eIDAS High has a large impact on the financial sector. We will give you a short overview of the most important changes for Financial Institutions.
Most banks arrange their security based on monitoring intensively the activities outside their walls, and by applying statistics trying to detect malicious activity. This practice is effective, but also sometimes results in false positives and poor customer experience, as they are not able to transfer larger amounts due to delays and safety measures.
With eIDAS High, banks need to move their security practice from internal to external. More concretely, in 2026, next to their existing bank accounts, they need to be able to accept incoming EUDI wallet requests: Every EU civilian receives an EUDI wallet and banks need to be able to accept, verify and respond to all EUDI wallets issued in the EU27.
As Bankers are optimistic people, they see this change creates three major opportunities:
- Automate the KYC process
- Eliminate fraud (and get rid of the Random Reader)
- Create new financial products
Automate the KYC Process
The KYC process is currently costly, as trained staff needs to manually check and verify all data supplied and conduct a thorough provenance check. With the EUDI wallet technology, this process can be automated to a large extent.
To give an example we will review the future mortgage application. In this example a couple requests a mortgage and needs to deliver a large pile of documentation. To automate the process the bank has automated the majority of the requests and sends a link to the prospects. They give permission on Level 4 with their wallet and the process starts.
Important to notice, is that all received documents are eSealed by the Authentic Sources on level 4, making the manual provenance check obsolete.
| Authentic Source | Deliverable |
| Bank statements | All banks need to accept incoming EUDI wallet requests. The prospects select their banks and automatically deliver the sealed statements. |
| Pension Statement | The central pension registry delivers automatically a sealed statement |
| Tax statement | The central tax registry delivers automatically a sealed statement |
| Insurance statement | The insurance company automatically delivers a statement. |
| Salary statement | ADP, SAP, Unit 4 and other large payroll companies are obliged to accept incoming EUDI wallet requests and automatically deliver a salary statement |
| Employer statement | The employer receives a hyperlink via email and logs in with her EUDI wallet, signing it on Level 4. |
| Signed purchase agreement | The document is signed on level 4 by the sellers and buyers |
| Property valuation | Receive an eSealed appraisal report from the central registry. |
| Land Registry | The Land Registry automatically delivers a statement that the land is owned by the same people that are in the Purchase Agreement. |
The KYC process involves many more factors and not all can be automated from the start. But designing the right workflows and requests is essential for Financial Institutions to stay competitive in the next couple of years.
Create new financial products
In the last couple of years, due to the increased pressure of regulation, some products became loss making due to the higher costs incurred with the KYC process. The example above hopefully gave you insight into the opportunity to reduce costs to do proper KYC checks when offering financial products and services, if you are able to design the right workflows. This also means that as our cost component lowers, more products become profitable to offer.
Next to the cost price of existing products, eIDAS High creates massive opportunities to create new products. It is now easier to combine external (financial) information and suppliers and to use this to create new products and offer external services to your customers with seamless user experience.
Eliminate Fraud
And get Rid of the Random Reader
All EUDI wallets need to have a “EUDI Wallet Secure Cryptographic Device (WSCD)”. This technology is in essence similar to the Random Reader, making sure we have an unhackable hardware component linked to a customer’s account.
The beauty is that new technology is able to store this cryptographic device in a safe data center, and link this securely to the EUDI wallet. This means customers can now enjoy the highest safety, without the hassle of a costly random reader. We call this a Remote Secure Element (www.ubiqu.com/RSE). Now all actions can be linked back to a user and their wallet.
This means the end of Fraud as we know it:
- Identity Fraud: Level 4 onboarding guarantees you are dealing with the right person and as we control the entire chain, you can link the onboarding to a device and an app installation.
- Man in the Middle: Approval is only possible by the identity stored in the WSCD, linked to the user’s device. As the product is certified, it is the best security possible with the state of the art and extremely difficult to perform a transaction without permission of the real user.
- Man in the Machine: Our cryptographic provenance chain clearly shows all changes, making it impossible to make transactions of an account, without the approval of the end customer.
- Man in the phone: Attack surface is reduced to only the user’s own mobile phone, creating the opportunity to detect attacks on the device and create insight in the quality of the installed base and the level of sophistication of the attackers.
You need to become a Quality Trusted Service Provider (QTSP)
Under eIDAS 2.0 regulation, financial institutions need to become a QTSP to verify incoming requests and to make outcoming statements verifiable for parties relying on the bank’s output.. This has the following implications:
- Technological: You need to implement web 3.0 technology and make it backwards compatible with web 1.0 and web 2.0
- Organizational: You need to comply with over 2.000 requirements as laid out in the eIDAS 2.0 regulations.
- Audit: You need to be audited before you can start issuing.
Summary
eIDAS high has a major impact on Financial Institutions and the way they organize their security and financial products. But with the right vision it can be turned into a major opportunity to be more competitive, increase user experience, eliminate fraud and create new financial products.
Ubiqu has an incredibly efficient process to quickly align your infrastructure and app with the new eIDAS 2.0 legislation, making it easy and swift for your bank to become a Qualified Trust Service Provider (QTSP). Safeguarding your digital banking experience becomes straightforward, ensuring peace of mind for both you and your customers.
For more information click here.