Runtime Application Self-Protection (RASP)

The implementation of the revised eIDAS regulation (electronic Identification, Authentication and Trust Services) requires the creation of a secure and user-friendly ecosystem. As a milestone for Europe's digital sovereignty, its core element is the European Digital Identity Wallet (EUDI Wallet), which serves as the regulation's central instrument. By the start of 2027, all EU citizens and residents should have access to a trustworthy, interoperable, and non-discriminatory digital wallet for identification, attribute attestations, electronic signatures, and more. The EUDI Wallet aims to simplify users' daily lives while enabling companies and administrations to benefit from faster, more secure, and more efficient digital processes. In Germany, the rollout of the EUDI Wallet is a joint effort by the Federal Ministry for Digital and State Modernization (BMDS) and SPRIN-D - the Federal Agency for Breakthrough Innovation. Since June 2023, the initiative has followed an open architecture and consultation process involving business, civil society, and science, with a focus on security, privacy, user-friendliness, and innovation. Germany"s dual strategy supports both a national EUDI Wallet as well as alternative EUDI Wallets. The roadmap includes a sandbox rollout of the identity (PID) function by the end of 2025 and further enhancements and production rollout throughout 2026. In this tender, the client is seeking a Runtime Application Self-Protection (RASP) solution to provide an additional layer of runtime security for its wallet applications on iOS and Android. The objective is to enhance protection against runtime threats, obfuscate the code and support privacy provisioning and telemetry. The scope covers the procurement and integration of the RASP solution with the described functionality.