Authorization Basics

4 mins read

What eIDAS 2.0 Is

Understand how eIDAS 2.0 regulation aim at bridging digital trust across Europe.

eIDAS 2.0 Explained

eIDAS 2.0 is the proposed upgrade to the existing eIDAS framework, aimed at making it more flexible and robust to cope with technological advancements and emerging cybersecurity threats. Although the specific features and elements may be subject to changes, it is expected to cover new types of identity credentials like mobile IDs and to incorporate decentralized identifiers (DIDs).

The review began because of existing shortcomings, further elaborated in the impact evaluation:

  • Member states have discretionary eID announcements.
  • Restricted avenues for enforcing data privacy rights.
  • Significant constraints on actual public service accessibility.
  • Unequal competitive conditions for trust service vendors across member nations.

EUDI Wallet: A Key Element of the Updated eIDAS Framework

The purpose of the digital ID wallet is to provide a centralized location where users can manage and keep their digital identities.

The concept is simple: instead of scattering various certificates and identity documents across multiple locations, have a single application on your smartphone that consolidates all of them. The digital wallet can store electronic documents and identity verification credentials. These stored items can serve for future identification purposes across various industries, including but not limited to governance, banking, hotel reservations, and age verification.

flowchart TB subgraph iss [Issuer] direction TB pid(Electronic Identity Data) esig(Qualified Electronic Signatures/Seals) qeaa(Qualified Exchange Accomodation Attestation) eaa(Exchange Accomodation Attestation) end subgraph verifier [Verifier] direction TB bank(Bank) police(Police) ecommerce(E-Commerce Store) airport(Airport Services) end subgraph trustSource [Source of Trust] pkd(Public Key Directory) list(Trusted List) end subgraph wallet [Holder - EUDI Wallet] direction TB id(ID) dlicense(Driving License) health(Health) end iss -- "Provides *PID Data * Qualified Signature Certs *Qualified Attestation * Non-qualified Attesation" --> wallet iss <-- TRUST --> verifier verifier -- "Requests PID Data" --> wallet wallet -- "Presents Proof PID,QES,QEAA,EAA" --> verifier verifier -- "Validates Signatures Issuer and User" --> wallet iss -- Provides Public Key --> trustSource trustSource -- Receive Information to verify Public Key --> verifier style wallet fill:#96CEE7 style iss fill:#dbcc8f style verifier fill:#94db8f

eIDAS 2.0 EUDI Wallet Explained in Practice

Mark, a tech-savvy thirty-year-old software engineer, proudly holds a degree from the renowned “Saint John University” locally. Being a native of Poland, Mark has earned his driving license and possesses a government-issued ID document.

With a penchant for staying ahead in the technological realm, Mark ventures to set up the EUDI digital ID wallet. He diligently adds his ID, driving license, and academic degree to this digital enclave, alongside his health records and insurance details. Essentially, Mark uploads his credentials to the digital ID wallet.

Each of these credentials undergoes a verification process by the respective issuers – his ID and driving license are verified by the government, while his degree is authenticated by the university. Accompanying each credential is a set of metadata such as the issuance date, expiry date, along with other pertinent information like Mark’s birthdate and family name. Through this digital arrangement, Mark not only leverages modern technology but also ensures a secure and organized repository of his vital credentials.

Now, consider the two following scenarios:

Mark is stopped by a traffic control on his trip to Germany. Mark is expecting guests coming over and wants to buy some wine.
A police officer requires proof of Mark’s driving eligibility, necessitating the presentation of his driving license. Without delay, Mark accesses his EUDI digital wallet application, where he previously stored his driving license, and displays it to the officer.

The officer then scans the QR code on the document, quickly verifying the validity of Mark’s driving license.
Utilizing his EUDI digital wallet application, Mark promptly retrieves his ID document, which he had previously stored in the wallet, and presents it to the assistant.

The assistant, in turn, scans the QR code on Mark’s ID using a verification device. This swift action confirms Mark’s adulthood, authorizing him to proceed with the wine purchase.

In the illustrated scenarios, both the police officer and shop assistant validate Mark’s credentials. Given that the police station and shop are situated within the European Union and adhere to eIDAS 2.0 standards, they trust the issuer of Mark’s credentials.

In each instance, only requisite information is shared with the verifiers to ensure privacy and data minimization. For instance, the shop assistant doesn’t require Mark’s ID number but merely needs to ascertain his adulthood. Consequently, only Mark’s age is shared with the verifier, exemplifying a prudent and privacy-conscious verification process.

Updated: Sep 22, 2023