🎧 Listen to this Episode On Spotify
About Podcast Episode
The European Union (EU) has consistently demonstrated its innovative approach to technology and data protection through the implementation of groundbreaking laws such as the General Data Protection Regulation (GDPR) and the Electronic Identification, Authentication and Trust Services (eIDAS) regulation. These legal frameworks have set the bar high for data protection, privacy, and digital identity standards, establishing the EU as a global leader in these domains. As a result, many countries around the world have been inspired to follow suit, adopting similar regulations and best practices that align with the EU’s progressive stance on ensuring security, interoperability, and trust in the digital age.
This conversation with Viky started with a discussion around the history and evolution of eIDAS. One part of eIDAS is related to electronic identification and electronic identity, and the other is related to trust services, which include electronic signatures, timestamps, electronic seals, preservation of electronic signatures over a long period of time, and certificates for website authentication. As part of the legislative process, the European Commission conducted an assessment of the eIDAS regulation after several years of implementation to determine if any changes or adjustments were necessary. This assessment took place from the regulation’s inception in 2014 until 2020. During this period, it was observed that only 14 member states had notified electronic identification schemes in place, which means that only around 59% of citizens had access to an electronic identity mechanism. Out of these 14 electronic identity schemes, only seven were mobile. As a result, it became apparent that the regulation was not meeting the expectations and needs of citizens, who increasingly prefer to use mobile devices for accessing services and information.
We then shifted the conversation to talk about The European Digital Identity Wallet Architecture and Reference Framework and how it’s going to be implemented in 4 pilot projects across various use cases. They are composed of representatives from different member states and the private sector. The mix of participants, including both member states and the private sector, was one of the main requirements.
The European Commission launched a call for applications and selected four winning consortia:
- The first is the EUDI Wallet Consortium (EWC), which focuses on mobile travel credentials and organizational digital identity. It covers all European Union countries, including Ukraine, and has participants from over 60 countries in both the public and private sectors.
- Next is the NOBID Consortium, which is primarily focused on payment issuance and acceptance.
- The third consortium is Potential, with various use cases such as electronic registration, account opening, electronic driving licences, and electronic prescriptions.
- Lastly, the fourth consortium, DC4EU, is focused on educational credentials and professional qualifications.
These consortia aim to cover the main use cases that could lead to the widespread adoption of the eID Wallet and the new European electronic identity ecosystem.
The full list of topics discussed between Viky and I in this podcast conversation include:
- Understanding eIDAS 2.0: its history, lessons learned and implications.
- How the current ecosystem of trust providers will change and adapt under new eIDAS 2.0 regulation.
- The EUDI Wallet Architecture Reference Framework (ARF), and how it aligns with eIDAS.
- Person Identification Data (PID) Providers, and the differences between Qualified Electronic Attestation of Attributes Providers and Non-Qualified Electronic Attestation of Attributes Providers.
- Exploring the 4 Large Scale Pilots, their use cases and their use of PID.
- Some of the various associations collaborating alongside eIDAS and the large scale pilots (e.g., ETSI, CSC, INATBA).
- Trust lists, trusted issuers/verifiers and governance!
- Current and upcoming challenges and opportunities.
I hope you enjoy the conversation as much as I did. There is tons to learn for anyone interested in how a digital identity program start from a legal framework, and be coordinated across multiple nation states and actors.
Viky Manaila is an international expert in the field of electronic signatures, digital identity and digital transformation processes, who has successfully promoted the electronic business globally.
She has been technical expert to the European Commission for instituting Regulation 910/2014 (eIDAS) on electronic identity assurance and the design and roll-out of European, cross-nation e-procurement platforms and operations. She was one of the experts assessing the impact of revision of the eIDAS Regulation in support of the European Commission, with the aim of establishing a legislative framework for a secure, widely usable and interoperable Digital Identity for the Digital Single Market – eIDAS 2.0.
Viky Manaila has detailed in-depth knowledge of regulations, technologies and policies in digitisation and digital identities in the EU and US. She is member of different high level working groups set up by the European Commission, ETSI, World Economic Forum, aimed at aligning policy and operations around trust identity, digital signatures and cross-recognition.
Viky has successfully contributed to standardization work for the global acceptance of European Trust Services. The eIDAS Regulation and corresponding standards go beyond EU boundaries, proving that interoperability and cross-border legal recognition are the keys for global electronic commerce and transactions.