Release of the eIDAS Technical Specifications v 1.2
©Adobe Stock
The CEF eID team is pleased to announce the release of the updated version of technical specifications for the eIDAS interoperability framework (v. 1.2).
The release of the technical specifications is foreseen by the eIDAS Regulation No 910/2014 and article 12 of the implementing regulation No 2015/1501 is creating the platform enabling practical connectivity between eID means from different Member States to foster interoperability.
The specifications have been developed by Member States and the European Commission collaborating in the technical subgroup on eID of the eIDAS Cooperation Network. The Commission also provides, as part of the CEF eID services, a sample implementation based on these technical specifications which Member States can adopt as an "off-the-shelf" implementation.
The current version was endorsed by Opinion No. 5/2019 of the Cooperation Network on 27 September 2019. It consists of four separate documents, each concerning a specific area:
- The eIDAS Message Format;
- eIDAS SAML Attribute Profile;
- eIDAS Cryptographic Requirement; and
- eIDAS Interoperability Architecture.
The current technical specifications have been updated compared to the previous 1.1 version. This update concerns notably the use of non-notified eID schemes, identification of Relying parties, fixes in attributes profiles and cryptographic requirements and improvements in metadata handling.
These technical specifications will be subject to further development in the normal course of events and any subsequent changes will form part of the timed release management process.
The Connecting Europe Facility (CEF) eID Building Block primarily supports the Member States in the roll-out of the eIDAS Network (the technical infrastructure which connects national eID schemes). CEF eID is a set of services (including software, documentation, training and support) provided by the European Commission and endorsed by the Member States, which helps public administrations and private Service Providers to extend the use of their online services to citizens from other European countries.
OpenPEPPOL Community Meeting - towards adoption of data exchange AS4 profile
AS4 discused at the OpenPEPPOL eDelivery Working Group
During the ‘OpenPEPPOL Community F2F Meetings’ on 15-16 October 2019, the European Commission presented the value of the AS4 message-exchange profile, which is currently being implemented in the OpenPEPPOL network.
Europe's Digital Single Market is built on new EU-wide regulations, which enable convenient cross-border online digital services. Currently, the Connecting Europe Facility (CEF) eDelivery Building Block supports the use of the AS4 messaging protocol by public and private entities (including SMEs) to create a secure channel for the transmission of documents and data by electronic means, over the internet or via a private network. AS4 both provides evidence relating to the handling of the transmitted data as well as protecting it against the risk of loss, theft, damage or any unauthorised alterations. AS4 is a Conformance Profile of the OASIS ebMS 3.0 specification.
OpenPEPPOL enables businesses across Europe to communicate electronically with public buyers in various stages of the procurement process and is based on the success of the Pan-European Public Procurement Online (PEPPOL) large-scale EU pilot project. The OpenPEPPOL network is now growing swiftly, both within Europe and beyond to countries such as Singapore, New Zealand and Australia.
As of 1 February 2020, AS4 will be mandatory and every participant in the PEPPOL network must be capable to support AS4 protocol.
The European Commission's Dietmar Gattwinkel (CNECT) and Joao Rodrigues Frade (DIGIT) present
the value of AS4
The European Commission welcomes the increased use of AS4 within OpenPEPPOL, together with OpenPEPPOL's own international growth as a network. This demonstrates clear progress towards the adoption of open, secure standards in Europe, from the Dutch energy sector to supporting law-enforcement against terrorism.
To build a Digital Single Market, the CEF programme funds key digital infrastructure, known as Building Blocks. The CEF Building Blocks offer basic capabilities that can be reused in any European project to facilitate the delivery of digital public services across borders and sectors. Currently, there are eight building blocks: Big Data Test Infrastructure, Context Broker, Archiving, eDelivery, eID, eInvoicing, eSignature and eTranslation. Blockchain and the Once Only Principle are on their way to becoming operational Building Blocks in the near future.
European Blockchain Infrastructure presented at the European Court of Justice
On 3 October 2019, Joao Rodrigues Frade, Head of Sector Digital Building Blocks in the European Commission’s Directorate General for Informatics (DIGIT) presented how Blockchain technology is advancing digital transformation at the Court of Justice of the European Union in Luxembourg.
