To improve the trust in online identification, authentication and signatures, the European Union introduces the Electronic Identity and Assurance Services regulation (eIDAS).
eIDAS states that by the end of September 2018, all governmental organisations must accept all identification methods within the European Union for international services. As can be imagined, many questions arise on what this entails exactly and what effect eIDAS has on companies worldwide.
First, let’s explain in a bit more detail what eIDAS is. This new regulation is to replace the more outdated eSignature Directive and STORK levels. eIDAS allows citizens and companies within Europe to digitally do business with governments, local and abroad, using their national identification tools. This should provide a common basis for safe electronic interactions. eIDAS is a set of standards for electronic identification and applies to customers and business when doing electronic transactions with public services and government.
Allowing the use of your familiar authentication tool should improve the level of trust in login procedures. However, all these login tools come with different levels of assurance. EIDAS divides these levels of assurance as follows:
Whatever tools used, the eIDAS regulation defined Advanced Electronic Signatures (AdES) and Qualified Electronic Signatures (QES) to provide consistency in document signing across Europe.
Though eIDAS is aimed at governmental organisations, it is expected that this regulation indirectly concerns all other internationally operating companies. Much of these identification methods operate both in the public as the private sector, which makes them applicable for international companies. The regulation in the Netherlands aims to put into law, the so-called Generic Digital Infrastructure Law.
This law aims to create an ecosystem in authentication methods that can be used by governments and organisations that use social security numbers when administrating for instance pension funds, health care and income insurances. With adding this, the Dutch regulation reaches beyond de eIDAS regulation.
For more information on eIDAS or de law GDI, please contact our identity services specialist Thea van Oosterhout.
Enjoyed this article? Please share the news!