EU Commission wants a uniform proof of identity
A first draft for eIDAS 2.0 was prepared back in 2018 and has been continuously developed since then. The aim is to optimise the security and trustworthiness of digital identification and trust services in the EU and to create a uniform proof of identity.
eIDAS 2.0 – What is changing?In June 2021, the draft of eIDAS 2.0 was submitted to the European Commission and adopted.
- Fix vulnerabilities of the original version
- Extend trust services
- European ID Wallet
Weaknesses are to be remediedThe need to ensure consistent implementation of the regulation across all EU Member States is one of the biggest challenges of eIDAS 2.0. The initial implementation of eIDAS was different in the Member States. These inconsistencies resulted in inconsistencies and difficulties in using the eIDAS services. There is a lack of uniform regulations for trusted identification in the private sector, and the option to exchange digital proofs of identity. This is now to be improved.
Trust services are being expandedeIDAS 1.0 included electronic signatures, time stamps and seals. The next version of eIDAS will be extended to include more types of trust services. These include, for example, electronic registered mail and electronic certificates for authentication.
ID wallet: an important component of the new eIDAS RegulationThe digital wallet is designed to allow users to store and manage their digital identity in one place.
The idea behind it: fewer certificates and identification documents in different places – one software on the smartphone where everything is stored. Digital documents and proof of identity can be stored in the digital wallet. These can be used for identification in the future. It will be used not only in the administrative and banking sectors, but also in other use cases such as hotel bookings and age checks.
When should eIDAS 2.0 come into force?The new regulation should become legally binding in the second or third quarter of 2023. Meanwhile, it is said that the draft is still in the voting phase and will probably remain in draft status until the end of the year. By 2030, at least 80% of the EU population should have a digital identification system that allows them to interact securely with authorities and businesses across the EU from a distance.
What are the arguments in favour of the new regulation?The market is changing, digitalisation is advancing. Stricter security measures and uniform regulations are becoming increasingly important. These are good reasons for revising eIDAS. Both individuals and businesses need to be able to access standardised online services more easily and trade digitally.
What is criticised about the new eIDAS version?The ID wallet is heavily criticised by data protectionists. There are massive concerns as there are no safeguards against data misuse and targeted advertising. Moreover, it is not defined how long the existing data may be stored in the digital wallet.
IT security experts are worried because no security requirements have been defined. The “Digital Identity” study by IDnow confirms that more forgeries, targeted hacker attacks, identity abuses and surveillance by companies are feared as a result.