Blockchain creates an unchangeable ledger of records maintained by a decentralised network. All records are approved by consensus, with groups of records linked in the ledger, forming a chain. The decentralised nature of blockchain can remove the need for intermediaries during transactions, while the immutability of the ledger helps to promote trust and security.
Joao Rodrigues Frade presented the European Blockchain Services Infrastructure (EBSI) project, which will deliver a Europe-wide blockchain infrastructure offering numerous applications for public administrations in EU Member States. The Commission is delivering EBSI in close collaboration with the Member States through the European Blockchain Partnership (EBP), established in 2018 through the Connecting Europe Facility (CEF).
European-level legislation enables convenient cross-border online digital services based on common standard and specifications. In this context, the Connecting Europe Facility (CEF) programme is funding a set of generic and reusable Digital Service Infrastructures (DSI), also known as Building Blocks, To build a Digital Single Market. The CEF Building Blocks offer basic capabilities that can be reused in any European project to facilitate the delivery of digital public services across borders and sectors.
In 2020, EBSI will become a CEF Building Block, providing reusable software, specifications and services to support adoption by EU institutions and European public administrations.
View the presentation
You can subscribe directly to the Commission's EBSI newsletter, to keep up to date with the developing infrastructure or read more about Blockchain policy in the EU.
European Blockchain Services Infrastructure – Now and Tomorrow (Report)
©Adobe Stock
On 8 October 2019, the European Commission’s Joint Research Centre invited blockchain experts to the event Blockchain Now and Tomorrow: Assessing Multidimensional Impacts of Distributed Ledger Technologies. The event launched the report “Blockchain Now and Tomorrow", which provides multidimensional insights into the state of blockchain technology.
This report explains how blockchain can enable parties with no particular trust in each other to exchange digital data on a peer-to-peer basis with fewer or no third parties or intermediaries. This report seeks to go beyond the hype and debunk some of blockchain's controversies by offering both an in-depth and practical understanding of blockchain and its possible applications.
This report also notes EU-level strategies on how to take advantage of blockchain technology, notably the European Blockchain Services Infrastructure (EBSI), which will support digital services deployed by the public sector and eventually by private actors.
Peteris Zilgalvis, Head of the Digital Innovation and Blockchain Unit in the Directorate-General or Communications Networks, Content and Technology presented EBSI at the launch event.
EBSI is a joint initiative from the European Commission and the European Blockchain Partnership (EBP) to deliver EU-wide cross-border public services using blockchain technology. The EBSI will be materialised as a network of distributed nodes across Europe (the blockchain), leveraging an increasing number of applications focused on specific use cases. In 2020, the EBSI will become a Connecting Europe Facility (CEF) Building Block, providing reusable software, specifications and services to support adoption by European public administrations and the EU Institutions.
In 2019, EBSI user groups of national experts aim to deliver prototype applications in the areas of notarisation, diplomas, European self-sovereign identity (eSSIF) and trusted data sharing. During the event, Marciella Atzori (expert for the Italian Ministry of Economic Development) specifically highlighted the importance or potential for citizens of the diplomas and European Self-Sovereign Identity use cases as part of the European Blockchain Services Infrastructure.
You can keep up to date with the latest EBSI developments by registering to this newsletter.
CEF eTranslation really is one in a million
©Adobe Stock
On 10 October 2019, the Connecting Europe Facility (CEF) eTranslation Building Block delivered over a million translated pages in a single day!
CEF eTranslation delivered 1 059 855 pages ensuring that all EU citizens can access and use Commission services in the 24 official EU languages. These include the Joint Research Council, the European Commission's science and knowledge service, the European data portal, which harvests the metadata of public sector information available on public data portals in EU Member States and the Better Regulation Portal, where citizens can contribute to EU policy, law-making and other initiatives as they take shape.
CEF eTranslation is a machine translation tool, which draws upon decades worth of work by EU translators (over 1 billion sentences in the official languages of the Union) and is designed to retain the format of structured documents during translation. It can translate multiple documents to multiple languages at once and guarantees continuous service of high quality, with due consideration for the confidentiality and security of data during the translation process.
CEF eTranslation is built using cutting-edge neural network technology. This AI-based machine learning approach examines the full context of a sentence to produce highly fluent, readable, and almost human-like translations.
