In a rapidly digitizing world, how can European citizens prove who they are, securely, seamlessly, and across borders? With the rollout of eIDAS 2.0 and the European Digital Identity Wallet, the EU is redefining digital identity as a tool for empowerment, privacy, and trust.
The European Union has a population of 450 million people, 93% of whom use the Internet at least once a year. Aware of the growing importance of digital technologies in everyday life, EU leaders have set a series of goals to achieve by 2030. These include transformative measures across all sectors, with one of the main pillars being the so-called European Digital Identity.
Its primary purpose is to ensure that every citizen on the continent can soon have their own digital identity wallet to access public and private services both online and offline, store and share digital documents, and create legally binding signatures. However, for this to become a reality, a regulatory framework must be in place to facilitate electronic identification and the use of trusted digital services.
Fortunately, such a framework already exists: the eIDAS Regulation (electronic IDentification, Authentication and Trust Services). Recently updated to version 2.0, it represents a shift in paradigm for businesses operating in the digital space.
What is eIDAS 2.0 and How Does It Differ from the Original eIDAS Regulation?
The European Commission reminds us that eIDAS stands for Electronic Identification, Authentication, and Trust Services. It is a regulation that sets “the framework to ensure that electronic interactions between businesses are more secure, faster, and more efficient, regardless of the country in which they take place.” This also includes conditions for enabling electronic identification (eID) and trust services so that related services can be provided across the EU.
Its roots go back to Directive 1999/93/EC, which set a common goal for all EU Member States concerning electronic signatures. Although eIDAS was not approved until 2014 and only fully implemented in 2016, it has since promoted interoperability among the 27 Member States, allowing for mutual recognition of notified electronic identification systems.
Its advantages have been evident:
- Businesses, clients, and public administrations have faced lower administrative burdens for electronic transactions.
- Business processes have become more efficient.
- Costs associated with operations have decreased, leading to increased profits.
- Electronic transactions have become more secure, fostering greater consumer trust and access to a broader customer base.
eIDAS 2.0: A Necessary Update for Secure Electronic Identification
Digital transformation happens at a rapid pace. That’s why the original eIDAS regulation required a comprehensive revision to adapt to new technological advancements and to address the growing need for a digital identity that is secure, interoperable, and under the control of each European citizen.
The result was eIDAS 2.0, introduced in 2021 and enacted in May 2024. Its main updates include:
- Introduction of the European Digital Identity (EUDI) concept, enabling the development of a common, continent-wide digital identity for each citizen.
- Full user control over their electronic identification, citizens choose what data to share, with whom, and when.
- Cross-border interoperability, ensuring that EU citizens can use their digital identities in any Member State with full recognition.
- Enhanced security, with technologies like advanced encryption and multi-factor authentication.
- Application in both the public and private sectors, the original eIDAS focused mainly on the public sector.
- Expanded trust services to include new qualified certificates and better interoperability among providers. This enables the integration of emerging technologies like blockchain and smart contracts.
eIDAS 2.0 is thus an update aimed at reinforcing the EU’s digital ecosystem, making it more secure, inclusive, and efficient. It puts citizens in control of their data, allowing them to verify their identity to third parties, access public and private services across Member States, and conduct legally valid digital transactions.
The European Digital Identity Wallet (EUDI Wallet)
As part of the guarantees offered by eIDAS 2.0, the European Digital Identity Wallet (EUDI Wallet) is being developed. It’s designed to allow both EU residents and businesses to securely store and manage their digital identities.
This is made possible by using electronic attribute credentials, documents that link, verify, and authenticate one or more characteristics of a person or entity (such as academic, legal, or professional qualifications). The wallet will incorporate these so that each user can identify themselves, store credentials, and access services through a mobile app.
The goal is for every Member State to provide its citizens with at least one version of this wallet by the end of 2026, fully aligned with eIDAS 2.0. Each digital identity wallet must ensure that its owner:
- Maintains privacy.
- Has full control over personal data.
- Chooses how and when to share information.
- Can use the wallet voluntarily and for free, with no obligation to do so.
How eIDAS 2.0 is Transforming Digital Identity Verification
Electronic and secure identity verification is rapidly advancing in Europe. But the new regulation also poses challenges to meet the rollout timeline of the EUDI Wallet, particularly in integrating strong authentication methods to verify users accessing public or private digital services.
Traditional methods like passwords, PINs, or SMS codes are limited because they rely on a single factor: something the person knows. As Deloitte highlights, over half of cyber frauds are related to the theft of personal or banking credentials.
This is why biometric technology is essential, it ties authentication to something inherent to the user. Biometric systems verify identity using unique physical or behavioral traits, such as facial recognition, fingerprints, or iris scans, and match them to stored biometric profiles.
They often include liveness detection to prevent spoofing and impersonation. Their advantages include:
- Strong Customer Authentication (SCA) using at least two of the three authentication factors: knowledge, possession, and inherence.
- A seamless and user-friendly experience.
- Compliance with the General Data Protection Regulation (GDPR).
- Support for cross-border interoperability and trust.
- Prevention of cybercrimes related to digital identity.
Biometric Verification: Towards a Smarter, Safer Digital Identity
The implementation of eIDAS 2.0 marks a turning point in how European citizens interact digitally with institutions and businesses. By offering a secure, interoperable, and user-controlled digital identity, it lays the groundwork for a more inclusive and efficient digital ecosystem. However, the road to 2030 brings challenges. Integrating emerging technologies like AI into identity verification will require strong ethical and technical frameworks. The move toward passwordless authentication, based on biometrics and decentralized credentials, will demand constant adaptation by service providers and enhanced digital education for citizens.