eIDAS: national eID schemes will need to provide sufficient requirements against high level attacks
Brussels, 23rd of September 2015 – On September 8th, four implementing acts fleshing out Regulation 910/2014 on electronic identification and trust services for electronic transactions (eIDAS) were officially referenced in the official Journal of the European Union: two for eID (on interoperability framework and on levels of assurance) and two for trust services (on the formats of advanced electronic signatures and seals and on the technical specifications of the national Trusted Lists).
In a context where an increasing number of transactions are operated online, Eurosmart welcomes this milestone that paves the way towards an interoperable electronic identification for European citizens. Timothée Mangenot, Chairman of Eurosmart: “We have continuously called for the establishment of a regulatory framework that would support the development of cross-border electronic transactions, and we particularly appreciate the Member States’ commitment and the European Commission’s leadership to ensuring a swift implementation of the eIDAS regulation”.
Very sensitive applications (starting with e-Voting and Qualified Electronic Signature) will require a high level of security, and the industry represented by Eurosmart will be at the forefront for providing certified solutions that allow a maximal resistance to high level attacks and security breaches. Timothée Mangenot continued: “despite the lack of clear distinction between levels of assurance “substantial” and “high” in the related implementing act, only a certification process guarantees that every effort has been made to protect the two parties of the transaction against fraud. Digital security, including protection of personal data and privacy, is a fundamental right for all European Citizens. Security certified level “high” solutions, with privacy protecting features, are a reality and have been successfully deployed in EU countries”.
Eurosmart will keep paying close attention to the notification and interoperability of eID schemes – notably under the Cooperation Network – and remains committed to a sustained dialogue with the relevant authorities.
Eurosmart is an international non-profit association located in Brussels and representing the smart security industry for multisector applications. Founded in 1995, the association is committed to improving the quality of the security applications in the world’s smart secure devices, to developing smart security standards and to expanding the world’s smart secure devices market. Members are manufacturers of smart cards, semiconductors, terminals, equipment for smart cards system integrators as well as application developers and issuers who work in dedicated committees (security management, electronic identity, communication, marketing & technology, mobile trust, product & system security).
Eurosmart members are companies (Athena Smartcard, EM Microelectronics, FNMT-RCM, Gemalto, Giesecke & Devrient, Infineon Technologies, Imprimerie nationale, Inside Secure, LFoundry, Linxens, Morpho, Microsoft, NedCard, NXP Semiconductors, Oberthur Technologies, Samsung, STMicroelectronics, Toshiba), research organisations (Fraunhofer AISEC), and associations (Smart Payment Association, Mobismart, Danish Biometrics).
Eurosmart is acknowledged as representing “the Voice of the Smart Security Industry”.
Yann Le Borgne, Director of Operations – Yann.firstname.lastname@example.org