The eIDAS implementing act 2015/1502 describes three assurance levels for electronic identification means and authentication.
1. Low assurance level - this requires the electronic identification mean to use at least one authentication factor, such as username and password.
2. Substantial assurance level - this requires the electronic identification mean to use at least two authentication factors from different categories (possession, knowledge or inherent). It is designed such that user can be assumed to be in control of or in possession the authentication factors. The authentication shall include dynamic authentication.
3. High assurance level - this requires the substantial level as well as the electronic identification mean is protected against duplication and tampering. The owner can protect it for use by others.
eIDAS requires at least the low assurance level for Advanced Electronic Signatures, and the minimum for Qualified Electronic Signatures is the substantial level.
⇐ Back to all FAQs