European Digital Identity: leave your wallet at home
In this opinion article, Victoria Hernández, CISO and Head of eiDAS Trust Services & Cybersecurity at Víntegris, analyzes the aspects of the new European Digital Identity and the evolution of eIDAS 2.0 to make it possible.
For months, we have been hearing and reading about the future European Digital Identity (eIDAS). Even the European Union has set a date and a milestone in terms of its application and scope: the objective is that by 2030, 80% of citizens will have this digital identity that will allow us to carry out procedures and processes with both companies and with the public administration with greater security and simplicity.
Although the technological advances that facilitate day-to-day life are indeed transmitted at a pace that is difficult to predict, the challenge of ensuring that 8 out of 10 Europeans can carry on their phones an application capable of generating our digital identity with complete security in a term of 6 years, is still less.
What is the European Digital Identity (eIDAS)?
But what does this new digital identity consist of? As its name indicates, it is about transferring to the digital world what defines our identity and recognizes us as individuals.
If now, when we have to prove our identity to carry out any type of procedure, whether renting a car or checking into a hotel, it is necessary to present our physical documentation: ID, driving license, passport, etc., with the identity or digital wallet that the EU is proposing and that in all likelihood will be a fact from 2024, citizens will have an application on their mobile phone that will allow us to leave the physical wallet at home, even outside our country of origin. In it, we can store all those personal documents, academic titles, certifications, or products that we have and that we need to identify ourselves and to carry out our procedures
What is the digital wallet with QR code
In addition to being able to carry out transactions only with your mobile phone, another of the advantages derived from the new digital wallet is that it will not be necessary to show more data than those strictly necessary to carry out the procedure. The digital wallet will allow us to show a QR code that includes the necessary information for each of the procedures to be carried out and only that information, respecting the privacy of the rest of our data from prying eyes and keeping it safe from possible theft or impersonation of identity.
What is the European eIDAS regulation?
Undoubtedly, the security of our data is a break for many citizens when it comes to accessing the digital world. There are still many misgivings about installing mobile payment, banking or similar applications on the phone for fear of constant cyberattacks and identity theft and their rapid evolution.
In this sense, the future European digital identity already comes with the homework done as it is based on the eIDAS (Electronic Identification, Authentication, and Trust Services) regulation. In 2014, the eIDAS regulation established the first necessary framework to enable mutually recognized electronic signature and identification services in the different Member States.
Over the years, eIDAS has enabled various online public bodies and services in the EU to make use of electronic identification by providing legal coverage to provide trust services, implementing identification services, digital certificates and electronic signature, as well as enabling remote video identification to solve the problem of in-person identity verification.
What does eIDAS2 mean?
After several years in development, but with limited implementation by Member States, the European Commission decided to further expand the scope of the regulation with new functionalities, which has come to be known as eIDAS2 or eIDAS 2.0.
“Goodbye to physical documentation, all our cards on our mobile phones”
Con esta renovación se persigue ampliar el ámbito de aplicación de la regulación con varios objetivos:
This renewal seeks to expand the scope of application of the regulation with several objectives:
- Allow access to highly reliable and secure digital identity solutions.
- That public and private services can trust in reliable and secure digital identity solutions.
- eIDAS 2.0 will comply with the General Data Protection Regulation (GDPR).
- Empower individuals and legal entities to use digital identity solutions.
- That such solutions are linked to a variety of attributes and allow the specific exchange of identity data, always limited to the specific needs of the requested service.
- eIDAS 2.0 will move control of identity and personal information to the end user, emphasizing the principle of exclusive control. It allows all EU citizens to exercise their rights to a digital identity that remains exclusively under their control (self-sovereignty).
The Future of the European Digital Identity
Beyond the technicalities, the future European digital identity that will be built based on the eIDAS2 regulation will provide citizens of the European Union with a new way to carry out procedures with both the administrations and companies of the member countries regarding the basis of a secure and reliable exchange of your data and, yes, leaving the physical wallet at home.