The Eidas2 In 2014, digital identity was regulated at the European level by the hand of the eiDAS Regulation. Being the European Digital Identity one of the priorities in the Digital Strategy of the European Commission, the proposed Regulation eiDAS2 was published on June 3, 2021, as a Framework for a European Digital Identity this Regulation has pre
The scope of this Regulation is attentive to the electronic identification systems notified by the Member States, the trust service providers established in the Union, and the European digital identity wallets. However, the attention is primarily intensive on the latter term.
Table of Contents
But What Is Meant By A European Digital Identity Wallet?
It is a product and a service that allows the user to store identity data, credentials, and other attributes linked to their person, use it for authentication purposes, whether online or offline, and create qualified electronic signatures and seals. In short, almost a digital equivalent to the physical wallet in which we carry our ID, driver’s license, bank cards, health cards, etc.
How Does It Work, And What Other Innovations Will The Eidas2 Bring?
The new eiDAS2 Regulation, unlike its predecessor, makes it mandatory for the Member States to issue a European digital wallet. eiDAS2 proposes deploying a network, Adidas, composed of nodes, eIDAS-Nodes, for each EU Member States, which may use both as Services Provider (SP) or Identity Provider (IdP) in the authentication processes for all types of public or private services.
When A Service Provide (SP) The Eidas2
Detects the access request from another Member State, it will issue an authentication request that the eiDAS protocol will route to the node of the country that will act as the identity provider (IdP).
The eiDAS2 protocol offers secure and cross-border communication between the nodes that make up the MIDAS network. Allowing the Member States to choose the internal authentication protocols used at the national level, thus not implying any change in the current federal infrastructure.
- Digital wallets must guarantee the highest level of security for personal data use for authentication purposes, regardless of whether said data is stored locally or using cloud solutions. Taking into account the different levels of risk.
- Each Member State will issue it. Following common guidelines and standards. Including cybersecurity requirements.
- The issuers of the wallets may not collect any information about their use, except for what is necessary to provide the identification service.
Likewise, This Text Includes.
As a novelty, when European digital identity wallets are affected by a security breach that may compromise their reliability or that of other wallets, the Member State must suspend the issuance of the affected wallets. Suppose this breach or violation cannot be revised within three months. This management must agree without prejudice to the existing notification obligations related to personal data security violations in regulations such as the RGPD.
How Does The European Digital Identity Wallet Benefit Us As Citizens?
- Standardization of a contrasted digital identity for public and private services.
- It will exist free of charge to anyone who wants to use it. EU citizens, residents, and Businesses.
- Users will identify with this instrument in both public and private services. Even the big online platforms should offer this possibility to those who want it. One example for which it could use, as a state by the European Commission itself, is opening a bank account. Applying for a loan or registering at a hotel.
- This is in line with one of the main objectives of the GDPR. The European digital identity wallet will allow users greater control over their data. In this sense, these users can choose which aspects of their identity, data, and certificates are shared with third parties, keeping abreast of all interactions and keeping or accessing a history of them.
And How Can Companies Benefit?
As the European Commission maintains. These legislative developments will boost innovation and digitize business procedures. Also, seeking confidence in cross-border transactions. On the other hand, consumers will continue to increase their trust in digital services.
Finally, the use of these types of identities will also help in the fight against fraud and cybersecurity threats such as phishing.
Next Steps
The text is still in the consultation and first reading phase. Therefore. It will still have to go through the procedures of the European legislative policy. And it will not see the light of day for the time being.
In short, and in line with what we mentioned in the first lines of this article. The European Commission continues to work on its digital strategy. Seeking a true transformation in this regard, opening up new opportunities for our companies and promoting the development of trusted technologies.
However, active work is also being done to find a balance between the rights and freedoms of European citizens. Their trust in digital services. Ethics. And protection in the use of their data.
At KPMG, we continue to prepare ourselves for all these legislative and technological developments by adapting and generating new methodologies and working documents to help our clients with the new obligations and opportunities that digital change will offer.
Also Read: What Is Foreign Trade And How Does It Work?