eIDAS 2: changes, opportunities and implications for digital ID wallets
Get the latest news right in your inbox
You have probably heard recently about eIDAS 2, or eIDAS2. This new proposal will set the regulatory and technical framework across Europe and beyond for digital identity.
eIDAS, approved in 2014, is today perceived as an international benchmark for its proposal in relation to digital identification and the standardization of trust services in the online environment. This European initiative defines how relationships take place in the digital environment and the processes and guidelines that must be followed for them to take place securely.
All European countries, and many others outside Europe, have successfully and purposefully transposed the regulatory and technical standards of the eIDAS (electronic IDentification, Authentication and trust Services) regulation into their national laws. At this point, we can say, without pinching our fingers, that Regulation (EU) 910/2014 has been a success.
Although eIDAS works correctly and has been a crucial step forward in terms of identity verification, electronic signature or certified deliveries, the current and future situation of mobile devices and user expectations are changing and complex. eIDAS 2, therefore, would answer these questions and others that are still on the table.
What is eIDAS 2?
eIDAS 2 is the proposal to update the current eIDAS, derived from a study by the European Commission that argues the reasons for taking a step forward in the adoption of digital identification of consumers and citizens.
Thus, on June 3, 2021, a new proposal for a European Regulation was published with the aim of amending eIDAS to establish a method whereby everyone can obtain a recognized digital identity in an even simpler way.
The proposal sets a target of 2030 for at least 80% of citizens to have an identification system that they can use to operate with administrations and companies remotely in complete security.
electronic IDentification, Authentication and trust Services 2, advancing around trust services
While Trust Services Providers are already offering companies simple, agile and secure electronic signature and identity verification solutions, eIDAS 2 proposes that these services be provided around the so-called EUid or e-ID.
This European Digital ID is intended to serve as a central hub for companies to verify their identity even more easily in multiple contexts. The creation of European Digital Identity Wallets will enable online and offline identification for online shopping, contracting products and services, opening a bank account, checking into a hotel or renting a car.
In this sense, it is yet to be defined whether companies will be obliged to identify users with this new system. The current system will have to transition and adapt to these new EDIW (European Digital Identity Wallets) using as a basis the technical standards already present in the current eIDAS.
Main changes concerning eIDAS
eIDAS sets the standards under which users and citizens must be identified to corroborate that they are who they say they are and that the person who is signing a document is the person who should be signing it. The most important step that eIDAS 2 wants to take is, therefore, the creation of a concrete digital identity that can be read by companies and institutions to confirm the user's identity.
Similarly, eIDAS 2 extends the current electronic trust services. Electronic ledgers will now be based on DLT technology, providing electronic archiving services and facilitating remote qualified electronic signature management. This new way of creating the registry will enhance the ability of companies to seal data against tampering and increase the electronic evidence available and provide it with more legitimacy.
The fact that this new technology is used would directly influence use cases as relevant for, for example, the financial and related industries such as data cross-referencing with decentralized sources and the attribution of digital assets in tokenization processes. Additionally, for any company, it would apply to business process records and audits of any kind.
The regulation of electronic archiving services, electronic attestation of attributes and electronic ledgers have been affected by eIDAS 2.
These electronic ledgers, created by qualified trusted service providers, are one of the main assets for eIDAS 2 to extend and consolidate what has already been achieved by eIDAS.
Check out the full eIDAS 2 proposal here on the European Commission website or let one of our experts give you a summary and analyze how it will affect you.
Simple, agile and official digital identity
eIDAS 2 proposes a change of model in which, instead of performing different identity verification processes, it would be performed only once, added to the digital wallet and used in any circumstance with total legitimacy and security. The new model would be based on the following aspects:
- A single, officialized European identity framework.
- The use of this system by the public and private sectors.
- The extension of this system to as many citizens as possible.
- That the attributes are linked to the exchange of identity data in an agile way.
- Provide a level playing field in the provision of trust services.
This opens up a world of unlimited opportunities and a global growth perspective for all sectors of the economy.
Opportunities for the private sector
While today anyone can be identified through the KYC (Know Your Customer) process to perform high-risk transactions remotely and fully online with security and absolute guarantees thanks to AML and eIDAS regulations, moving towards a model in which digital identification revolves around a wallet would further streamline this type of process.
The reading of the official digital identity would be the only step to be followed by companies when identifying a customer or requesting an electronic signature in a contracting process of any kind.
While it is already possible for any user to purchase or contract services from any company within the union if the company performs the required processes, thanks to eIDAS 2 this would be extended as companies will simply have to have the technology to read and identify the user's e-ID so that the user can then perform any type of remote operation.
All business sectors will benefit from the implementation of eIDAS 2, but especially those related to transportation, energy, banking, healthcare, telecommunications and online services.
eIDAS 2: implementation and effective dates
eIDAS 2 is expected to be approved at a date between January 2023 and the next Commission vote. The proposal is still under review and is open to modification and discussion.
According to the latest information, the project is evolving favourably and has been prioritized by the authorities, in addition to being supported by practically all the member states.
How to take advantage of eIDAS now to grow and expand your business
Throughout this article, we have explained the changes introduced by eIDAS 2, concluding that it paves the way and facilitates the processes for verifying the identity of users and exercising electronic signatures.
However, all this is now possible. Thanks to eIDAS, businesses can grow in the European market without additional investment; they simply need to readjust their processes to incorporate a previous step of identity verification and adequate electronic signature systems.
While you still cannot read a user's e-ID, you can count on a system offered by a partner to do this for you in seconds and without friction in the process, fully integrated with your systems and automated. This will allow you to operate with your customers both online and offline with the greatest guarantees, sign contracts, send certified communications, accept conditions or offer products and services.
Get the latest news right in your inbox
Trust, identity and automation services
KYC (Know Your Customer) Video Identity Verification, Digital Onboarding and Authentication (MFA/2FA) solutions and services enable our customers to provide their users with an agile and secure experience.
Our RPA (Robot Process Automation) software enables the creation of sustainable, scalable, productive and efficient business models through BPM (Business Process Management), allowing unlimited growth.
Advanced and Qualified Electronic Signature and Certified Communication services (Electronic Burofax) allow customer acquisition, contracting and acceptance processes that used to take days or weeks to be completed and approved in minutes or seconds.
Customer Onboarding (eKYC), Digital Signature (eSignature) services and Automated Fraud Prevention are making it possible for companies to operate online and without borders.
As an EU-certified Trust Services Provider and an established RegTech partner, we help organizations comply with the most demanding regulatory standards in their sector and region, including AML (Anti-Money Laundering), eIDAS (Electronic IDentification, Authentication and etrust Services), GDPR (General Data Protection Regulation), SCA (Strong Customer Authentication) or PSD2 (Payment Services Directive) regulations thanks to Tecalis Anti-Fraud Controls and Document Verification.