What is eIDAS?
eIDAS is the most common name for the European Union regulation on electronic identification and trust services for electronic transactions in the European Single Market.
eIDAS oversees electronic identification and trust services for electronic transactions in the European Union's internal market. It regulates electronic signatures, electronic transactions, involved bodies, and their embedding processes to provide a safe way for users to conduct business online like electronic funds transfer or transactions with public services.
Both the signatory and the recipient can have more convenience and security. Instead of relying on traditional methods, such as mail or facsimile, or appearing in person to submit paper-based documents, they may now perform transactions across borders.
The Regulation provides the regulatory environment for the following important aspects related to electronic transactions:
An electronic signature is considered advanced if it meets certain requirements:
- It provides unique identifying information that links it to its signatory.
- The signatory has sole control of the data used to create the electronic signature.
- It must be capable of identifying if the data accompanying the message has been tampered with after being signed. If the signed data has changed, the signature is marked invalid.
- There is a certificate for electronic signature, electronic proof that confirms the identity of the signatory and links the electronic signature validation data to that person.
Advanced electronic signatures can be technically implemented, following the XAdES, PAdES, CAdES or ASiC Baseline Profile (Associated Signature Containers) standard for digital signatures, specified by the ETSI.
Qualified electronic signature Qualified electronic signature is an advanced electronic signature that is created by a qualified electronic signature creation device based on a qualified certificate for electronic signatures.
Qualified digital certificate for electronic signature is a certificate that attests to a qualified electronic signature's authenticity that has been issued by a qualified trust service provider.
Trust service is an electronic service that creates, validates, and verifies electronic signatures, time stamps, seals, and certificates. Also, a trust service may provide website authentication and preservation of created electronic signatures, certificates, and seals. It is handled by a trust service provider.