What is eIDAS? You may or may not know that it is related to the EU and the European Commission’s strategy for a Single Digital Market in Europe. And you might have heard that it somehow impacts the way in which companies can extend their market reach across borders. But what does eIDAS really mean, and what does it do?
We put together five of the most frequently asked questions, and five short and simple answers, to guide you towards a better understanding of what eIDAS means, and – more importantly – how it applies to your industry and your company.
Let’s get started!
1. What is eIDAS?
eIDAS stands for electronic IDentification, Authentication and trust Services, and is an EU regulation on electronic identification and trust services for electronic transactions that applies as law within the whole of the EU.
In support of the European Commission’s Digital Single Market (DSM) initiative (see question no. 2), eIDAS aims to facilitate the smooth flow of commerce in the EU through harmonisation of law, transparency, security, technical neutrality, cooperation and interoperability.
2. What is the Digital Single Market?
The Digital Single Market (DSM) is the European Commission’s vision and strategy for the best possible, and equal, access to the online world for individuals and businesses across the EU.
It is defined by the European Commission as a market ”… in which the free movement of persons, services and capital is ensured and where the individuals and businesses can seamlessly access and engage in online activities under conditions of fair competition, and a high level of consumer and personal data protection, irrespective of their nationality or place of residence.”
eIDAS serves as a guide for how to digitalise a wide range of business operations, both internal and customer-facing, so that companies can develop processes and services that will enable an extended market reach towards other countries in the EU. For example, eIDAS provides the legal framework for a seamless cross-border customer experience, including a fully digitalized onboarding procedure and increased security in electronic transactions.
eIDAS addresses digital processes such as formalising agreements of all kinds, performing KYC (Know Your Customer) checks and complying with anti-money laundering legislation (e.g., AMLD).
4. What does eIDAS force my company to do?
Simply put: nothing. It’s key to understand that eIDAS is an enabler rather than an enforcer. Unlike laws that mandate and restrict behaviour, eIDAS is about enablement.
By providing a legal framework recognised throughout the EU, eIDAS enables companies to develop and implement digital commerce processes to extend their market reach to customers across borders.
5. How does eIDAS define an electronic signature?
An electronic signature is defined as “data in electronic form which is attached to, or logically associated with, other data in electronic form and which is used by the signatory to sign”.
Furthermore, the eIDAS regulation defines three types of electronic signatures:
I) Basic Electronic Signature Any kind of signature made in an electronic environment where the signatory has manifested their intent to become bound by the contents of the document thus signed.
II) Advanced Electronic Signature An electronic signature which includes extended required elements of unique identity, sole control and integrity of the signed document.
III) Qualified Electronic Signature An electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures.
We hope you found this article interesting, and that it has helped you feel more comfortable in understanding the basics of what eIDAS means and implies. If you want to dig deeper into the details we recommend reading eIDAS: Standardising Digital Identity in the EU or Electronic Signatures and eIDAS.