eIDAS - Docaposte

What is the eIDAS Regulation?

Regulation (EU) No 910/2014, known as eIDAS (Electronic Identification, Authentication and Trust Services), establishes the European framework for electronic identification and trust services.

Its goal is to secure digital interactions among citizens (and residents), businesses, and public authorities across the European Union through a common framework that:

Promotes interoperability among Member States’ systems to foster a Digital Single Market.
Provides a trusted legal framework for digital exchanges.

Beyond technical and regulatory aspects, the real objective is to strengthen the confidence of European citizens and professionals in digital interactions, thereby supporting the development of a true Digital Single Market within the EU.

In practical terms, the eIDAS Regulation provides that EU Member States can make digital identities available to their citizens (or residents) by the end of 2027, enabling them to log in securely to online services. For example, an Italian citizen will be able to use their Italian digital identity to access a public service in Germany.

The regulation also provides for various trust services that enable certain online transactions, such as signing contracts or sending registered electronic letters, with EU‑wide legal effect. For instance, a French company can sign a contract online with a Dutch partner.

Digital trust services

Under the 2014 eIDAS Regulation, digital trust services are services that facilitate and secure online transactions. They have a shared and recognized legal value across the European Union.

These trust services notably include:

Services related to electronic signatures and electronic seals, such as certificate issuance, validation, and preservation of electronic signatures/seals
Electronic time‑stamping
Registered electronic delivery

Following the 2024 revision introducing eIDAS 2, four new services have been added:

Electronic archiving
Electronic ledgers
Issuance of electronic attestations of attributes.
Management of remote signature or seal creation devices

All such trust services must be provided by trust service providers that may be qualified in France by ANSSI, the competent authority, provided they meet the requirements defined by eIDAS. This qualification is recognized throughout the European Union.

What’s new today? What eIDAS 2 changes

As digital use cases continue to expand, it became necessary to strengthen the existing regulatory framework around eIDAS.

In this context, the European Commission presented in 2021 Regulation (EU) 2024/1183, commonly referred to as eIDAS 2. Building on the first version, it aims to establish a truly interoperable European digital identity framework and further harmonize trust services.

Adopted in 2024, eIDAS 2 seeks to bolster digital trust and enhance user control over personal data. Its implementation is being phased in through 2027.

Key dates

This revision is structured around two major pillars:

Each Member State must make available to its citizens (and potentially its residents) at least one European Digital Identity Wallet (EUDI Wallet).
The expansion and harmonization of trust services, with strengthened legal oversight of trust service providers and the addition of new services such as electronic archiving.

The European Digital Identity Wallet

In practice, the wallet will allow users to:

Store and present their identity information and other dematerialized credentials
Access online services securely
Control the sharing of and access to their personal data.

Each EU country must offer at least one European Digital Identity Wallet by the end of 2026. This wallet must comply with European standards ensuring its security level, user privacy protection, and interoperability with the digital services that will accept it.

Its purpose: to make it easier and safer for users to exchange identity data online through several functions (presentation of identity data, authentication, presentation of electronic attestations of attributes, and electronic signing).

“The wallet paves the way for new, innovative services and could redefine how citizens interact with online services."

Romain Santini, Program Director, Wallet and eIDAS 2, Docaposte

> Learn more about the wallet with Romain Santini (FR)

Docaposte, an eIDAS‑qualified trusted partner

Docaposte is the only French provider—and one of the few in Europe—to offer the full range of qualified trust services provided for under the eIDAS Regulation.

This qualification, granted in France by ANSSI, attests that these services comply with the regulation’s security requirements. Choosing Docaposte as your provider therefore ensures 100% compliant and secure solutions.

Docaposte is also committed to facilitating the rollout of the digital identity wallet by developing enterprise solutions:

A turnkey gateway that makes it simple to integrate all national wallets into a digital service and validates the authenticity of received data, while meeting user data‑protection requirements.
An archiving service associated with this gateway, under the organization’s responsibility, enabling it to retain evidence for as long as needed.
An issuance service that allows any organization to issue attestations to the wallet, based on the data it holds on its users.

Docaposte’s eIDAS‑qualified trust services

Nearly 9 million

digital identities created

250+ million

electronic signatures and seals per year

30 million

Registered Electronic Letters (LRE) sent

eIDAS and businesses

Does the eIDAS Regulation apply to me?

The eIDAS Regulation applies to public and private organizations whenever they use or provide electronic identification or trust services as defined by the regulation.

With the entry into force of eIDAS 2 and the rollout of the European Digital Identity Wallet, many organizations will be required to accept these new authentication means within their customer journeys.

This includes:

The public sector, whenever access to services requires user identification.
The private sector (excluding micro‑enterprises) that requires strong user authentication.
Very Large Online Platforms (as defined by the Digital Services Act, i.e., platforms with more than 45 million users) that require basic authentication.

What will the wallet change for my company?

The wallet enhances the security of online transactions, with services that are legally recognized across the European Union.

More than a mere regulatory compliance exercise, the wallet helps streamline and simplify your customer journeys while improving the user experience. Its implementation therefore entails technical adaptations.

It also helps reduce fraud risks through identity verification and minimized, user‑controlled data sharing.

Are there competent authorities in France?

Yes. Each Member State must designate competent authorities to monitor and supervise the uses provided for by the regulation. In France, ANSSI—the National Cybersecurity Agency—oversees, among other things, the compliance of trust service providers.

What is the legal value of an electronic signature? Can I use it for my transactions?

The eIDAS Regulation has established a common legal framework for electronic signatures across all EU countries.

Today, several levels of electronic signatures exist, depending on the desired level of security:

Simple
Advanced
Qualified

Regardless of level, an electronic signature may be used as legal evidence. It cannot be refused as evidence solely on the grounds that it is electronic.

However, only a qualified electronic signature is equivalent to a handwritten signature.

Note that the use of electronic signatures may be regulated by each Member State, which may exclude them for certain types of acts (e.g., notarial acts, marriage, etc.).