Through CEF eTranslation, citizens and businesses can benefit from a wider range of digital public services in Europe, regardless of their language ability.
The eTranslation Building Block can be used in two ways:
- Any public administration in the European Union, Iceland or Norway can integrate eTranslation into digital services, making them multilingual;
- If you are a civil servant working in a public administration from EU, Iceland or Norway, you are entitled to use the eTranslation website to request automatic translations.
eTranslation is continuously improved through the European Language Resource Coordination (ELRC) effort, which identifies and gathers language and translation data relevant to national public services, administrations and governmental institutions across all 30 European countries participating in the CEF programme.
In addition, the more translations fed into the system, the better the translations get.
To build a Digital Single Market, the CEF programme funds key digital infrastructure, known as Building Blocks. The CEF Building Blocks offer basic capabilities that can be reused in any European project to facilitate the delivery of digital public services across borders and sectors. Currently, there are eight building blocks: Big Data Test Infrastructure, Context Broker, Archiving, eDelivery, eID, eInvoicing, eSignature and eTranslation. Blockchain and the Once Only Principle are on their way to becoming operational Building Blocks in the near future.
EU Blockchain Initiatives supporting financial transparency
©Adobe Stock
On Wednesday October 2nd 2019, the European Commission’s Directorate-General for Financial Stability, Financial Services and Capital Markets Union (FISMA) and Deloitte co-hosted the event: “How can technology driven transparency fuel the Capital Markets Union?”.
Distributed ledger technology, specifically Blockchain, was a key focus of the event, reflecting the EU’s ongoing commitment to invest in next generation ‘hyperscaler’ technology.
Blockchain creates an unchangeable ledger of records maintained by a decentralised network. All records are approved by consensus, with groups of records linked in the ledger, forming a chain. The decentralised nature of blockchain can remove the need for intermediaries during transactions, while the immutability of the ledger helps to promote trust and security.
Joao Rodrigues Frade, Head of Sector Digital Building Blocks at European Commission’s Directorate-General for Informatics (DIGIT), introduced the European Financial Transparency Gateway (EFTG) pilot run by DG FISMA. The EFTG pilot experimented with blockchain technology to provide European citizens and investors with easier access to financial information on companies across the EU. He also presented the European Blockchain Services Infrastructure (EBSI) project, which will deliver a Europe-wide blockchain infrastructure offering numerous applications for public administrations in EU Member States. The Commission is delivering EBSI in close collaboration with the Member States through the European Blockchain Partnership (EBP), established in 2018 through the Connecting Europe Facility (CEF).
Panellists discuss how technology driven transparency can fuel the Capital
Markets Union
Peteris Zilgalvis, Head of Unit Digital Innovation and Blockchain at the Directorate‑General for Communications Networks, Content and Technology (DG CNECT), stated that EBSI is “the most significant blockchain initiative globally”, in terms of the number of countries actively collaborating.
In the ensuing panel discussion with Blockchain experts from public and private sector organisations, the point was made that the age of ‘hype’ or ‘experimentation’ around blockchain is ending. The focus now is on solving real business problems. In both the public and private sectors, we can see blockchain emerging as a powerful enabler for more secure and transparent records of events or transactions, from notarization of documents, to the verification of education credentials, to track-and-trace on shipments.
You can subscribe directly to the Commission's EBSI newsletter, to keep up to date with the developing infrastructure or read more about Blockchain policy in the EU.
CEF Building Blocks at ENISA Trust Services Forum 2019
©Adobe Stock
On 25 September 2019, the European Commission presented an update of the Connecting Europe Facility (CEF) Building Blocks at Trust Services Forum in Berlin, Germany.
This forum, organised by the European Union Agency for Network and Information Systems (ENISA), focused on the major issues related to Trust Services across Europe, including:
- Sharing good practices and experience on the implementation of trust services;
- Discussing the latest developments on the framework surrounding trust service providers including standards, implementing acts and technical guidelines;
- Exchanging views on identified implementation and operational issues of qualified trust services;
- Discussing strategies to promote the adoption of qualified trust services.
The continued shift from paper-based to digital services presents new challenges to public and private sector organisations, with 'trust' a key consideration.
The eIDAS Regulation ((EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market) tackles the issue of trust when accessing services across borders. eIDAS ensures that people and businesses can use their own national electronic identification schemes (eIDs) to access public services in other EU counties. It also creates a European internal market for electronic trust services – namely electronic signatures (as well as electronic seals, time stamp, electronic delivery service and website authentication).
During the Trust Services Forum 2019, the European Commission presented how three CEF Building Blocks directly support public and private sector organisations benefit from the provisions of the eIDAS Regulation, keeping public services in Europe secure and connected:
- eID: which ensures that people and businesses can use their national eID schemes to access public services in other EU countries and provides and ensures legal validity of transactions across borders and same legal status as traditional paper based processes;
- eSignature: which helps public administrations, businesses and citizens sign electronically through the DSS open-source library and a number of practical supporting services;
- eDelivery: which proposes the use of the highly secure AS4 messaging protocol to create a secure channel for the transmission of documents and data by electronic means, over the internet or via a private network.
Apostolos Apladas, DIGIT –European Commission, presents the eSignature Building Block
The Commission highlighted the formation of a workgroup for the federation of electronic signatures among European Institutions and the roll-out of EU Sign, a DSS (eSignature)-based application, as the solution for eSignatures within the European Commission.
For CEF eSignature, the Commission informed participants about a new service desk, new notification tool and TLSO webinars and trainings. CEF eSignature also continuously develops the TL-Browser and TL-Manager. CEF eSignature receives on average 500 DSS downloads per day.
You can see the full CEF slid-deck here.
ENISA has published all presentations from the Trust Services Forum (and CA-Day) on the event page.
To build a Digital Single Market, the Connecting Europe Facility (CEF) programme funds key digital infrastructure, known as Building Blocks. The CEF Building Blocks offer basic capabilities that can be reused in any European project to facilitate the delivery of digital public services across borders and sectors. Currently, there are eight building blocks: Big Data Test Infrastructure, Context Broker, Archiving, eDelivery, eID, eInvoicing, eSignature and eTranslation. Blockchain and the Once Only Principle are on their way to becoming operational Building Blocks in the near future.
New Q2 2019 figures show increased Building Block adoption
©Adobe Stock
The latest quarterly figures for the Connecting Europe Facility (CEF)-funded Digital Service Infrastructure (DSIs), including Building Blocks, show that their adoption continued to increase in Q2 2019.
To build a Digital Single Market in Europe, the CEF programme supports a set of generic and reusable Digital Service Infrastructures (DSI), also known as Building Blocks. Currently, there are eight Building Blocks: Big Data Test Infrastructure, Context Broker, Archiving, eDelivery, eID, eInvoicing, eSignature and eTranslation. Blockchain and the Once Only Principle are also on their way to becoming CEF Building Blocks. Some DSI are specific to certain sectors, such as eHealth or eJustice.
Increased uptake at a glance
- Big Data Test Infrastructure: the number of projects reusing BDTI increased from 22 to 38 (+72.3%) and is now in France, Belgium, Norway and Bulgaria (+4 countries);
- eID (Peer reviewed eID schemes): the number of reviewed eID schemes went from 10 to 13 (+30%);
- eSignature (DSS downloads): total downloads of the DSS library increased by almost 82% (the highest number Q4 2016);
- eSignature (Conformance testing): number of eSignature Conformance tests increased by 20.9%;
- eTranslation (Language resource collection and curation): number of languages covered increased from 34 to 36 and the number of language resources increased from 1418 to 1713 (20.8%);
- eProcurement (eCertis): the number of unique visitors increased by 52.0% (Now 22.118);
- eHealth: the number of transactions between countries increased from 11.482 to 16.195 (+41.0%) and the number of exchanged eDispensations increased from 1.033 to 1.669 (+61.6%).
Q1 2014 - Q2 2019, CEF Monitoring Dashboard
New Cybersecurity DSI Dashboard
The Commission launched a new dashboard shows the uptake of the Cybersecurity DSI. The dashboard reports on the number of CSIRTs (Computer Security Incident Response Teams). A CSIRT is a group of IT professionals that provides an organization with services and support surrounding the prevention, management and coordination of potential cybersecurity-related emergencies. The Cybersecurity DSI promotes the establishment and deployment of a voluntary core cooperation platform of cooperation mechanisms
The European Commission updates the CEF Dashboard on a quarterly basis with new data and features to improve the visibility on the progress made by the DSIs and to enhance transparency.
