04-13-2026 
|
Getting your Trinity Audio player ready...
|
Digital identity is an emerging trend in the global digital transformation landscape. However, scammers are reportedly exploiting Austrian digital ID certificates that are set to expire this year. Meanwhile, an EU agency has initiated a public consultation on a draft cybersecurity scheme for digital IDs.
ENISA invited public feedback for European Digital Identity
The European Union Agency for Cybersecurity (ENISA) is calling for a public consultation on a draft cybersecurity certification plan for European Digital Identity Wallets (EUDIW) and electronic identity schemes.
Under the proposal published on March 31, ENISA has established an Ad Hoc Working Group to develop the candidate scheme as part of its European Cybersecurity Certification Framework. The draft certification will serve as a basis for public review, which aims to “validate the principles and general organization of the proposed scheme, and to gather feedback on the proposed elements of the draft candidate scheme and on its annexes.” The draft follows the document, “Wallet-Related Service Provider Security Requirements,” v0.5.614.
The public review is currently open and will close on April 30. In this context, ENISA has organized a webinar on April 8 to provide information about the EUDIW.
Earlier in February, ENISA signed a two-year agreement worth 1.6 million euros ($1.8 million) to support the national EUDI Wallet certification schemes across EU member states.
Scammers are exploiting 300K Austrian digital ID certificates
In other news, around 300,000 digital ID certificates due to expire are being targeted by scammers in Austria, a local news outlet reported on April 4.
According to the State Criminal Police Office, fraudulent text messages have been circulating in Austria, urging recipients to update their digital ID registrations. Perpetrators then use these messages to gain access to the victims’ bank accounts. The police reported that two cases involved losses reaching five figures, and three additional cases involved fraudulent SMS messages sent during the activation of digital IDs.
Users are instructed to click a link that leads to a “deceptively realistic phishing page,” said press spokesman Fabian Marchetti. Once they have added their personal data, the victims are known to be contacted by phone. “During the call, they attempt to persuade the victims to install remote access software,” Marchetti explains.
In Vorarlberg, a state in western Austria, about 10,000 accounts are expected to expire in the coming months. The police informed that, when using services such as FinanzOnline (the Austrian online tax portal), users’ digital signatures must be renewed on time; otherwise, residents must make an appointment at their district administrative office.
The police have announced that users will receive notifications only via email or apps. They advise them to carefully check any emails or text messages that request the conversion or renewal of their digital IDs. As per the police’s advice, if they are unsure about a message, they should verify its authenticity with the sender.
“Under no circumstances should remote access to your computer be granted,” Marchetti warned.
Watch: Digital identity is a core part of Web3—here’s why
Recommended for you
