The European Union is entering a new digital era. That’s one way to sum up the adoption of the eIDAS 2.0 regulation, with its key innovation being the European Digital Identity Wallet. This tool has the potential to reshape how we verify our identity, access both government and private services, and even sign documents. And all of this can be done from anywhere, with just a few clicks, securely through a single app. What benefits will this innovation bring, and how should your organization prepare for it to gain a competitive advantage?
We have already informed you about the upcoming revision of the eIDAS regulation[1] referred to as eIDAS 2.0 regulation,[2] in previous posts. This spring, the final text of the regulation was adopted and has been in effect since 20 May 2024. Preparations are already underway across individual Member States to adapt it locally.
To begin with, it's worth noting that, unlike some other EU regulations (such as the GDPR),[3] eIDAS 2.0 does not have a general implementation deadline. However, its practical effectiveness will be rolled out gradually, depending on the adoption of implementing acts by the Commission. These acts will define the technical standards and procedures necessary for the implementation of the new requirements. They will be issued at various times, with the final one set for no later than 21 May 2025.
Regarding the European Digital Identity Wallet (the “Wallet”), the deadline is set at 24 months from the entry into force of the first package of Commission implementing acts. This package has already been released by the Commission for public consultation and should be adopted by 21 November 2024 at the latest. The provision of at least one Wallet should thus be ensured in each Member State by 21 November 2026 at the latest. There will likely be some 'early adopters' at the EU level, setting trends and serving as a source of inspiration for others in implementing and using the Wallet.
We recommend that organizations, whether those planning to integrate the Wallet in their processes voluntarily or those required to accept it under eIDAS 2.0, start preparing for these changes already now. Experience from previous large-scale implementation projects has shown that delaying implementation until the last minute significantly increases the administrative burden and related costs within the organization. So, what changes should you prepare for?
Wallet
A major change is undoubtedly the introduction of the Wallet. It will function as a mobile phone application, supplied, approved, or recognized by a Member State, allowing users to store, in principle, all user-related data such as identification data, university diplomas, or medical prescriptions, as well as object-related data such as licences or warranty certificates. The validity of this data will be based on the concept of 'electronic attribute attestation,' which we discuss below.
Thanks to its features, the Wallet will simplify our daily lives and significantly enhance the market potential for private entities across the EU, as it will be recognized cross-border. The Wallet will be used mainly by individuals – whether as consumers, entrepreneurs, or representatives of legal entities – to identify themselves to both private entities and public bodies.
The Wallet will also enable individuals to use a qualified electronic signature – at least for non-professional purposes – free of charge.
For 'relying parties’ – organizations wishing to use data from the Wallet – the regulation mandates registration with a responsible body designated by a Member State. For certain organizations, eIDAS 2.0 makes accepting the Wallet mandatory. In addition to public sector bodies, these include entities providing services requiring strong user authentication for online identification, such as banks, insurance companies, and providers of very large online platforms.[4] The Commission may further expand this list to include additional entities.
Other innovations
eIDAS 2.0 does not entail conceptual changes to trust services, but this doesn't mean there won't be changes. It introduces new trust services, such as electronic archiving, electronic ledgers, and remote management of tools for creating electronic signatures and seals.
A particularly interesting service, which will work in tandem with the Wallet, is electronic attribute attestation. In addition to standard attributes of an individual like address or age, this will also enable users to confirm, for example, family status, firearm permits, or powers of attorney to the relying parties.
Why prepare for these changes?
The Wallet offers seamless access to digital services across the EU. It will play a key role in various aspects of daily life, such as online shopping, document signing, and managing and sharing personal documents.
By automating many processes, the Wallet can significantly reduce organizations’ costs and streamline their business. One example is the simplification of HR recruitment, where the Wallet could securely and reliably provide all relevant information to a new employer remotely with just a few clicks, including documents that previously required a trip to an office or a copier, such as a university diploma or a certificate of no criminal record.
Another example is e-commerce. When online shopping, customers will be able to instantly provide personal information – besides name and surname, also age and required delivery address – eliminating the need to fill out traditional forms. Additionally, customers should be able to pay directly through the Wallet.
What to watch next?
The Commission is gradually publishing draft implementing acts, which provide better insights into how the Wallet ecosystem will function and are open to public consultation.
Member States must then attempt to align the revised regulation with their national laws, as many of the predicted processes and institutes will not fit with the current eGovernment solution. In the Czech Republic, the Digital and Information Agency is responsible for this agenda. Its task is to not only draft the legislation but also decide the best strategy for issuing and managing one or more Wallets.
- [1] – Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 June 2024 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.
- [2] – Regulation (EU) 2024/1183 of the European Parliament and of the Council of 11 April 2024 amending Regulation (EU) No 910/2014 as regards establishing the European Digital Identity Framework.
- [3] – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- [4] – Within the meaning of Article 33 of Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on the single market for digital services and amending Directive 2000/31/EC (Digital Services Regulation).
.jpg.webp?hash=29ccd5262783edd6e130a647354ea0e07deb7b6c)
