eIDAS will not only usher in a new era of innovation and transparency in how organizations do business, but this regulation is also paving the way for new levels of interoperability amidst service providers, companies, and their partners and clients.
Incompatibilities to overcome
Before eIDAS, technical incompatibilities could be a significant barrier to successfully conducting e-commerce with other EU member states or organizations within those member states:
- Nations and organizations have different standards for digital security, eID, electronic signatures, and authentication infrastructures.
- Without a commonly accepted framework for ensuring that different systems can communicate and accept electronic transactions from other systems, it is difficult for service providers to conduct their business across multiple geographic regions and with many different types and sizes of organizations.
- In addition, different countries and organizations have different definitions for secure transmissions.
Definitions and frameworks for greater interoperability
The eIDAS regulation helps eliminate the above barriers and enables greater interoperability through its centralized definitions and frameworks:
- eIDAS stipulates that authentication technology must be interoperable across borders. The party which supplies and updates the software used for the authentication mechanism shall agree with the hosting party on the management of all authentication mechanisms.
- Furthermore, eIDAS acknowledges that cost is sometimes a barrier when defining a common technology framework. eIDAS also addresses this; regulation language warns that any agreement between the parties “should not impose disproportionate technical requirements or costs (including support, responsibilities, hosting and other costs) on the hosting party.”
- As data security is paramount to technological solutions, eIDAS helps Member States work through some differences when defining security aspects.
- For example, eIDAS requires that solutions employ means to ensure the integrity and authenticity of communications and lays out standards for messaging formats and management of sensitive information.
- By defining minimum requirements and stipulating that member states must agree on how their solutions work together, eIDAS standards open up new doors for communication and collaboration. Without this common framework pushing organizations to work together to facilitate interoperability, each party would likely argue why their solution and strategy are best and insist that the other adopt them.
eIDAS strikes the essential but hard-to-achieve balance between security and collaboration. It is neutral enough as not to incite favourability arguments. Still, it also contains strong language to ensure that all parties meet a baseline level of technical requirements when working together.
This kind of interoperability will lead to increased growth and success of business initiatives throughout the EU and among its Member States.
References and Further Reading
- Selected articles on Digital Signatures (2014-16), by Ashiq JA, Guillaume Forget, Peter Landrock, Torben Pedersen, Dawn M. Turner and Tricia Wittig
- REGULATION (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC(2014) by the European Parliament and the European Commission
Image: "DSC06095" courtesy of clayton.douglas, Flickr (CC BY-ND 2.0)