eIDAS 2: an ambitious project to revolutionize digital identities and trust services across Europe.
To respond to the growing demand for digital identification solutions, the European Union has issued a supplementary update of the eIDAS Regulation: the eIDAS Regulation 2.
This legislation entered into force on 20 May 2024, but the publication of the implementing acts scheduled for November 2024 and May 2025 is awaited, as well as the first decisions of national governments in application of this legislation.
EIDAS 2 has significant impacts on the digital behaviour of citizens, businesses and professionals, given the interoperability at EU level of the services offered, which can be used regardless of the State of the Union in which one is located.
In addition, the Regulation provides for advanced protection measures to safeguard user data with significant penalties for those who do not comply with these measures to promote high standards of security and reliability.
The main innovations contained in the Regulation are as follows:
- European Digital Identity Wallet (EDIW): A unified, secure and interoperable European digital wallet for all EU citizens, usable in all EU states. This portfolio allows citizens to access a wide range of services, public and private, through a single certified digital identity. If the services indicated require a high level of authentication, companies – excluding small and medium-sized companies – will have to accept users’ EDIWs at the voluntary request of the users;
- Expansion of Trust Services: Extension beyond electronic signatures to include electronic records in which digital data will be entered that will enjoy the presumption of integrity and will be arranged in a single, accurate chronological order. This represents an important innovation because it introduces the basis for distributed electronic ledgers, i.e. blockchain and smart contracts; • Electronic Seals: new provisions have been introduced to ensure the integrity and authenticity of digital communications. In particular, companies that use these devices “remotely”, i.e. the so-called HSMs (Hardware Security Modules), will have to comply by 21 May 2026;
- “Electronic archiving” and “Qualified electronic archiving”: eIDAS 2 introduces new definitions of electronic and qualified archiving to preserve digital documents guaranteeing their durability, legibility and preserving their integrity, confidentiality and proof of origin. A minimum share capital of €5 million is required to be able to propose itself as a Qualified Trust Service Provider and therefore operate as a conservator in accordance with the eIDAS 2.0 scenario;
- Certificati Di Autenticazione Di Siti Web: sono state introdotte regole più stringenti e nuovi obblighi per i certificati di autenticazione di siti web e il servizio fiduciario di convalida dei dati trasmessi tramite recapito certificato e le relative prove
More information here
