> having a digital ID wallet, that this needs hardware attestation (or something comparable) is somewhat of a direct consequence of existing laws/regulations regarding making IDs forgery safe

How do you figure? Isn't just having the digital ID be signed by a key belonging to the issuer good enough for that?

I think they are saying the signed ID can be copied to another device. Unless such ID needs to have acces to some TPM that can be trusted, which likely requires then specific trusted hardware and software