Were I to ask you what a handwritten signature looks like, with an air of confidence will you grab a pen and scrawl your name on a piece of paper, or, with a flourish, will you grip your thumb and fingers together and, sign your name in the air? 'Voila!’
Following a Recommendation by the European Commission, from the end of 2023 each EU Member State will gradually offer the European Digital Identity (EUDI) wallet to their citizens, residents, and businesses. This mobile-based wallet will serve to manage access to verified sensitive personal information and to identify and authenticate the wallet's owner when interacting with financial services, medical institutions, government agencies, and other third-party services. Due to the high value of information and authentication capabilities provided by EUDI wallets, they are highly attractive targets for threat actors. This article explores secure development strategies for an EUDI wallet app. While being specific to the EUDI wallet, the methodology is equally applicable to the development of any IT asset.
The European Digital Identity (EUDI) Wallet aims to offer digital wallets to all EU citizens and businesses for identification purposes and document storage. eIDAS experts have presented an outline for the architecture of an "eIDAS Toolbox" referencing the architecture in recent months. Here we provide an outline of the key players in the EUDI Wallet Ecosystem, from the national bodies to the end users.
The UK's relationship with the EU has been tumultuous in recent years, especially in the wake of Brexit. With regards to digital identities, former Prime Minister Tony Blair's, statement that "everyone in the UK should be issued with a digital ID" has sparked heated national debate and left many wondering if the UK will follow suit with the EU on this issue.
Digital transformation has been a critical focus for businesses and institutions prior to the pandemic. Digital documents and e-signatures are a crucial part of this shift. The recent global crisis has served to hasten the implementation of such solutions; organizations have expedited the transition to enable remote work environments and transactional activity online.
As certain industries are moving ahead with digital transformation projects, online signing processes are a step forward in optimizing business practices.
As defined by Regulation (EU) No 910/2014 (eIDAS), which took effect on 1 July 2016, an electronic signature creation device is software or hardware that has been configured to generate an electronic signature. However, for such a device to be considered a secure signature creation device (SSCD), it must meet the specifications that are stipulated in Annex II of eIDAS
The last few years have been exciting for all stakeholders involved in the implementation and use of the eIDAS toolbox. Some important milestones have been reached, and new initiatives are taking off. However, to significantly increase the uptake of eIDAS-enabled services, a three-pronged approach is needed to bolster the main growth drivers. This approach is based on the feedback received from the various respondents in a recent ENISA survey and its accompanying report.
Mortgage fraud is a serious crime. Once executed and signed, a mortgage deed is a legally binding contract. The responsibility of trying to prove that signatures have been forged relies on the individual(s) having to prove it. It involves time and cost and, in many circumstances, requires evidence based on expert opinion.
