The impact eIDAS 2.0 on eSigning services

March 13, 2024

mdb

How to prepare for new legislation

The EU Parliament has just approved new legislation around the use and implementation of digital identities within the EU member states which creates a massive opportunity for eSigning services, if they are ready to adapt.

We currently have the following assurance levels:

  • Level 1 and 2: Verification happens via email or SMS
  • Level 3: Verification happens via an ID check, comparing a photo with an image of a passport
  • Level 4: Verification happens via an ID Check with a liveness check, a 3D video verification to make sure it is you at that moment in time. 

New opportunities

Most eSign activities are on level 1 or 2. Most contracts are currently signed with just a simple email verification, without really knowing who is behind this email account. It is not that eSigning platforms do not want to offer higher security, but the problem is that users do not feel the need to go through onboarding per eSigning service that they use, resulting in high drop-outs. Also, most notaries are unaware about the validity of a level 4 signature, resulting in low acceptance. 

New eIDAS 2.0 legislation paves the way for eSigning platforms to offer additional services. Interoperability is key. So once an user is onboarded on a EUDI wallet, we can start offering secure services, without forcing a user to go through an 3d AI scan. Now eSigning platforms can start offering additional services based on high assurance, including signatures, secured emailing and other services.

How to be ready

eSigning platforms need to invest in the following fields to be ready for eIDAS 2.0:

  1. Become a QTSP: eSigning services will have to get the QTSP status in order to be able to offer signing services on level 4. Read here how to get the QTSP status
  2. Verifier: To accept incoming EUDI wallet requests, investment in a verifier service is required to make sure you are able to work and verify incoming requests and allow them access to your IT architecture.
  3. Provenance: You need to show the entire chain how a document has been handled and signed, so other parties can check the provenance of the document
  4. Issuer: You need to invest in an issuer function, to issue signatures and eSeals according to the new standard.

At Ubiqu we deliver an entire end-to-end suite to get you started and certified as soon as possible. 

 


Tags
  • eSigning