You have probably heard recently about eIDAS 2, or eIDAS2. This new proposal will set the regulatory and technical framework across Europe and beyond for digital identity.
eIDAS, approved in 2014, is today perceived as an international benchmark for its proposal in relation to digital identification and the standardization of trust services in the online environment. This European initiative defines how relationships take place in the digital environment and the processes and guidelines that must be followed for them to take place securely.
All European countries, and many others outside Europe, have successfully and purposefully transposed the regulatory and technical standards of the eIDAS (electronic IDentification, Authentication and trust Services) regulation into their national laws. At this point, we can say, without pinching our fingers, that Regulation (EU) 910/2014 has been a success.
Although eIDAS works correctly and has been a crucial step forward in terms of identity verification, electronic signature or certified deliveries, the current and future situation of mobile devices and user expectations are changing and complex. eIDAS 2, therefore, would answer these questions and others that are still on the table.
eIDAS 2 is the proposal to update the current eIDAS, derived from a study by the European Commission that argues the reasons for taking a step forward in the adoption of digital identification of consumers and citizens.
Thus, on June 3, 2021, a new proposal for a European Regulation was published with the aim of amending eIDAS to establish a method whereby everyone can obtain a recognized digital identity in an even simpler way.
The proposal sets a target of 2030 for at least 80% of citizens to have an identification system that they can use to operate with administrations and companies remotely in complete security.
While Trust Services Providers are already offering companies simple, agile and secure electronic signature and identity verification solutions, eIDAS 2 proposes that these services be provided around the so-called EUid or e-ID.
This European Digital ID is intended to serve as a central hub for companies to verify their identity even more easily in multiple contexts. The creation of European Digital Identity Wallets will enable online and offline identification for online shopping, contracting products and services, opening a bank account, checking into a hotel or renting a car.
In this sense, it is yet to be defined whether companies will be obliged to identify users with this new system. The current system will have to transition and adapt to these new EDIW (European Digital Identity Wallets) using as a basis the technical standards already present in the current eIDAS.
eIDAS sets the standards under which users and citizens must be identified to corroborate that they are who they say they are and that the person who is signing a document is the person who should be signing it. The most important step that eIDAS 2 wants to take is, therefore, the creation of a concrete digital identity that can be read by companies and institutions to confirm the user's identity.
Similarly, eIDAS 2 extends the current electronic trust services. Electronic ledgers will now be based on DLT technology, providing electronic archiving services and facilitating remote qualified electronic signature management. This new way of creating the registry will enhance the ability of companies to seal data against tampering and increase the electronic evidence available and provide it with more legitimacy.
The fact that this new technology is used would directly influence use cases as relevant for, for example, the financial and related industries such as data cross-referencing with decentralized sources and the attribution of digital assets in tokenization processes. Additionally, for any company, it would apply to business process records and audits of any kind.
The regulation of electronic archiving services, electronic attestation of attributes and electronic ledgers have been affected by eIDAS 2.
These electronic ledgers, created by qualified trusted service providers, are one of the main assets for eIDAS 2 to extend and consolidate what has already been achieved by eIDAS.
eIDAS 2 proposes a change of model in which, instead of performing different identity verification processes, it would be performed only once, added to the digital wallet and used in any circumstance with total legitimacy and security. The new model would be based on the following aspects:
This opens up a world of unlimited opportunities and a global growth perspective for all sectors of the economy.
While today anyone can be identified through the KYC (Know Your Customer) process to perform high-risk transactions remotely and fully online with security and absolute guarantees thanks to AML and eIDAS regulations, moving towards a model in which digital identification revolves around a wallet would further streamline this type of process.
The reading of the official digital identity would be the only step to be followed by companies when identifying a customer or requesting an electronic signature in a contracting process of any kind.
While it is already possible for any user to purchase or contract services from any company within the union if the company performs the required processes, thanks to eIDAS 2 this would be extended as companies will simply have to have the technology to read and identify the user's e-ID so that the user can then perform any type of remote operation.
All business sectors will benefit from the implementation of eIDAS 2, but especially those related to transportation, energy, banking, healthcare, telecommunications and online services.
eIDAS 2 is expected to be approved at a date between January 2023 and the next Commission vote. The proposal is still under review and is open to modification and discussion.
According to the latest information, the project is evolving favourably and has been prioritized by the authorities, in addition to being supported by practically all the member states.
Subscribe to the Tecalis Blog and stay up to date with all the RegTech news and updates.
Throughout this article, we have explained the changes introduced by eIDAS 2, concluding that it paves the way and facilitates the processes for verifying the identity of users and exercising electronic signatures.
However, all this is now possible. Thanks to eIDAS, businesses can grow in the European market without additional investment; they simply need to readjust their processes to incorporate a previous step of identity verification and adequate electronic signature systems.
While you still cannot read a user's e-ID, you can count on a system offered by a partner to do this for you in seconds and without friction in the process, fully integrated with your systems and automated. This will allow you to operate with your customers both online and offline with the greatest guarantees, sign contracts, send certified communications, accept conditions or offer products and services.