Google

Wednesday, 3 April 2024

EU Countries To Offer Their Citizens Digital Identity Wallets From 2026

The EU is finally pushing forward with aRegulation that requires member state governments to offer their citizens a voluntary European digital identity wallet from 2026.

Under the new law, member states will offer citizens and businesses digital wallets that will be able to link their national digital identities with proof of other personal attributes (e.g., driving licence, qualifications, bank account). Citizens will be able to prove their identity and share electronic documents from their digital wallets simply, using their mobile phones. 

 The new European digital identity wallets (EDIWs) will enable all citizens to access online services with their national digital identification, which will be recognised throughout the EU, without having to use private identification methods or unnecessarily share personal data. User control ensures that only information that needs to be shared will be shared.

For the past 20 years, various players have pushed the idea that you could have a digital identity issued by any number of certified 'trust providers' based on certain agreed standards. This would go hand-in-hand with concepts of 'personal data stores' and access to your transaction data in machine-readable form ('midata')that would allow you to control how your data is monetized. There was speculation that the trust providers would likely be banks and telecoms companies, or perhaps dedicated new entities; but there were always concerns about whether they really had the core competencies required - or the risk/liability appetite - as well as issues relating to security and privacy.

The European Commission explains that:

  • by 2026, each member state must make a digital identity wallet available to its citizens and accept EDIWs from other member states according to the revised regulation 
  • sufficient safeguards have been included to avoid discrimination against anyone choosing not to use the wallet, which will always remain voluntary 
  • the wallet’s business model: issuance, use and revocation will be free of charge for all natural persons 
  • the validation of electronic attestation of attributes: member states are required to provide free-of-charge validation mechanisms only to verify the authenticity and validity of the wallet and of the relying parties’ identity 
  • the code for the wallets: the application software components will be open source, but member states are granted leeway so that, for justified reasons, specific components other than those installed on user devices need not be disclosed 
  • consistency has been ensured between the wallet as a form of eID and the scheme under which it is issued...

Qualified website authentication certificates (QWACs) will ensure that users can verify who is behind a website under well-established eID security rules and standards (which enable open banking service providers to authenticate each other's systems, for example).


No comments:

Related Posts with Thumbnails