Your Government ID Now Requires a Corporate Account

To get a government-issued digital ID, you first need to sign up with an American corporation. It sounds like a contradiction. It’s not — it’s just how Germany’s eIDAS-based digital wallet works. The most fundamental expression of state sovereignty — verifying who its citizens are — now runs on top of Apple and Google’s app stores.

Europe’s Big Identity Play

The EU’s eIDAS 2.0 regulation aims to put a digital identity wallet in every citizen’s hands. Driver’s licenses, medical records, university diplomas — all on your phone. Germany is building its own national ID app to comply.

The problem isn’t the ambition. It’s the plumbing. iOS and Android control over 99% of the smartphone OS market. To distribute the wallet app, you go through the App Store or Google Play. To install it, you need an Apple ID or a Google account. There is no alternative path.

The ID Paradox

A plastic ID card requires a trip to a government office. That’s it. No middleman, no terms of service, no corporate account. Digital ID changes the equation entirely.

The moment you install the app, you agree to Apple’s or Google’s terms — terms that change at their discretion. If your account gets suspended (maybe you disputed a charge, maybe an algorithm flagged you), your access to a government identity document could vanish with it.

Privacy advocates in Germany have been blunt: this structure violates the principle of universal access. A national ID should be available to every citizen without preconditions. Requiring membership in a private company’s ecosystem is a precondition, full stop.

Three Risks of App Store Dependency

Censorship risk. Apple and Google can pull any app from their stores, and government apps aren’t exempt. Russia forced Apple to remove VPN apps. Apple removed a protest app in Hong Kong at Beijing’s request. The precedent for politically motivated app removals is well established.

Technical lock-in. Core ID functions — NFC-based verification, secure enclave access, biometric authentication — are controlled at the OS level. For years, Apple restricted third-party NFC access on iOS, stalling digital ID projects across Europe. EU pressure eventually forced partial openness, but the platform owners still hold the keys.

Privacy exposure. App installation and usage patterns are visible to the platform. When you open your ID app, how often you use it, what triggers it — this metadata is difficult to fully shield from Apple and Google’s data collection infrastructure.

What Are the Alternatives

No perfect solution exists yet, but several paths are being explored.

Browser-based wallets. Skip the app entirely and run the digital wallet in a browser, leveraging the W3C’s Verifiable Credentials standard. The catch: Chrome dominates the browser market, so you’re potentially swapping one Google dependency for another.

Mandatory sideloading. The EU’s Digital Markets Act already requires Apple to allow sideloading. If government apps can be installed without an app store, the account dependency weakens. This is probably the most practical near-term fix, though sideloading introduces its own UX and security complications.

Open-source mobile OS support. Design the wallet to run on Linux-based mobile operating systems like PostmarketOS or GrapheneOS, creating a Big Tech-free path. Technically elegant. Practically marginal — these platforms have a user base measured in the tens of thousands, not hundreds of millions.

The Sovereignty Gap

The EU has spent the last decade building a regulatory fortress around digital sovereignty. GDPR for data. The DMA for market power. The AI Act for algorithms. An impressive stack of legislation designed to assert European independence from American tech giants.

And yet the most basic piece of government infrastructure — proving you are who you say you are — depends entirely on two companies headquartered in Cupertino and Mountain View. This isn’t a theoretical concern or a policy edge case. It’s the front door to every digital government service, and a private company holds the key.

This isn’t unique to Germany, either. Digital government IDs from South Korea to the UK sit on the same two platforms. We’ve normalized a dependency so total that it’s become invisible. Maybe it’s worth seeing it again clearly: the gateway to your government now has a corporate toll booth.