Posted 2nd December 2022
What will the new version of eIDAS cover compared to the 2014 version?
The European Commission proposed an update to its digital identity framework in June 2021, following on from an open consultation in 2020. This will enable every European citizen to have a set of digital identity credentials, recognisable anywhere in the EU.
Here we take a closer look at eIDAS, what it is, what its objectives are, and its evolution over time.
Electronic Identification, Authentication and Trust Services (eIDAS), is regulation on electronic identification and trust services that enables secure, cross border electronic transactions.
“Every time an App or website asks us to create a new digital identity or to easily log on via a big platform, we have no idea what happens to our data in reality. That is why the Commission will propose a secure European e-identity. One that we trust and that any citizen can use anywhere in Europe to do anything from paying your taxes to renting a bicycle. A technology where we can control ourselves what data is used and how.” – Ursula von der Leyen, President of the European Commission, in her State of the Union address, 16 September 2020
eIDAS regulation defines the identification schemes and authentication means that are required for a common electronic identity.
The eIDAS Regulation 2014 follows on from Directive 1999/93/EC, and extends the possibility of digital cooperation within the EU and the UK. This set a common definition of the levels of electronic signature in the European Union for the first time, as well as a principle of mutual recognition and acceptability of the electronic form.
The eIDAS framework is essential for a strong digital economy and the creation of a common digital space with the EU and UK.
The objective of eIDAS is to improve economic activity and business in the EU and the UK by helping companies, citizens and public authorities to conduct secure and transparent electronic interactions.
When it comes to electronic signatures, the eIDAS regulations:
In terms of electronic identification, the eIDAS regulation allows citizens and businesses to use their own national electronic identification systems (eID) to access public services available online in other EU countries, but these remain underutilised in a wider European economy.
Although eIDAS defines a clear common framework for the European digital space, it was necessary to amend this regulation in 2022, because the market is evolving. Digital services are growing rapidly, especially in sectors where maximum security is paramount, such as banking and insurance, as well as healthcare. In these instances a large number of services require high levels of assurance, both to subscribe to and to access them.
Although the eIDAS regulation already dealt with electronic identity, according to the World Bank less than 30% of the population is currently equipped with a sufficiently practical and secure electronic identity solution. Not all countries accept authentication on their public services when the means presented derives from an identity provided by a third country and it is clear that few offer adequate solutions today.
A second version of the eIDAS regulation is necessary to deal with new trust services, which were not present in the old regulation. For example, it is necessary to define qualified electronic archiving or to work on defining and managing electronic identity attribute certificates.
There is an evolving requirement to increase cooperation between the various services offered. The services must be easily set up, recognised and operable between one another to become a functioning digital ecosystem. There is also a need for a simpler connection between private and public services. The new version of the eIDAS regulation aims to facilitate this, as well as define additional services.
One of the objectives of eIDAS is to create the means for a unified and secure identification service in order to offer new authentication methods. To achieve this, the regulation offers a modular approach and adapts to the market by creating certification schemes specific to each of these services.
This approach encourages the development of a myriad of technical offers and will lead to them being made available to the citizen in a shorter time than in the past.
The main objective is to equip more than 80% of the European population with a digital wallet that will allow them to prove their identity and authenticate themselves on public services in all EU countries and the UK within three years, regardless of nationality.
The amended eIDAS regulation aims to cover the increase of authentication in all public services, and provide accessibility and connectivity to all European citizens, providing a strong digital economy.
It is anticipated that the new version of eIDAS will facilitate in future interoperability with other similar frameworks worldwide, creating access to global services, with high levels of security and assurance to all citizens.
E-Sign is a leading provider of digital transaction management solutions, supplying professional services including Electronic Signatures, Web Forms, ID Checker, Verification Tools, Personalised Emails, API and Payment Processing to businesses of all sizes across the UK.
To find out more about our E-Sign solutions and how they could transform your business, get in touch with us today.