHA-256"
}
>>)
>>,
h'1AD0D6A7313EFDC38FCD765852FA2BD43DEBF48BF5A580D'
]
}