In a traditional PKI environment, when a device generates a cryptographic key pair, a Certificate Signing Request (CSR) is sent to a Certificate Authority (CA). While the CSR proves the device sending the request possesses the private key, it tells CA nothing about how or where that key pair is stored.
The key could be securely locked inside a tamper-resistant Java Card, or a compromised smartphone, or it could be sitting in plain text on a compromised desktop computer. Key Attestation solves this problem. Key Attestation is a cryptographic mechanism where a secure hardware element (such as a Java Card, Secure Element, or TPM, TPE, etc.) proves (attests) to a Trust party such as CA/QTSP or an enterprise server that:
- The cryptographic key was generated inside a secure hardware
- The private key is non-exportable and cannot leave the hardware boundary
The demand for hardware-backed key attestation is surging due to a massive shift toward decentralized identity, remote provisioning, and stricter regulatory frameworks. Standards like OpenID for Verifiable Credential Issuance 1.0, started defining the concept of key attestation with use cases for present day.
At it’s core, Key attestation is a verifiable statement demonstrating the authenticity and specific security properties of a key and its storage environment. It is a cryptographic proof that tells the parties in identity ecosystem about the “backstory” of a cryptographic key.
When an end-user requests a sensitive credential (like a digital driver’s license or corporate access token), the Credential Issuer needs to evaluate the request against trust frameworks, regulatory laws, or internal policies. Use of Key Attestation is around the corner, but process to implement this across various industries and continents is going to be long.
The need
eIDAS 2.0 regulation mandates that member states does efforts to provide a digital identity wallet to their citizens, residents and businesses. To achieve a Level of Assurance (LoA) High, the wallets will ensure a sole control of end-user on their cryptographic keys. When an end-user requests a digital identity credential from an issuer, the issuer must verify that the wallet’s keys are bound to a certified wallet. Key attestation would be exact mechanism used to remotely verify this hardware compliance.
Widely adopted by enterprises, Passkeys rely completely on asymmetric cryptography. While standard passkeys can be synced via cloud accounts, high-security environments—such as banking and government services—often mandate Hardware-Bound Passkeys. To enforce this, service providers utilize FIDO Attestation to verify the exact make and model of the underlying security chip. This mechanism allows enterprise systems to automatically block authentication requests originating from software-only authenticators.
By utilizing standard formats like JWS (JSON Web Signatures), wallets and secure elements can pass this vital context back to the issuer, enabling high-assurance decisions in both citizen and corporate identities.
Key Attestation by Alauda Applet
Alauda Applet operates within the highly regulated, tamper-resistant environment of a mobile device’s pSIM or eSIM. At the moment, Alauda applet is used by millions of end-users. While standards dictate how attestations are formatted, Methics Alauda applet ensures how strongly those claims can be trusted.
Following the identity trends, our team has worked on to add a new feature to Alauda applets, i.e Key Attestation. Our Key Attestation feature provides verifiable, hardware-backed proof of the authenticity and integrity of the cryptographic keys it manages.
For every active key on the card, the applet can generate a signed attestation that confirms the key was securely generated, is protected within the SIM’s tamper-resistant environment, and remains under the control of the applet and the device.
Each attestation includes the public key of the key pair and is signed using a trusted attestation key anchored to the SIM, along with its corresponding attestation certificate. This enables relying parties to independently verify that the key is genuine, has not been exported or compromised, and is being used within a secure, hardware- backed environment.
As these Alauda applets are provided as part of our Local Signature Solution, or Unified Signature Solution utilizing Kiuru MSSP. MSSP provides a MReg interface (SOAP, RESTful and command-line) for retrieving key attestations and the corresponding attestation keys from the SIM card. It also maintains a repository of attestation key certificates, enabling the MSSP (run by service owner) to independently verify the origin and authenticity of each key.
The key attestation feature supports both centralized PKI and decentralized identity use cases by enabling trusted key binding for authentication, digital signatures, and credential issuance. It integrates seamlessly with mobile identity solutions, digital wallets, and secure signature creation workflows, ensuring that every transaction or credential operation can be backed by strong, device-level cryptographic assurance.
By providing attestation for each active key, the Alauda P38 Applet enhances transparency, strengthens trust, and enables high-assurance services such as qualified signatures, secure on-boarding, and regulatory-compliant identity verification. When the applet generates an attestation, it provides two specific, cryptographic proofs:
- Key Possession & Lineage: At the exact time of the attestation call, the applet possesses a user keypair whose public key matches the requested value. The key has not been exported and remains strictly under the device’s control.
- Authenticity of Origin: The applet proves its identity as the genuine Methics’ Alauda Applet. It does this using an internal attestation private key, backed by an attestation certificate signed by the trusted Methics Attestation CA.
Image below shows Alauda applet useage of KeyAttestation when APs/RPs can request for authenticity of the key.
Because the Alauda Applet provides an attestation for every active key, it serves as a bridge across the the digital identity landscape. To ensure this bridge, we have to ensure it is interoperable. If every secure element spoke a different language, credential issuers would face a nightmare of custom integrations, so Interoperability is crucial for key attestation. To communicate with Credential Issuers, attestations often utilize standard JWS Compact Serialization . When Kiuru MSSP decodes the payload generated in this ecosystem, it receives explicit cryptographic claims.
The Alauda P38 applet binary is built with instance specific attestation key pair. All SIM cards (pSIM, eSIM) built using a specific applet binary instance will have same attestation key pair. The attestation data is wrapped in CMS (PKCS#7) signature, and is signed by the applet internal attestation keypair. This keypair is of ECDSA type (signature size under 100 bytes).
As a global leader of Mobile ID services, Methics products are delivering tech for strong authentication not just in Finland but many countries across EMEA and APAC regions. Methics products are mature and used by over 6 million end-users. We support digital identity over a wide variety of authentication mechanisms and security assertions. Feel free to get in touch with us if you want to discuss the presented Mobile ID model, or use of mobile ID in eIDAS, eIDAS 2 and Digital Identity Wallets.
Publish Date: 12th June 2026
Written and Edited by: Ammar Bukhari & Jarmo Miettinen
References:
- OpenID for Verifiable Credential Issuance 1.0 , Sept 2025, Appendix Dhttps://openid.net/specs/openid-4-verifiable-credential-issuance-1_0.html#name-key-attestations
- Key Attestation examples: https://github.com/pkic/remote-key-attestation/blob/main/_index.md