identity solutions falling
outside the scope of eIDAS, such as those offered by social media providers and financial
institutions, raise privacy and data protection concerns
proposal expands the current eIDAS list of trust services with three new qualified trust
services, namely the provision of electronic archiving services, electronic ledgers and the
management of remote electronic signature and seal creation devices.
creation of an EU Digital Identity ecosystem building on legal identities issued by Member States and on the provision of qualified and non-qualified digital identity attributes
The initiative intends to harness and build on the investment already made by
Member States in their national identity schemes
On trust services, most
actors agree that the current framework has been a success, however, some additional
measures were required to further harmonise certain practices
The third and preferred option presents the highest level of ambition and aims to regulate the provision of a highly secure personal digital identity wallet issued by Member States
#blockchain as an #EuropeanUnion trust service
Electronic ledgers provide users with proof and an immutable audit trail for the sequencing of transactions and data records, safeguarding data integrity.
the notification of at least one electronic identification scheme by Member States is made mandatory in Article 7
provisions to facilitate unique identification are added to ensure the unique and persistent identification of natural persons in Article 11a
Member States will be required to include a unique and persistent identifier in the minimum set of person identification data
Article 45 is amended to require providers of web browsers to facilitate the use of qualified certificates for website authentication.
European Digital Identity Wallets should benefit from the potential offered by tamperproof solutions such as secure elements, to comply with the security requirements
European Digital Identity Wallets should also allow users to create and use qualified electronic signatures and seals
The conformity of European Digital Identity Wallets with those requirements should be certified by accredited public or private sector bodies
environment should foster the inclusion of European Small and Medium Enterprises, start-ups and individual innovators and researchers.
Regulation (EU) No 2019/115721 strengthens the security of identity cards with enhanced security features by August 2021.
Also offline! Works wonders with qualified certificates.
All European Digital Identity Wallets should allow users to electronically identify and authenticate online and offline
Qualified certificates and wallet contents can also be stored on the cloud
..whether such data is stored locally or on cloud-based solutions..
Any entity that collects, creates and issues attested attributes such as diplomas, licences, certificates of birth should be able to become a provider of electronic
attestation of attributes
transport, energy, banking and financial services, social security, health, drinking water, postal services, digital infrastructure, education or telecommunications should accept the use of European Digital Identity Wallets
#Twitter#Amazon#Google#ebay#Facebook take note!
Where very large online platforms require users to authenticate to access online services, those platforms should be mandated to accept the use of European Digital Identity Wallets upon voluntary request of the user
Are you building on top of #blockchain in #digitalidentity field? You shall be registered as EU #qualified trust service provider.
The certification as qualified trust service providers should provide legal certainty for
use cases that build on electronic ledgers
New definitions where remote services will have clearer separation from local HSM. It totally makes sense also SmartCard another level from password protected remote server.
‘(23a) ‘remote qualified signature creation device’
(23b) ‘remote qualified seal creation device’
European Digital Identity Wallets shall be issued:
(a) by a Member State;
(b) under a mandate from a Member State;
(c) independently but recognised by a Member State.
#QES to every European! #eIDAS 3. European Digital Identity Wallets shall enable the user to:
(b) sign by means of qualified electronic signatures.
#Free#digitalIdenty
The European Digital Identity Wallets shall be issued under a notified electronic identification scheme of level of assurance ‘high’. The use of the European Digital Identity Wallets shall be free of charge to natural persons.
Commission shall establish, publish and maintain a list of certified European Digital Identity Wallets.
Member States shall ensure unique identification ...
a unique and persistent identifier in conformity with Union law, to identify the user upon their request in those cases where identification of the user is required by law
Where Member States require an electronic identification using an electronic identification means and authentication under national law ... they shall also accept European Digital Identity Wallets
trust service providers shall be liable for damage caused intentionally or negligently to any natural or legal person
@NordicInstitute will x-road.global be taken into use in every EU country to give #TSP-s access to authentic sources?
Article 45d "allow qualified providers of electronic attestations .. verify .. directly against the relevant authentic source at national level"
Member States shall ensure the collection of statistics
(a) the number of natural and legal persons having wallet
(b) the type and number of services accepting the wallet
(c) incidents and down time of the infrastructure at national level
• • •
Missing some Tweet in this thread? You can try to
force a refresh
@adfichter 3/9 #eID card can be used by the e-service for user identification and #qualified#digitalSignature without any middleman directly from the browser. Only the service you are interacting sees your data.