Articles, European Digital Identity Regulation



Article 1, Amendments to Regulation (EU) No 910/2014

Regulation (EU) No 910/2014 is amended as follows:

Article 3 is amended as follows:


(a) points (1) to (5) are replaced by the following:

‘(1) “electronic identification” means the process of using person identification data in electronic form uniquely representing either a natural or legal person, or a natural person representing another natural person or a legal person;

(2) “electronic identification means”means a material and/or immaterial unit containing person identification data and which is used for authentication for an online service or, where appropriate, for an offline service;

(3) “person identification data” means a set of data that is issued in accordance with Union or national law and that enables the establishment of the identity of a natural or legal person, or of a natural person representing another natural person or a legal person.

(4) “electronic identification scheme” means a system for electronic identification under which electronic identification means are issued to natural or legal persons or natural persons representing other natural persons or legal persons;

(5) “authentication” means an electronic process that enables the confirmation of the electronic identification of a natural or legal person or the confirmation of the origin and integrity of data in electronic form;’;

(b) the following point is inserted:

‘(5a) “user” means a natural or legal person, or a natural person representing another natural person or a legal person, that uses trust services or electronic identification means provided in accordance with this Regulation;’;

(c) point (6) is replaced by the following:

‘(6) “relying party” means a natural or legal person that relies upon electronic identification, European Digital Identity Wallets or other electronic identification means, or upon a trust service;’;

(d) point (16) is replaced by the following:

‘(16) “trust service” means an electronic service normally provided for remuneration which consists of any of the following:

(a) the issuance of certificates for electronic signatures, certificates for electronic seals, certificates for website authentication or certificates for the provision of other trust services;

(b) the validation of certificates for electronic signatures, certificates for electronic seals, certificates for website authentication or certificates for the provision of other trust services;

(c) the creation of electronic signatures or electronic seals;

(d) the validation of electronic signatures or electronic seals;

(e) the preservation of electronic signatures, electronic seals, certificates for electronic signatures or certificates for electronic seals;

(f) the management of remote electronic signature creation devices or remote electronic seal creation devices;

(g) the issuance of electronic attestations of attributes;

(h) the validation of electronic attestation of attributes;

(i) the creation of electronic timestamps;

(j) the validation of electronic timestamps;

(k) the provision of electronic registered delivery services;

(l) the validation of data transmitted through electronic registered delivery services and related evidence;

(m) the electronic archiving of electronic data and electronic documents;

(n) the recording of electronic data in an electronic ledger;’;

(e) point (18) is replaced by the following:

‘(18) “conformity assessment body” means a conformity assessment body as defined in Article 2, point 13, of Regulation (EC) No 765/2008, which is accredited in accordance with that Regulation as competent to carry out conformity assessment of a qualified trust service provider and the qualified trust services it provides, or as competent to carry out certification of European Digital Identity Wallets or electronic identification means;’;

(f) point (21) is replaced by the following:

‘(21) “product” means hardware or software, or relevant components of hardware or software, which are intended to be used for the provision of electronic identification and trust services;’;

(g) the following points are inserted:

‘(23a) “remote qualified electronic signature creation device” means a qualified electronic signature creation device that is managed by a qualified trust service provider in accordance with Article 29a on behalf of a signatory;

(23b) “remote qualified electronic seal creation device” means a qualified electronic seal creation device that is managed by a qualified trust service provider in accordance with Article 39a on behalf of a seal creator;’;

(h) point (38) is replaced by the following:

‘(38) “certificate for website authentication” means an electronic attestation that makes it possible to authenticate a website and links the website to the natural or legal person to whom the certificate is issued;’;

(i) point (41) is replaced by the following:

‘(41) “validation” means the process of verifying and confirming that data in electronic form are valid in accordance with this Regulation;’;

(j) the following points are added:

‘(42) “European Digital Identity Wallet” means an electronic identification means which allows the user to securely store, manage and validate person identification data and electronic attestations of attributes for the purpose of providing them to relying parties and other users of European Digital Identity Wallets, and to sign by means of qualified electronic signatures or to seal by means of qualified electronic seals;

(43) “attribute” means a characteristic, quality, right or permission of a natural or legal person or of an object;

(44) “electronic attestation of attributes” means an attestation in electronic form that allows attributes to be authenticated;

(45) “qualified electronic attestation of attributes” means an electronic attestation of attributes which is issued by a qualified trust service provider and meets the requirements laid down in Annex V;

(46) “electronic attestation of attributes issued by or on behalf of a public sector body responsible for an authentic source” means an electronic attestation of attributes issued by a public sector body that is responsible for an authentic source or by a public sector body that is designated by the Member State to issue such attestations of attributes on behalf of the public sector bodies responsible for authentic sources in accordance with Article 45f and with Annex VII;

(47) “authentic source” means a repository or system, held under the responsibility of a public sector body or private entity, that contains and provides attributes about a natural or legal person or object and that is considered to be a primary source of that information or recognised as authentic in accordance with Union or national law, including administrative practice;

(48) “electronic archiving” means a service ensuring the receipt, storage, retrieval and deletion of electronic data and electronic documents in order to ensure their durability and legibility as well as to preserve their integrity, confidentiality and proof of origin throughout the preservation period;

(49) “qualified electronic archiving service” means an electronic archiving service which is provided by a qualified trust service provider and which meets the requirements laid down in Article 45j;

(50) “EU Digital Identity Wallet Trust Mark” means a verifiable, simple and recognisable indication which is communicated in a clear manner that a European Digital Identity Wallet has been provided in accordance with this Regulation;

(51) “strong user authentication” means an authentication based on the use of at least two authentication factors from different categories of either knowledge, something only the user knows, possession, something only the user possesses or inherence, something the user is, that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data;

(52) “electronic ledger” means a sequence of electronic data records, ensuring the integrity of those records and the accuracy of the chronological ordering of those records;

(53) “qualified electronic ledger” means an electronic ledger which is provided by a qualified trust service provider and which meets the requirements laid down in Article 45l;

(54) “personal data” means any information as defined in Article 4, point (1), of Regulation (EU) 2016/679;

(55) “identity matching” means a process where person identification data, or electronic identification means are matched with or linked to an existing account belonging to the same person;

(56) “data record” means electronic data recorded with related meta-data supporting the processing of the data;

(57) “offline mode” means, as regards the use of European Digital Identity Wallets, an interaction between a user and a third party at a physical location using close proximity technologies, whereby the European Digital Identity Wallet is not required to access remote systems via electronic communication networks for the purpose of the interaction.’;


Note: This is the final text of Regulation (EU) 2024/1183 of the European Parliament and of the Council of 11 April 2024, establishing the European Digital Identity Framework.