I'm not affiliated with the project, just curious.
So there's demo app in the eu-digital-identity-wallet/av-app-android-wallet-ui github repo, I believe this is what's being tested. This is obviously not an app for an end user, it looks more like a template, to be implemented / integrated on the national level.
There's also this controversial requirement for attestation / google play integrity / tpm on the device. That's not implemented in the demo app, in fact the twitter video linked in the article clearly shows security researcher launching a total commander android app with super user privileges.
IMO selling this as an "EU age verification app" by the commission is dishonest.
edit: so in the linked twitter thread, the security researcher is aware that this is demo app. So not only commission here is being dishonest...
I'm not affiliated with the project, just curious.
So there's demo app in the eu-digital-identity-wallet/av-app-android-wallet-ui github repo, I believe this is what's being tested. This is obviously not an app for an end user, it looks more like a template, to be implemented / integrated on the national level.
There's also this controversial requirement for attestation / google play integrity / tpm on the device. That's not implemented in the demo app, in fact the twitter video linked in the article clearly shows security researcher launching a total commander android app with super user privileges.
IMO selling this as an "EU age verification app" by the commission is dishonest.
edit: so in the linked twitter thread, the security researcher is aware that this is demo app. So not only commission here is being dishonest...