eIDAS will not only usher in a new era of innovation and transparency in how organizations do business, but this regulation is also paving the way for new levels of interoperability amidst agencies, companies, and their partners and clients.
Incompatibilities to overcome
Before eIDAS, technical incompatibilities could be a significant barrier to successfully conducting e-commerce with other EU member states or organizations within those member states:
- Nations and organizations have different standards for security, eID and authentication infrastructures.
- Without a common framework by which to ensure that different systems can communicate with and accept transmissions from other technical systems, it is difficult to facilitate the exchange of information necessary to do business across multiple geographies and with many different types of organizations.
- Furthermore, different nations and organizations have different ways of defining a “secure” transmission.
Definitions and frameworks for greater interoperability
eIDAS helps eliminate the above barriers and enables greater interoperability among groups through its centralized definitions and frameworks.
- eIDAS stipulates that authentication technology must be interoperable across borders. The party which supplies and updates the software used for the authentication mechanism shall agree with the hosting party on the management of all authentication mechanisms.
- Furthermore, eIDAS acknowledges that cost is sometimes a barrier when it comes to defining a common technology framework. eIDAS also addresses this; regulation language warns that any agreement between the parties “should not impose disproportionate technical requirements or costs (including support, responsibilities, hosting and other costs) on the hosting party.”
- Since data security is of great importance for technological solutions, eIDAS helps Member States work through some differences different entities have when defining aspects of security.
- For example, eIDAS requires that solutions employ means by which to ensure the integrity and authenticity of communications and lays out standards for messaging formats and management of sensitive information.
- By both defining minimum requirements and stipulating that Member States must agree on the way in which their solutions work together, eIDAS opens up new doors for communication and collaboration. Without this common framework pushing organizations to work together to facilitate interoperability, each party would likely just argue as to why their solution and strategy is best and insist that the other adapt.
eIDAS strikes the essential, but hard-to-achieve balance between security and collaboration. It is neutral enough as to not incite favourability arguments, but it also contains adequately strong language to ensure that all parties meet a baseline level of technical requirements when working together.
It is this kind of interoperability that will lead to increased growth and success of business initiatives throughout the EU and among its Member States.
References and Further Reading
- Selected articles on Digital Signatures (2014-16), by Ashiq JA, Guillaume Forget, Peter Landrock, Torben Pedersen, Dawn M. Turner and Tricia Wittig
- REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC(2014) by the European Parliament and the European Commission