A few years after its implementation, we begin by reviewing the features of the eIDAS Regulation, it’s current situation, future outlooks and updates from Viafirma concerning this regulation
EIDAS Regulation has completely changed the way citizens and Administrations relate to each other, increasing their fluidity, especially when we talk about cross-border activities.
What is the eIDAS current situation in Spain? What can we expect of eIDAS in the years to come? How can Viafirma adapt to their requirements? Below we will analyze this.
E-government in Spain
The eIDAS Regulation is an essential part of the digital transformation process of the Spanish Administration. The Index of Digital Economy and Society of 2019 brings to light interesting conclusions on this topic:
- Spain ranks fourth in EU countries in terms of digitizing its Administration.
- The proportion for public electronic service users reaches up to 76%.
Another source of interest is the research carried out by Ilustre Colegio Oficial de Gestores Administrativos de Madrid (Icogam), Retos de la Administración Electrónica en la Unión Europea: más allá de 2020. From this report we can highlight alongside with the previous data:
- 78.9% of individuals and 99% of companies make use of electronic processing services.
- The availability of digital processes and services is 89%.
How did the eIDAS Regulation come up?
Electronic identification is a great step forward for individuals and companies, avoiding unnecessary traveling time or administrative red tape. In addition, these advantages are even better when we look at it from an international perspective.
Electronic identification makes it easier to process different types of operations with institutions from other countries, thus opening the window to the international expansion of the company or relations with customers and foreign suppliers.
EU member states were aware of all this and introduced the The Regulation (EU) N°910/2014, also known as elDAS Regulation, based on electronic identification, authentication and trust services. This regulatory framework launched in 2014 and fully in force since 2016 is a strong contribution to the achievement of a single European digital market.
We can list the solutions regulated by eIDAS:
- Electronic Identification
- Electronic Signature.
- Electronic Seal.
- Timestamping.
- Qualified website authentication certificate.
- Certified Electronic Communication Service.
eIDAS-Node in Spain
Within the eIDAS Regulation we must mention the presence of the eIDAS-Node.
What’s it about?
The eIDAS-Node allows member state citizens access to both electronic services and transactions of other countries of the European Union through digital identity recognition.
eIDAS-Node is based on STORK projects (Secure idenTity acrOss boRders linKed) and STORK 2.0, in which Public Administrations, universities, private entities and non-profit organizations from 17 EU countries participated. This gave shape to an electronic identity interoperability platform.
Each country sets which identification schemes should use in the eIDAS-Node. In the case of Spain, the electronic ID document (DNI) is chosen.
The workflow of the e eIDAS-Node, which acts as a data flow gateway, can be summarized in the following stages:
- A European citizen makes a public service request from another EU country
- The request is sent to the institution that issued his identification scheme.
- This institution identifies the applicant, creating a message with his data and sending it to the node of his country of origin, which is later sent to the node of the country of service to request, all with the corresponding signature and the encryption of information.
- The service in charge of fulfilling the request receives the message and decrypts it.
It should be noted that the eIDAS-Node is the only authorized way of cross-border identification, automatically rejecting those based on certificates issued by other countries.
eIDAS and the private sector
Although the eIDAS Regulation is originally intended for relations with the public sector, the European Commission encourages companies to also take advantage of its use.
To see how private institutions can take advantage of elDAS, the European Comission commissioned a study in order to explore these possibilities. This research was focused on education and banking as pilot sectors
To do this, members with a high level of responsibility in these sectors were interviewed in order to know what are digital services they offer, what data do they work with and how can they be useful to the objective of the study.
As a result, an identification dataset for each sector has been collected that can be added to those minimally required in the eIDAS. In addition, a software architecture is offered that allows to exchange information about this business data with public infrastructures.
According to this report, companies express interest in profiting from the benefits eIDAS brings. This interest is based on reaching customers at EU level, offer safer services and to be more efficient in processing customer information.
eIDAS and Viafirma Solutions
From Viafirma, in our commitment to always offer the signature and authentication solutions that best suit the needs of each of our customers, all of our products fully comply with the eIDAS Regulations.
When we talk about a trust service, we are referring to what eIDAS defines as:
“An electronic service normally provided for remuneration which consists of: The creation, verification, and validation of electronic signatures, electronic seals or electronic time stamps, electronic registered delivery services and certificates related to those services, or the creation, verification and validation of certificates for website authentication; or the preservation of electronic signatures, seals or certificates related to those services”.
These Trust Services can be qualified or not. In order to attain this first category as Viafirma has done, all requirements from 24.1 from eIDAS must be fulfilled:
‘’When issuing a qualified certificate for a trust service, a qualified trust service provider shall verify, by appropriate means and in accordance with national law, the identity and, if applicable any specific attributes of the natural or legal person to whom the qualified certificate is issued.’’
eIDAS regulation currently holds an excellent position. Not only gaining a foothold in the european institutions, but also looking at private companies. From Viafirma we have this regulation as a basis to which continue working on effective and 100% congruent solutions, and of course, we will keep you up to date with the latest news about this document.