New European standards for QWAC/QWAC PSD2 and shorter TLS certificates in 2026
European regulation and the certificate industry are accelerating significant changes in 2026–2027. At ANF AC, we have adapted our processes so that organizations can continue operating normally and, above all, manage their certificates quickly and without complications.
Regulation (EU) 2025/2527: new requirements for QWAC
With Implementing Regulation (EU) 2025/2527, Europe strengthens the technical framework applicable to Qualified Website Authentication Certificates (QWAC), including those used in PSD2. Its application is expected from March 2026 onwards.
In addition, the CA/Browser Forum has approved a schedule to reduce the maximum validity of publicly trusted TLS/SSL certificates. The first milestone sets a maximum of 200 days from March 15, 2026 (with further progressive reductions).
Reduction schedule:
You can verify all the information at:
[https://cabforum.org/working-groups/server/baseline-requirements/documents/](https://cabforum.org/working-groups/server/baseline-requirements/documents/)
What does this mean for you?
Affected companies and their IT departments will need to establish certificate replacement processes with increasing frequency, resulting in a slight increase in the workload related to regulatory compliance.
At ANF AC, we already comply with these changes.
We have adapted our technical, operational, and issuance procedures to fully comply with the new regulatory requirements and the approved validity reduction schedule.
If your company needs QWAC or QWAC PSD2, at ANF AC you can obtain them efficiently, through a process designed to minimize time and friction:
Do you need QWAC/QWAC PSD2?
Contact ANF AC at +34 932 661 614 or by email at [psd2@anf.es](mailto:psd2@anf.es)