Examination Of The Eidas2 Rule: New European Digital Identity Framework

The Eidas2 In 2014, digital identity was regulated at the European level by the hand of the eiDAS Regulation. Being the European Digital Identity one of the priorities in the Digital Strategy of the European Commission, the proposed Regulation eiDAS2 was published on June 3, 2021, as a Framework for a European Digital Identity this Regulation has pre

The scope of this Regulation is attentive to the electronic identification systems notified by the Member States, the trust service providers established in the Union, and the European digital identity wallets. However, the attention is primarily intensive on the latter term.

But What Is Meant By A European Digital Identity Wallet?

It is a product and a service that allows the user to store identity data, credentials, and other attributes linked to their person, use it for authentication purposes, whether online or offline, and create qualified electronic signatures and seals. In short, almost a digital equivalent to the physical wallet in which we carry our ID, driver’s license, bank cards, health cards, etc.

How Does It Work, And What Other Innovations Will The Eidas2 Bring?

The new eiDAS2 Regulation, unlike its predecessor, makes it mandatory for the Member States to issue a European digital wallet. eiDAS2 proposes deploying a network, Adidas, composed of nodes, eIDAS-Nodes, for each EU Member States, which may use both as Services Provider (SP) or Identity Provider (IdP) in the authentication processes for all types of public or private services.

When A Service Provide (SP) The Eidas2

Detects the access request from another Member State, it will issue an authentication request that the eiDAS protocol will route to the node of the country that will act as the identity provider (IdP).

The eiDAS2 protocol offers secure and cross-border communication between the nodes that make up the MIDAS network. Allowing the Member States to choose the internal authentication protocols used at the national level, thus not implying any change in the current federal infrastructure.

• Digital wallets must guarantee the highest level of security for personal data use for authentication purposes, regardless of whether said data is store locally or using cloud solutions. Taking into account the different levels of risk.
• Each Member State will issue it. Following common guidelines and standards. Including cybersecurity requirements.
• The issuers of the wallets may not collect any information about their use. With the sole exception of that which is necessary to provide the identification service.

Likewise, This Text Includes.

As a novelty, when European digital identity wallets are affect by a security breach that may compromise their reliability or that of other wallets, the Member State must suspend the issuance of the affect wallets. Suppose this breach or violation cannot revise within three months. In any case, this management must agree without pre judice to the existing notification obligations in regulations such as the RGPD relate to personal data security violations.

How Does The European Digital Identity Wallet Benefit Us As Citizens?

• Standardization of a contrasted digital identity for public and private services.
• It will be existing free of charge to anyone who wants to use it. EU citizens, residents, and Businesses.
• Users will identify with this instrument in both public and private services. Even the big online platforms should also offer this possibility to those who want it. Some examples for which it could use, as a state by the European Commission itself, are opening a bank account. Applying for a loan, or registering at a hotel.
• In line with one of the main objectives of the GDPR. The use of the European digital identity wallet will allow its users to have greater control over their data. In this sense, these users will be give the possibility to choose which aspects of their identity, data, and certificates are share with third parties, keeping abreast of all interactions and keeping or accessing a history of them.

And How Can Companies Benefit?

As the European Commission maintains. These legislative developments will boost innovation and digitize business procedures. Also seeking confidence in cross-border transactions. On the other hand, consumers will continue to increase their trust in digital services.

Finally. The use of these types of identities will also help in the fight against fraud and cybersecurity threats such as phishing.

Next Steps

The text is still in the consultation and first reading phase. Therefore. It will still have to go through the procedures of the European legislative policy. And it will not see the light of day for the time being.

In short, and in line with what we mentioned in the first lines of this article. The European Commission continues to work on its digital strategy. Seeking a true transformation in this regard, opening up new opportunities for our companies and promoting the development of trusted technologies.

However. Active work is also being done to find balance rights and freedoms of European citizens. Their trust in digital services. Ethics. And protection in the use of their data.

At KPMG, we continue to prepare ourselves for all these legislative and technological developments by adapting and generating new methodologies and working documents to help our clients with the new obligations and opportunities that digital change will offer.

Also Read: What Is Foreign Trade And How It Works?