How does the eIDAS Regulation differ from eIDAS 2?

In the VUCA context in which we find ourselves, the question that marks the present and immediate future of digitalisation and digital identification is: What are the differences between eIDAS and eIDAS 2? This year, Regulation (EU) 2024/1883 will enter a new phase and become mandatory, although it came into force two years ago. This update will leave behind a model based purely on electronic signatures and embrace a complete ecosystem of sovereign digital identity.

However, this climate of transformation is not merely a passing fad; it has arisen from a fortuitous post-pandemic context, characterised by an unprecedented acceleration of digitalisation, which has driven a new way of working and interacting.

For this reason, we have written an article analysing the differences between eIDAS and eIDAS 2, the key changes and how they affect citizens and businesses.

From electronic signatures to digital identity

To better understand the differences between eIDAS and eIDAS 2, we must first establish what the original eIDAS Regulation is and how its impact changed the digital ecosystem.

What is the eIDAS Regulation and what did it mean for digital identification?

As professionals specialising in electronic signatures, we have discussed the eIDAS Regulation on numerous occasions, as it forms the basis of electronic identification.

The eIDAS Regulation (EU) No 910/2014 is the main regulation in the European Union that establishes a uniform legal framework for electronic identification and trust services (signatures, seals, certificates). It was created with the aim of ‘building trust in electronic interactions and promoting seamless digital services in the EU’.

According to the European Commission, one of its fundamental aspects is the mutual recognition of electronic identifications issued by EU countries, provided that they meet specific regulatory criteria and have been duly notified to the Commission. In other words, thanks to the eIDAS Regulation, an electronic identification issued by one Member State is guaranteed to be recognised in all others. Its scope benefits EU citizens, businesses and public administrations.

What is eIDAS 2 and why is it a milestone in the EU?

However, citizens’ needs evolve and change as technology does, and sooner rather than later, it became a priority to update regulatory standards to reflect the new reality. This adaptation was driven by external factors such as the pandemic and the resulting digitalisation it brought with it, which triggered a surge in data traffic, digital transactions, app usage and the rise of digital jobs, among many other things.

For this reason, just two years ago, in 2024, Regulation (EU) 2024/1183, commonly known as eIDAS 2, came into force, amending and updating Regulation (EU) No 910/2014. To this end, it addresses the limitations of its predecessor.

With this update, the European Union seeks to improve the security, usability and interoperability of electronic identification and trust services across the EU.

European Digital Identity Wallet and Sovereign Identity

It also addresses the limitations of its predecessor by creating a new digital identification system: the European Digital Identity (EUDI) Wallet, or the European Digital Identity Wallet. This is a system that allows citizens to manage their identity in a sovereign manner. In other words, it allows us, as citizens, to control what personal data we share and with whom, without depending on a single centralised provider.

Implementation schedule: When will it become mandatory?

Although eIDAS 2 came into force in 2024, it is expected that by the end of 2026, each Member State will provide at least one version of the wallet (mobile app) in order to ensure interoperability and a common user experience for all citizens across Europe.

What are the differences between eIDAS and eIDAS 2?

The transformation of the original regulation into the 2024 version is not a simple legal adjustment; it is a change in digital architecture. While the first eIDAS focused on securing transactions, eIDAS 2 focuses on the citizen.

The differences between the two regulations can be summarised in four main points:

Voluntary becomes mandatory

The original eIDAS Regulation gave Member States the freedom to notify or not notify their electronic identity systems. This led to problems when a citizen of one country wanted to identify themselves to the administration of another. In certain cases, they were unable to do so.

Starting this year, with eIDAS 2, all EU countries are required to provide their citizens with a Digital Identity Wallet. This ensures that digital identity is valid everywhere, whether in Madrid or Helsinki.

From the public sector to the private sector

We cannot forget the economic aspects that will be most affected by the change in regulations. As far as citizens are concerned, the 2014 eIDAS was mainly used to carry out bureaucratic procedures with the administration. In contrast, eIDAS 2 will force the private sector to take the step towards digitisation and embrace the European Digital Identity.

Attributes vs. Identity Data

If there is one thing that characterises the original eIDAS Regulation, it is that it is concise in stating who you are: name, surname and ID number. Nothing else. However, the new regulation introduces Electronic Attribute Attestation (EAA). Thanks to this concept, you will be able to share verifiable ‘proof’ without revealing your full identity. Do you have an academic qualification that you want to prove, or do you want to prove that you are of legal age or that you have a driving licence? With the Digital Identity Wallet, you can prove it digitally, and it is completely legal throughout the European Union.

This form of identification is based on data sovereignty, i.e. giving each user the possibility of having complete control over what they share and with whom.

Democratisation and free of charge

Compared to the previous model, in which obtaining a qualified electronic signature often involved costs or complex technical processes, the eIDAS 2 Regulation provides users with a free qualified electronic signature system for individuals, provided it is used through the wallet.

Impact on businesses and the private sector

With eIDAS 2, certain strategic sectors will be required to comply with the regulations and accept the EUDI Wallet as a method of authentication and identification. This requirement will mainly affect companies operating in any of the following areas:

• Large Digital Platforms: Those referred to as ‘gatekeepers’ under the Digital Markets Act.
• Financial services and banking: For account opening processes and compliance with KYC (Know Your Customer) regulations.
• Essential supplies: Energy, water, telecommunications and transport.
• Transport and telecommunications: Especially with regard to contracting services and user verification.
• Education and health: In the management of academic qualifications and medical prescriptions.

What changes for businesses?

In short, businesses will have new obligations (acceptance of means of identification, VCs, qualified archiving, attribute validation). However, it will also result in greater interoperability and a smoother user experience.

New opportunities to consider

Although there are sectors that are not strictly required to comply with the regulation, eIDAS 2 offers a wide range of advantages that may be worth considering.

• Reduced risk of identity fraud: By using ‘high’ security levels guaranteed by Member States, the risk of identity theft in digital transactions is reduced.
• Optimised onboarding: New customer registration is instantaneous. Users no longer need to scan their ID or upload photos of their documents. With a simple authorisation in their wallet, their details will be verified.
• Elimination of data silos: As it is a European standard, companies can expand to other EU countries without having to integrate different identification systems for each market.

eIDAS and eIDAS 2 regulations combined in a single digital ecosystem

We hope that this article has helped you understand the differences between eIDAS and eIDAS 2 regulations, as well as the impact they will have on citizens and businesses throughout 2026. Remember: all Viafirma’s digital solutions strictly comply with international regulations on electronic signatures. We have been helping companies of all sizes and sectors make the leap to paperless management, with full legal validity, for over 25 years.

So you don’t miss a thing, every week we bring you news and updates about the sector and trust services. Follow us on LinkedIn, Instagram or TikTok and don’t miss a thing!