What is the eIDAS Regulation?
The eIDAS Regulation (EU) 910/2014 is an important EU’s act that was promulgated in order to give all citizens and users (like companies) access to highly secure and trustworthy digital services, based on electronic identification and trust services for electronic transactions in the internal market within the European Union area, thus involving all member States.
This is surely a key element that allowed EU to grow and build an inner interconnection among the States, operating on the same level for what concerns these topics. But eIDAS Regulation is also on a relevant and needed revision, with the goal to increase interoperability and integration among the different digital ID services applied in the European countries taking one step further to the creation of what is called an European Digital Identity to interconnect all the users into a wide open and unified digital market including public and private services, citizens assistance and transactions.
Electronic Identification, Authentication and trust Services or eIDAS Regulation revolves around specific and interesting issues, especially:
- Electronic identification;
- User authentication;
- Electronic interactions.
No.1: eIDAS Regulation and the European digital identity
In a previous article we already wrote about the European digital identity and how it could be developed through a “wallet”, so a system that gives the opportunity to store and use digital identity data for accessing public and private services, both online and offline and on the entire European Union territory.
The European Digital Identity provides a very concrete benefit for all the users, which is the possibility to make everyone’s personal national eID recognised all over Europe as a valid document to access services.
This means that personal IDs serve as a method to authenticate people and businesses in a large and shared European digital market concerning:
- Public services, like requesting personal certificates, medical certificates or official communications (e.g. change of main address);
- Applying for universities or jobs and other educational or work organisations;
- Opening a bank or insurance account in another EU country;
- Storing medical prescriptions and data which can be used all over Europe;
- Renting cars through a digital version of a driving license, checking in to hotels and many other private services.
Moreover, one of its most relevant principles refers to give full control to users to choose which aspects of their identity, data and certificates they want to share with third parties.
The EU Commission published some interesting data to better understand the whole phenomenon related to eIDAS Regulation and EU digital identities:
- Only 60% of European citizens actually know how to use their digital ID cross-borders in the EU area;
- Only 14% of public services providers are actually able to allow cross-border authentication for personal identities;
- About 63% of European citizens would like to have a secure single eID to process all online procedures, while 72% would like to know how personal data are stored and processed by Internet platforms like websites and social media.
No.2: the main eIDAS Regulation tools and trust services
Clearly, what concerns eIDAS Regulation directly affects the largest phenomenon related to the digital transformation occurring all over the society and involving citizens, companies and governments in brand new issues to regulate.
Specifically, with the introduction of an unified European digital space and market the two main keywords to stand by are interoperability and transparency. But, to make the digital transition possible all over Europe, it’s required to focus on two main processes:
- Dematerialisation, which firstly replaces physical documents, signatures and verifications with computerised ones, for example the creation and signing of contracts only via exchange of digital files;
- Digitisation , on the other hand, overcomes all of this marking efficiency and trust in the making of official documents starting right from the method of creation, which must be structured, secure and reliable; an example is the electronic invoice, which provides a proof that the document was produced and accurately sent and stored.
Nowadays there are several tools and trust services that users can adopt:
- Electronic ID refers to the basic tool that represents the national eID card of every citizen which allows to be recognised and get authentication to access EU services;
- Electronic signature refers to data in electronic form which is attached or associated with other electronic data and used to legally sign a document;
- Electronic timestamp refers to data in electronic form which binds other data to a particular time establishing evidence that the latter ones already existed;
- Electronic seal refers to data in electronic form which are attached or associated with other electronic data to ensure the latter’s origin and integrity;
- Electronic delivery refers to services to transmit data between third parties by electronic means, providing evidence relating to the handling, sending and receiving of the data, and providing protection against the risk of loss, theft, damage or any unauthorised alterations;
- Websites authentication refers to a certificate that makes possible to identity the legal property, reliability and quality of a website.
However, the revision of eIDAS Regulation is adding more fiduciary services, like:
- Electronic archiving;
- Electronic signature-capture devices;
- Electronic ledger (blockchain);
- Electronic attributes and certifications (digital wallet).
No.3: the advantages of cross-borders digital trust services
Let’s check the advantages for both citizens and companies that these tools give:
- eID helps citizens to access many public and private services all over Europe simply with their ID card, whereas companies can see this as an opportunity to expand trust and activity cross-border in the European area;
- eSignature helps citizens to legally and digitally sign documents, whereas companies can save time and simplify specific documental processes;
- eTimestamp helps citizens to prove they bought something on a specific time, for example a ticket for a concert or flight, whereas companies could enhance the efficiency of accountability and document tracking;
- eSeal helps citizens to guarantee that their digital purchases, for example tickets, are authentic, whereas companies can use this technology as a tool to verify the origin of official documents;
- eDelivery helps citizens to guarantee that contents they send safely gets to destination, for example a certified email, whereas companies can reduce time and costs related to documents exchange leveraging on trust, efficiency and tracking;
- Websites authentications help citizens to learn that they’re surfing on secure and trustworthy websites or apps, whereas for companies it indeed represents a great trust proof to leverage on to protect reputation and data.