Home » Platforms and eMarkets » eIDAS Regulation (2.0)

eIDAS Regulation (2.0)

Regulation 2024/1183 amending Regulation 910/2014 as regards establishing the European Digital Identity Framework

Category

Status

EU

Effective 11 April 2024.

EEA

Pending.

Norway

Pending.

Scope

The eIDAS Regulation (EU) 910/2014, concerning electronic identification and trust services, came into effect in the EU on 1 July 2016. It aims to facilitate secure electronic transactions and establish a standardized framework for electronic identification and trust services across the European Union. The regulation applies to providers of electronic identification (eID), electronic signatures, electronic seals, timestamping services, electronic delivery service certificates, and website authentication services.

On 20 May 2024, amendments to the framework (Regulation 2024/1182) came into effect, significantly expanding the regulation’s scope. Member states are now required not only to recognize but also to provide means of electronic identification. The scope extends to new types of trust services and includes the implementation of a new digital wallet. This wallet serves as a high-level eID solution and can include certified attributes such as driver’s licenses, diplomas, vaccine passports, and more.

To ensure uniform application of the eIDAS Directive, the EU has adopted implementing regulations covering protocols and user interfaces (2024/2982), trust frameworks (2024/2980), certification (2024/2981), integrity and core functionalities (2024/2979), as well as personal identification and electronic attestation (2024/2977).

Relevance

The regulation ensures mutual recognition of eID and trust services across member states, enabling individuals and businesses to access online services across borders. It promotes trust, security, and interoperability in electronic transactions, fostering the development of a digital single market within the EU. The member states are empowered to establish their own penalties and enforcement mechanisms for non-compliance with its provisions.

Key obligations

Key take obligations from the regulation are:

  • Mutual recognition of electronic identification in the Member states.
  • Electronic signatures and seals that comply with eIDAS are legally valid and enforceable.
  • Providers of qualified trust services must meet specific requirements and be listed on trusted service lists.
  • Trust service providers must ensure security and integrity of their services.