eIDAS: 5 Years Making Transactions More Secure in the European Union
On July 1st 2016 the European Union introduced a new regulation called eIDAS. The new eIDAS law was created to guarantee that the electronic identification and authentication are performed according to certain security standards.
This legislation’s objective is to improve access to public services by European citizens by minimizing transaction and identity fraud.
Other countries have similar regulation, but the eIDAS regulation is considered the most advanced regulatory framework for digital identification in Europe.
Before the adoption of Regulation EU 910/2014 or the eIDAS regulation, member states issued their own digital certificates thar could be recognized in other countries if they had an agreement with an issuing entity. There was no distinction between different norms adopted by member and non-member states.
The European Union has been working to support crossborder services for years. It used to be difficult for companies to provide services across European borders because they had to comply with different rules and regulations in each member state.
eIDAS is a European regulation that makes it easier and more efficient to establish a unique group of norms that all European countries must follow when offering services.
Table of contents [Hide]
What is eIDAS and what are its benefits?
eIDAS stands for “Electronic Identification Authentication and Trust Services” and was developed by the European Parliament. It is the European Union’s electronic signature directive. It specified a legal framework for trust services and electronic transactions in the EU.
The law enables users to access different services in a faster and more secure manner. It also ensures that users know who is giving them the specific service in use.
Another benefit of eIDAS is that is gives a unique digital identity to all organizations that offer online services in the EU.
It also simplifies the combinations of username and password by making the use of a single password possible across multiple websites and organizations. This means that it is possible to begin a session in your account remotely without having to use a VPN because of the improved security offered by eIDAS.
eIDAS replaces Directive 1999/93/EU
Regulation EU910/2014 or eIDAS is a regulation about electronic identification and trust services in the European Union regulating electronic transactions in the internal market.
Multiple requirements surrounding identification, physical verification, electronic signatures and digital certifications have been detailed to collect and process these electronic transactions.
This directive creates a more harmonized legislation for financial online services in the EU by replacing Directive 1999/93/EC with a more common framework for electronic signature.
What is the purpose of the eIDAS Directive?
The eIDAS directive gives higher security to electronic transactions in the European Union. The directive was introduced to protect users from fraud and identity theft. It includes guidelines for standards in the European Union for certification authorities around Qualified digital signatures and signature generation devices.
eIDAS is an important component of the Digital Single Market strategy who’s objective it is to create a digital single market for online activities eliminating the barriers to trade in the digital sector, making cross border accessibility easier and ensuring the legitimacy of exchanged information.
Its objective is to eliminate the barriers between member states and enable citizens to operate with a single identification through digital signatures with validity all over Europe. This directive looks to reduce costs and accelerate how we work together.
European citizens will be able to use their electronic identification document (eID) to access electronic procedure in other member states.
The impact of eIDAS on companies and governments.
The eIDAS regulation ensures that persons and companies can conduct transactions with a high level of security and privacy.
The eIDAS system helps reduce the amount of documentation needed to identify interlocuters and gives a better understanding of the nature and purpose of transactions.
On the other hand, the eIDAS has also reduced costs for persons and companies by reducing bureaucratic paperwork with government institutions.
The security and privacy implications of eIDAS
Privacy and security are the most important attributes of the eIDAS. It is designed to protect the identity of persons and their personal data.
With the advent of new technologies, many persons are concerned about their identity and personal data. eIDAS offers solid protection against these threats.
EDICOM is a qualified trust service provider in Europe
eIDAS is a norm that makes it easier for companies to offer services across mutiple EU countries.
It includes a unique group of rules for companies to use when offering identification and digital signature services. some of these rules are mandatory.
Besides the Regulation EU 910/2014 which regulates eIDAS it also includes a new concept: Trust Service Providers.
This figure corresponds to the technology supplier that has the certification and technical capabilities to offer electronic transaction with trust mechanisms.
EDICOM is a Qualfied Trust Service Provider according to Regulation EU 910/2014. This European certification recognizes EDICOM as a trusted third party.
As a Trusted Third Party it offers the following trust services:
Issuance of qualified digital signatures/seals
Qualified certificates are commonly used in online transactions to authenticate companies and persons. These certificates are used for electronic invoices, e-commerce transactions and many others.
Validation of the qualified digital signature/seal
Qualified digital signatures or seals are a way to validate that a document has not been changed or manipulated. They work in the same manner as traditional signatures and seals that use ink and paper, but can be used remotely and more easily.
Conservation of qualified digital seals
Maintaining original documents with the qualified digital seal gives additional protection which could otherwise be lost. This way you can trust that all the information is preserved when using this method.
Generation of qualified electronic time stamps
Organizations use time stamps to determine the sequence or order in which actions have been performed.
The electronic time stamp is a digital signature that can be used to prove the existence of a series of data in a given time. This signature is generated automatically by an electronic device that contains the time when the data was created. It disables the alteration or elimination of this data, meaning that they are completely secure.
Qualified electronic delivery service
This system registers the delivery and reception of information. It is now easier than ever to send documents and messages electronically. The electronic delivery service will generate the evidence that you need, letting you concentrate of business essential tasks.