European governments are rolling out digital identity wallets, which are to be used by citizens to access services, and to verify their age online. There is a serious problem with this: these wallets rely on safety services of Google and Apple. These are known as Google Play Integrity API, and Apple’s Managed Device Attestation1. Such safety services (known as “remote attestation”) are used to ensure that wallet apps run on hardware that is not tampered with. By embedding these safety services in public infrastructure, Europe risks making society dependent on private companies while serving their corporate interests.
Here is the problem:
Google’s Play Integrity API is not just a security feature: it is reinforcing Google’s control over the Android ecosystem.
Google’s Play Integrity API is an instructive case for how big tech platform companies accrue power. The API is a free piece of software that Google gifts to developers to help with their app development. It allows developers to check whether an app is running on a “genuine certified Android device” to test the integrity of a mobile device. This can help developers reduce abuse by bots, fraud in banking apps, or cheating in game apps.
But in doing so, it also checks whether a device is running a Google-licensed version of Android and treats unlicensed alternatives as a potential security risk. When Google verifies whether an app has been tampered with, it uses the Google Play Store as the source of truth, checking both whether the app has been modified and whether it was installed through the Play Store. As a result, Google’s safety service is designed to exclude operating systems that are not licensed by Google, encourage installation through the Google Play Store, and require users to sign in with a Google account. This is a clear violation of the Digital Market Act (DMA).
We do have a choice. A more open alternative to Google Play Integrity exists but is being ignored: Android's Hardware Attestation API. It provides hardware-based security checks but without enforcing Google’s ecosystem policy.
Governments are cementing a monopoly they claim to oppose
The EU often states that it wants to break the big tech monopoly. Yet, European member states risk reinforcing Google's ecosystem when they embed the Google Play Integrity API into their digital ID wallet architecture. For example, wallet developers in the Netherlands and Italy have implemented Play Integrity. As a result, users of de-Googled operating systems such as e/OS and GrapheneOS can be excluded from accessing these services.
In this way, governments effectively become enforcers of a private company's platform policies. This stands in tension with Europe's ambition to build digital public infrastructure based on public values such as openness, inclusiveness, and technological sovereignty. Users who want the autonomy to use operating systems without pre-installed Google software, Google trackers, and built-in LLMs, are forced to use Google software, if they want to use the wallet. And here, they will not have a choice.
ID wallets are public infrastructure to access critical public services. They should remain interoperable across different devices and operating systems, free from vendor lock-in.
ID wallets are not just any kind of software – they are key means to access government documents and manage logins to public services. Therefore, they are often seen as crucial building blocks of digital public infrastructure. They are a crucial service that has to be available to anyone - independently of Google and Apple. Because the consequence is that alternative de-Googled operating systems are much less attractive to adopt if users cannot use crucial apps like identity wallets to log into government services. Government developers therefore have to consider deeper stack levels when optimizing interoperability. Since Play Integrity API clearly violates the Digital Markets Act, it also contradicts the goals of ID wallets to advance European souvereignty.
European member states lack a unified approach to implement wallets
Part of the problem lies in the governance of the wallet design process. The EU provides a general technical framework for the wallet architecture, the Architecture Reference Framework. While it does not require European governments to use Google attestation, it does recommend it. This leads to an incoherent European stance towards Google, with some countries not using it, while others enforce Google’s ecosystem.
Some member states, such as Italy, have interpreted the EU’s recommendation to use the Play Integrity API as mandatory. Others, like Switzerland rely on Android’s attestation mechanism. They dropped Play Integrity due to data protection, data sovereignty, and freedom-of-choice concerns. The Netherlands and Italy use Play Integrity unconditionally. By doing so, they interpret the EU’s recommendations for using Google’s and Apple’s attestation software in very strict terms.
If Europe is serious about digital autonomy, it should rule out Google and Apple attestation entirely from the Architecture Reference Framework and mandate open, hardware-based attestation mechanisms. Countries like Switzerland demonstrate that using Google Play Integrity is not justified, and that other solutions are available.
Public infrastructure demands public accountability, and there are ways to act
Because digital wallets are public infrastructure, their design must be subject to public participation and accountability. The problems and contradictions explained above deserve a public debate. Citizens and developers are raising concerns on national repositories — including Germany's public wallet development tracker (gitlab.opencode.de) and Switzerland's open discussion forum (github.com/orgs/swiyu-admin-ch). These are legitimate channels, but they reach only a narrow technical audience.
If you are an expert working on this topic who wants to promote change, get in touch.
What you can do:
- If you are a user of alternative, de-Googled operating systems, contact the developers of your country's EUDI Wallet app and demand independence from Google and Apple attestation (for the Dutch wallet, go to the contact page of the Ministry of Foreign Affairs' EDI website)
- If you are a concerned citizen, contact your elected representatives to demand making ID wallets independent from Google and Apple.
- If you are a journalist: follow the political and design process. Like the recent Dutch Solvinity case, this story deserves ongoing and wide coverage because it may be a watershed moment to cement Google’s and Apple’s power position, or not. See the EUDI Wallet webpage on developer.overheid.nl for development updates and repositories, and check out the EDI website of the Dutch Ministry of Foreign Affairs for meetups and contact details.
Notes
- In this article, we focus on Google’s Play Integrity API. We do so because it has an impact on the use of alternative operating systems based on Android.
