This is a very, VERY stereotypical Tech Product Manager viewpoint: "N% of users are hard to support edge cases, so we should exclude them." You see this justification everywhere in business. "We'll drop support for [old OS] once it gets to 1% of our user base." "Only 1% of our users have non-Latin characters in their usernames so it's OK to not support that." "1% of our users are on 3G or slower Internet connections, so we don't have to consider them in our performance metrics."

It's a pragmatic, profit-oriented point of view, but not one that makes sense when your mission is to be inclusive of everyone.

This is an unfair and a straw man argument, is it not? Are you also unhappy that in a democracy the 51% choose how the other 49% are going to be governed?

Why device attestation is required is quite well explained by this github comment [0]. I am in the industry and I agree fully with it, because it is a fact a problem for most smart phone users in terms of security.

0 - https://github.com/eu-digital-identity-wallet/eudi-app-andro...