1. Home
›
2. Standards & Regulations
›
3. eIDAS

Creating Secure & Seamless X-Border eIDAS Services

Postal Services are based on TRUST

Postal services are based on trust.

As posts extend their services into the internet, this trust is maintained by means of secure electronic identification, authentication and signatures (eIDAS services).

An open, barrier-free communications environment for postal services in the internet requires interoperability – only achievable through joint standards.

In this article, Walter Trezek summarises the outcome of a workshop at the European Commission (EC) in Brussels on 5 September 2012, attended by representatives from ministries, business associations, postal services, service providers and regulators. Full details here.

Obstacles to X-Border Trust Services

Currently the main obstacles to secure & seamless cross-border eIAS services are:

• Different rules in different member countries

Service providers are subject to different rules for e-signatures, eID and ancillary trust services depending on the Member States they serve. National supervision requirements for e-signatures differ from one Member State to another, making it a challenge for parties relying on an e-signature to assess how a service provider is supervised.

• Lack of trust & confidence in electronic systems

The current tools and legal framework create the impression of fewer legal safeguards than for physical interaction. For eID and ancillary trust services, heterogeneous national legislation makes it difficult for users to feel secure when interacting online in cross-border scenarios.

Proposed Solution

The EC proposes a Regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market.

The proposed regulation would overcome 4 main challenges:

1. Insufficient scope of the current legal framework
2. Lack of coordination between e-signature and eID development
3. Lack of transparency in security guarantees
4. Lack of awareness / user adoption

The proposal chooses to overcome these current challenges by:

• Enhancing legal certainty
• Boosting coordination of national supervision
• Ensuring mutual recognition and acceptance of eIDs
• Incorporating certain ancillary trust services

Why European Regulation?

Providing a comprehensive framework by means of a single instrument would ensure that the legislation regulating the various aspects of eIDAS is consistent. A regulation provides immediate applicability without interpretation, and thus greater harmonization, and is therefore the most appropriate means of achieving the objectives of the proposed legislation.

The current national-based supervision schemes would be maintained, but with stronger harmonization through essential common requirements.

Due to the inherently non-territorial nature of eIDAS services, action at EU level is adequate and proportionate in order to implement the digital Single Market. Regulatory measures taken at Member State level cannot be expected to achieve the same outcome. EU intervention is thus required, appropriate and justified.

A detailed examination of the Proposal, and in particular the proposed supervision schemes for qualified trust service providers and trust service providers per se, is laid out in the Annex to this summary.

Walter Trezek

UPDATE! September 2014: the eIDAS regulation is now in force.