What is eIDAS?
eIDAS stands for electronic identification, authentication and trust services. The eIDAS Regulation established the framework to ensure that electronic interactions between companies are safer, faster and more efficient, regardless of the European country in which they take place. eIDAS is a European Regulation (910/2014) that creates a unique framework for trust services throughout the European Union. It is being effectively applicated since July 1st, 2016.
eIDAS, promotes interoperability in the 28 EU member states, ensuring that countries mutually recognize the electronic identification schemes that have been accredited by each of them. It also guarantees that the trust services provided by qualified service providers comply with the requirements of the Regulation, ensuring that they are accepted as evidence in legal proceedings.
The eIDAS Regulation will increase the level of transaction security for companies and offers many other benefits, including:
- Less administrative burden in electronic transactions with other companies, customers and public administrations.
- More efficient business processes and, as a result, a significant reduction in costs and increased profits.
- Safer electronic transactions that lead to greater consumer confidence and a greater base of potential consumers.
- Electronic identification (eID). It allows companies and consumers to prove electronically that they are who they say they are and gain access to services or conduct commercial transactions online.
eID can be used in both business-to-business and business-to-consumer transactions, as well as citizens to their public administrations.
eID provides companies with the opportunity to create worker credentials with the organization's computer systems, and carry out stricter controls on the identity of customers and other companies. This is of particular interest when marketing restricted products (for example, alcohol) or in high-value transactions (for example, the sale of works of art, transfers of large amounts of money). It also allows companies to expand their customer base, providing reliable identification of customers and companies in other EU countries, even if they have not had a relationship with them yet.
The use of national electronic identification systems in cross-border commercial transactions between EU countries depends on the stage of notification by each EU Member State. The notification refers to the process of selecting, reviewing and adding a national electronic identification system to the network of electronic identification schemes that must be recognized by other countries. The notification ensures that all notified national eID schemes comply with the quality and safety requirements established in the eIDAS Regulation. Each country maintains a Trusted Services List (TSL), and the European Commission administers a general TSL.
What are trust services?
These are electronic services that make electronic business transactions safer. There are different trust services defined under the eIDAS Regulation that serve different purposes.
- Electronic signature certificates: They certify the identity of a person and associate it with signature verification data.
- Electronic Stamp Certificates: They certify the identity of an organization and associate it with electronic stamp verification data.
- Electronic signature (eSignature): Is the electronic format expression of the agreement of a person with the content of a document or a set of data. Qualified electronic signatures have the same legal effect as handwritten signatures.
- Electronic seal (eSeal): It is similar in function to the traditional commercial seal. It can be applied to an electronic document to guarantee the origin and integrity of a document.
- Electronic time stamp (eTimestamp): Links an electronic document, such as a purchase order, at a given time, providing evidence that the document existed at that time.
- Website Authentication Certificates (WAC): These are electronic certificates that demonstrate to your customers that your website is reliable. They certify that the website is linked to the legal person to whom the certificate is issued, and that the legal person owns the domain for which the certificate is issued. They also help prevent data phishing.
- Certified delivery service (eDelivery): Allows the user to send data electronically by providing proof of the integrity of the content, the sender who orders the shipment and the recipient to whom the document is delivered and protects your company against the risk of loss, theft, damage or unauthorized alterations.
- Electronic signature and seal validation service(eValidation): All signatures and stamps received must be previously verified to place their trust in them. This service issues certified validations that are evidence in legal proceedings.
- Preservation of electronic signatures and seals: The preservation under eIDAS aims to guarantee the reliability of a qualified electronic signature or a qualified electronic seal over time.
- Certificates PSD2: PSD2 (Payment Services Directive) is a European directive to regulate digital payment services and strengthen the level of consumer protection. Qualified eIDAS certificates issued in accordance with ETSI TS 119 495 guarantee the identity of the parties, the security of the connections and the authenticity and integrity of the data. Through these instruments, TPPs and banks can meet the requirements of the European directive.
Benefits of electronic identification and trust services.
The introduction of electronic identification and trust services in your company can generate a number of benefits for your company. These benefits can be grouped into three main areas:
Better user experience:
presenting yourself to your customers as a company that uses advanced technological tools increases your confidence and improves the image of your organization.
Greater security and responsibility:
the eIDAS Regulation guarantees greater security between the parties thanks to advanced solutions and the legal certainty it offers.
Greater efficiency and improved competitiveness:
through reduced process cycles, large-scale automation, simplified and faster task execution, a general cost reduction is achieved while maintaining the quality of services and support.
New generation of services:
the use of this technology has proven that it allows to create new models of services and products, more profitable and competitive.
the use of trusted eIDAS services guarantees regulatory compliance (RGPD, LOPD, LFE) and the main safety standards (ISO 27001, ENS, ISO 9001).
How to check if a provider is a qualified provider?
You can check the official lists of qualified service providers at the following links: