Here’s What We Can Expect from the Next ‘European Digital Identity’
The ‘digital wallet’ is expected to be available next September in all European Union member countries.
As of today, only 60% of the European population can use their electronic identification in cross-border territory. In fact, only 14% of the providers of major public services in all member states allow cross-border authentication with an electronic identification system.
With this in mind, the European Union is working on creating a European Digital Identity with which EU citizens, residents and businesses can identify themselves and confirm any type of personal information. With this, the intention is that this ‘European identity’ can be used to access services, whether public or private, online or offline, throughout the EU.
Every time we register on a website we are creating new versions of a previously created digital identity and we never know, with certainty, what happens to our data. This is why the European Commission has proposed the creation of a secure European electronic identity that European citizens can use for any transaction. “A technology that allows us to control what data is used and how,” says Ursula von der Leyen, President of the European Commission.
But what would we gain from this European Digital Identity?
Mainly, that all EU citizens would have at their disposal an identification document valid throughout the European territory. This would also be a simple and secure way to control how much information we want or need to share.
How it would work would be simple. There are already numerous mobile applications that contain our bank cards, boarding passes, concert tickets, museums, etc. Similarly, these ‘digital wallets’ would contain the information needed to identify us at any time: name, surname, date of birth and nationality, for example; in other words, the information we might need when applying for residence in a country, a job, starting to study in a European institution…
Edgar Martinez, International Business Development Director for Iberia at IDnow Group explained to Silicon: “The eIDAS 2 and the European Digital Identity initiative (EUid) will create a joint ecosystem for digital identity portfolios in Europe. At the core of both initiatives is interoperability and data authority, which will allow European citizens and residents to use their data stored in their identity wallets across the European Union. In addition, users will remain in control of their identity data and will be able to choose which wallets they want to use. The EU wants to ensure that users can easily transfer their data between digital identity wallets, regardless of the country or whether it has been developed by a public or private institution.”
In other words, the main objective is, above all, to have an identification method to confirm certain personal characteristics for accessing public or private digital services throughout the EU. In addition to offering users full control to choose which aspects of their identity, data and certificates are shared with third parties and to be able to track what is shared.
Moreover, this ‘digital wallet’ would make it easier for us to, for example, request a birth certificate, communicate a change of address, open a bank account, file a tax return, apply for a place at a university or residence, process prescriptions, rent a car with a driver’s license, etc.
What level of security could be guaranteed?
eIDAS is the acronym for electronic IDentification, Authentication and Trust Services, a regulation that corresponds to Regulation No. 910/2014 of the European parliament and council of 23 July 2014. With this regulation, the standards and rules for qualified electronic signatures, the issuance of qualified certificates and online trust services are defined.
If we think about the risks that we can incur by having a digital identity, the institutions must guarantee the highest level of security and avoid any kind of impersonation or theft. Juan Pablo Yagüe, CEO of Serban Biometrics, explained: “In this sense, biometric identification technologies such as fingerprints, iris scanning or retina control and facial pattern analysis, among others, will be key to ensure that the identity is not violated. Another fundamental point will be to raise users’ awareness of cybersecurity in order to protect their mobile device, the main tool for carrying out any telematic procedure”.
Néstor Serravalle, executive vice-president of VU, defends that: “One of its main guarantees is the “structural separation” that prevents companies from benefiting commercially from users’ data. In addition, it will offer its users the possibility of choosing which aspects of their identity, data and certificates they want to share with third parties and to monitor these”.
Edgar Martinez commented: “According to the EUid regulatory framework, which is expected to be in place by 2023, each EU member state will have to offer at least one digital identity wallet, but in practice we are more likely to see a wide variety of wallets from public and private institutions. Digital identity wallets will support all eIDAS assurance levels, from low through substantial to high. This means that European citizens will be able to use it for all kinds of use cases, such as e-government, e-health, mobility and even opening bank accounts.”
What if our identity is stolen?
The most common fraud practices are usually identity theft or the theft of personal information to commit banking fraud. The main damage of this is the theft of money from the account or the duplication of a bank card. Although the damage is not only economic, personal damage can also be suffered in social networks, for example, where the personal image can be really damaged.
Therefore, “in the event of losing the Smartphone where the ‘digital wallet’ is located, the simplest thing to do would be to revoke the information and set it up on a new device”, proposes Edgar Martínez, from the IDnow group.
Identity theft and theft of personal information are common practices in the online world. The most common is the theft of banking data or identity theft, which is the most frequent form of digital identity theft and the main damage for the affected party is the theft of money from the account, either for online purchases or for the duplication of a card. Although this is the most frequent, there are other less common thefts.
But, on the other hand, the number of advantages we are going to participate in is also high thanks to biometrics. “Biometrics may seem like a complex subject, but the reality is that biometric security systems are becoming a key element of multifactor authentication and are now being used for a wide variety of purposes,” says Edgar Martínez.
Many companies are using biometric systems such as facial or vascular pattern recognition, fingerprint recognition and even voice recognition. “The great advantage of biometrics is that identification and authentication are fast and accurate, two fundamental elements for identity protection,” says Martínez.
It is true that biometrics is very effective, as it not only meets security requirements but also facilitates and speeds up the management of critical functions, providing a higher level of security in the protection of personal data.
IDnow explains that its goal is to make “the wallet as accessible and convenient as possible for as many European citizens as possible, which is why the IDnow group will use biometrics as much as possible, in accordance with EU regulations”.
The truth is that there are still parts of this plan to be refined and criteria to be unified. However, the focus is on September, when it is expected to have the complete framework in place so that the first pilot projects can begin to be tested in October. From then on, all companies will have one year to adapt to this plan.