Select Page

What is eIDAS2 and what changes from eIDAS?

by | Digital Signature

On 23 July 2014, the European Parliament and the Council of the European Union approved the entry into force of the eIDAS regulation on electronic identification and trust services for electronic transactions in Europe. eIDAS2 is a comprehensive framework established by the European Union whose aim is to facilitate secure and seamless digital interactions across EU Member states. 

eIDAS established a necessary framework to enable mutually recognised electronic identification and signature services in the different Member States from September 2018, the year in which the obligation of mutual recognition of electronic identities among the countries of the European Union (EU) came into force.

In recent years, this regulation has allowed different online public bodies and services in the EU to use electronic identification. It is because eIDAS provides legal coverage to provide trust services, implement identification services, digital certificates, and electronic signatures, and enable remote identification by video to solve the problem of face-to-face identity verification

You can download our guide on eIDAS here

Nevertheless, despite the undeniable progress that the implementation of this regulation has meant for individuals and businesses, only 14 Member states have notified at least one electronic identity system, and only 59% of EU residents have access to reliable and secure cross-border electronic identity systems, implies limited cross-border access of the different electronic identities and limited implementation in the public sector, where it has not been possible to implement a single cross-border electronic identity system.

What does eIDAS2 entail?

eIDAS2 (electronic IDentification, Authentication, and trust Services 2) is a new proposal published on 3 June 2021 that arises from a study by the European Commission to evolve eIDAS and respond to the shortcomings of the current regulation as well as its low implementation in the public sector.

To this end, it is proposed to create a framework based on updating and revising the current regulation to offer a single European Digital Identity. It will be adopted by a large majority of citizens and enable us to carry out any procedure, both at a public and private level, with greater security and control of the information by citizens.

pin eIDAS2 has set the objective of increasing the current adoption rate by citizens from 59% to 80% by the year 2030, and we all have a new European Digital Identity that will allow us to perform procedures and processes between companies and with the public administration with greater security and simplicity.

What are the main differences or changes between eIDAS and eIDAS2?

In addition to defining the different types of electronic signatures, eIDAS also regulates the services of:

  • Trust services such as time stamping.
  • Certified email services.
  • The creation, verification, and validation of certificates for website authentication.
  • Electronic documents.
  • Identification and authentication mechanisms, their levels, and their interoperability between Member states.

But eIDAS does not cover the provision of electronic attributes, such as medical certificates or professional qualifications, making the legal recognition of these electronic credentials complicated at the European level. Furthermore, it does not enable user control of the data exchanged in the verification process.

European Digital Identity. EUid or e-ID

eIDAS2 goes one step further by proposing the creation of a European digital identity controlled by citizens through a European Digital Identity Wallet (EDIW) that can be read by public bodies, companies, and institutions to verify the identity of citizens.

Providing this European digital identity will require very high levels of security in all aspects, and the necessary infrastructure to collect, store, and exchange digital identity data.

More security with eIDAS2

Security is a core aspect that is strengthened by the new eIDAS2 proposal, both from the perspective of citizens doing online transactions and businesses offering their services online, as they can rely on any citizen’s European digital identity.

The proposal also affects issuers of European digital identity solutions by providing a unified technical architecture, reference framework, and standards to be developed in cooperation with Member states, which aim to avoid fragmentation. Users can use a reinforced ecosystem of digital identity and trust services recognised and accepted throughout the EU.

Website authentication

eIDAS2 proposes to enforce browsers to accept Qualified Website Authentication Certificates (QWAC), ensuring that users can identify who is behind a given website.

Trusted services

eIDAS2, in turn, extends the currently existing list of trust services to include the provision of electronic archiving services, electronic ledgers, the management of remote electronic signature devices, and the creation of electronic stamps.

eIDAS2 main goals

The eIDAS2 main goal is to ensure the correct European market running by providing an accurate level of security of electronic identification means and trust services

Here are other objectives:

  • Increasing citizens’ trust in qualified website authentication certificates and benefiting from the secure and reliable information they provide about who is behind a given web page would reduce fraud.
  • Providing access to reliable and secure digital identity solutions that can be used across borders, meeting user expectations and market demand.
  • Ensuring that public and private services can rely on trusted and secure digital identity solutions across borders.
  • Providing citizens with complete data control and ensuring their security when using digital identity solutions.
  • Ensuring the same conditions for providing qualified trust services in the EU and their acceptance.

 

When does eIDAS2 enter into force? Roadmap

Although eIDAS2 does not yet have an expected date of approval, it will likely be approved in 2023, as it is still been debated and studied by the Commission to incorporate possible modifications and improvements.

 

eIDAS2 use cases and applications in public and private sectors

eIDAS enables European citizens to be identified remotely in online purchasing or contracting processes through digital onboarding solutions. eIDAS 2 would make the implementation of verification processes in any industry easier by simply relying on the technology that reads the e-ID of citizens through their wallets.

These eWallets will allow their holders to identify themselves with their mobile phones, not only for online processes but also for face-to-face (offline) processes for accessing public and private services.

In addition, it will be possible to access administrative information and citizen data held by councils, consult records, health profiles, and tax, banking, or university information.

Some examples of processes that could be performed under the wallet holder’s control within the private industry at the European level include:

  • Open a bank account in any EU Member state with the wallet issued in my country.
  • In the case of healthcare needs in another European country, the healthcare profile could be accessed via the European digital identity. It could also integrate information such as Digital Covid Certificate.
  • Rent a car using the e-ID of a different Member state than the rental company.
  • Share financial data between banks located in different Member states (income, credit rating, etc.).

    How can Mobbeel help you?

    eIDAS2 offers a future full of possibilities enabling citizens to operate on the internet with increased reliability by having a more robust digital identity

    How a digital identity is associated with a real one or what happens if a user loses or is robbed of the mobile phone where their electronic wallet is installed are questions that technologies such as those offered by Mobbeel can answer.

    Suppose your issues with verifying the identity of your customers are already a reality today. In that case, we have the technology necessary to register a new customer with full guarantees, sign any contractual document through our biometric signature solution, or even authenticate them whenever necessary with fingerprint, voice, signature or facial recognition.

    Do you want to find out how we can help you identify your customers when they register on your platform or every time they access it? Feel free to contact us; we will tell you in detail.

    SUCCESS STORY

    Discover Banco Agrícola’s identity verification

    Experience digital onboarding through a real-life case at one of the leading financial companies in El Salvador.

    This project has set a national precedent and has been replicated by numerous entities.

    DOSIER PRODUCTO

    Descubre nuestra solución de verificación de identidad

    Verifica la identidad de tus clientes en segundos a través del escaneo y validación de documentos de identidad y matching biométrico facial con prueba de vida.