The future of digital identity verification - eIDAS 2.0 - the digital identity wallet.
In this article, we explore the advantage for citizens, organisations and public authorities, and why Qualified Trust Services and Qualified Electronic Signatures and Seals become a necessity.
In the European Union, the government acts as the central authority responsible for securely storing personal identifying data and issuing physical ID documents, such as passports and European identity cards - a practice that we have been accustomed to for all of our lives.
An electronic identity (eID) serves as a digital means for individuals to verify their identity, granting them access to various services. eIDAS 2.0 introduces the EU Digital Wallet as the eID, which includes not only the PID (eID Scheme) but also additional attributes like (qualified) attestation of attributes, giving the control over its identity back to the user in a regulated approach. In so many words, the digital identity wallet is very much ‘user controlled’.
Citizens will be able to own and control without the intervening administrative authorities. This is known as Self-Sovereign Identity (SSI). SSI allows people to interact in the digital world with the same independence and capacity for trust as they do in the offline world. This is called “self-sovereign” identity because each person is now in control of their own identity.
This development necessitates the establishment of a secure, trusted, and efficient identification process that offers individuals and businesses a seamless experience when making purchases or enrolling, or utilizing services.
Electronic Attestation of Attributes - The Role of a Qualified Trust Service Provider
An attribute is a feature, characteristic, or quality of a natural or legal person or entity in electronic form. A Trust Service issues electronic attestation of attributes. When a Trust Service issues such an electronic attestation, it acts as a reliable and trusted third-party authority that vouches for the accuracy and validity of the information provided in the attestation.
Member States have a mandate to provide wallets with a 'High' level of assurance, indicating a strong confidence in an individual's claimed identity.
eIDAS 2.0 introduces qualified electronic attestation of attributes that means an electronic attestation of attributes must be issued by a qualified trust service provider and meets the requirements laid down in Annex V. This entails conducting identification and authentication processes with the utmost certainty to facilitate secure exchange of attestations and attributes, such as financial and educational credentials, driving licenses, passports and more.
To meet these requirements, the use of Qualified electronic signatures and seals becomes mandatory.
The Digital Identity Wallet allows users to store and manage their electronic identification and trust services, such as electronic signatures and certificates, in a single, convenient location, making it easier for users to access and use their data and certificates whenever necessary.
The EU Digital Identity Wallet Toolbox & Implementation Process
The first version of the EU Toolbox was published by the European Commission on 10. February 2023 and serves as the foundation for developing a prototype EU Digital Identity Wallet, which will undergo testing in several large-scale pilots as part of the Digital Programme. These pilots aim to address essential and high-priority use-cases for the Wallet, encompassing areas like the Mobile Driving Licence, eHealth, payments, and education/professional qualifications.
At the European level, three interconnected projects are currently underway:
- The first project is dedicated to creating an architecture reference framework, also referred to as the toolbox. This toolbox contains specifications for the wallet's development.
- The second project involves the actual implementation of a prototype for the wallet.
- The third project entails the launch of four large-scale pilots that will run for a period of two years. These pilots aim to explore various use cases. Among them, two consortia named EWC and NOBID will specifically focus on the payment use case. These consortia consist of multiple banks and major payment service providers who will investigate different options, such as whether the wallet should store payment credentials and share them with third parties, or if it should be responsible for authorizing payment requests.
The four large scale pilots can be located here.
Preparing for eIDAS 2.0
The eIDAS 2.0 proposal sets a target of 2030 for at least 80% of European citizens to have a digital identification system that they can use to operate remotely with administrations and businesses across the EU, in complete security.
In preparation for eIDAS 2.0, GlobalSign is a Qualified Trust Service Provider, offering the most comprehensive range of qualified solutions that meet eIDAS 2.0 standards.
To learn more about new eIDAS 2.0 innovations on the horizon and how digitalization is driving the adoption of electronic signature services in both the EU and UK, read GlobalSign's eBook.
Discover Qualified Trust Services from GlobalSign
If you are looking for a solution to meet the eIDAS regulation, the chances are that GlobalSign have one to suit your needs. Our Qualified Trust services are designed to offer enterprises a variety of solutions so why not talk to our team about your compliance needs today.