To find out more visit the Monitoring Dashboard, the Reuse and CEF Digital.
Czechia, Italy (CIE) and the Netherlands eID schemes notified under eIDAS
©Adobe Stock
On 13 September 2019, the notifications of the Czech eID scheme, the Italian eID card (CIE) and the Dutch Trust Framework for Electronic Identification (issued under eHerkenning) in the context of by the eIDAS regulation have been published to the Official Journal of the European Union.
These three notifications mean that holders of the Czech eID scheme, the Italian eID card (CIE) and the Dutch eHerkenning will be able to use their eID credentials to access public services in other EU Member States. This makes cross-border interactions easier and more secure for them.
Figure 1: Status of pre-notification, peer review and notification upon
October 1st, 2019. Source: CEF Digital
The mutual recognition of eID schemes across Europe is mandated by Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market (commonly known as the eIDAS Regulation). The Regulation states that since 29 September 2018, all online public services requiring electronic identification assurance corresponding to a level of 'substantial' or 'high', must be able to accept the notified eID schemes of other EU countries.
The notification process is composed of three steps: these three countries had previously pre-notified other EU Member States about their intention to notify a specific scheme (c.f. pre-notification article). A peer review has been organised to build trust between the EU Member States. After successful completion, the official notifications are published in the Official Journal. Member States’ public services have then 12 months to adapt their system in order to accept the newly notified eID schemes.
Czechia, Italy and the Netherlands’ successful notification follow the notifications of 9 additional eID schemes. These are the eID Scheme FAS / eCards (Belgium), the National Identification and Authentication System (Croatia), the Estonian eID scheme, the SPID scheme (Italy), the German eID based on Extended Access Control, the Luxembourg eID card, the Cartão de Cidadão (Portugal), the Documento Nacional de Identidad electrónico (Spain) and GOV.UK Verify (the United Kingdom). A full overview of notified and pre-notified eID schemes under eIDAS can be found here.
About the new notified eID schemes
Czechia’s national eID scheme allows Czech citizens to digitally prove their identity online and access eGovernment services – such as medical prescriptions and insurance, post, taxation, pensions and many other services, including from the private sector - in two ways. As of July 2018, they can use eID cards, or alternatively with a combination of username, password, and one-time codes received on their mobile phone via SMS. There is no minimum age limit for applicants, but Czech citizens are under a legal obligation to apply for a personal eID card as from the age of 15 if they reside within the country. This scheme has been notified with a High Level of Assurance.
Figure 2: The Czech eID card,
in use in July 2018
Figure 3: Czech citizens can also
authenticate online with a username,
password, and one-time SMS code
Italy’s Carta di Identità elettronica (CIE) allows Italian citizens to digitally prove their identity online and access a wide range of services, such as taxation, education, loans, health, and many others. The CIE is available for both Italian citizens and official residents of all ages. It is equipped with a radio frequency microprocessor that enables online authentication and protects citizens’ personal data and biometric attributes from counterfeiting. On a computer, citizens can securely authenticate with a card-reader and a PIN code; while on a NFC-enabled mobile phone, citizens can simply present their card near the phone and enter their PIN code. This scheme has been notified with a High Level of Assurance.
Figure 4: Italy’s Carta di Identità elettronica (CIE)
The Netherlands’ Trust Framework for Electronic Identification is a uniform set of standards, agreements and provisions for authorised access to digital services. The business domain of the Dutch eID, known as eHerkenning, is the first ever notified scheme for legal persons under eIDAS. Representatives of business or public services that have received a specific authorisation use it to access online services on behalf of their organisation and manage their transactions with the government in a totally secure manner. They can use a login token, previously acquired from a number of accredited service providers. Tokens can take the form of a name/password, texting, phone, one time password (OPT), or public key certificate. The domain for citizens, known as Idensys, is not part of the notification.
Figure 5: eHerkenning, the Dutch eID means for businesses
The scheme is a public-private partnership between the Ministry of the Interior and a series of accredited suppliers in charge of mean issuance, authentication provision, authorisation registration and eRecognition brokering. Accredited suppliers verify the identity of the organisation's employee and issue log-in resources. Authentication providers authenticate the persons that want to log-in to a service using eHerkenning. Authorisation registers record and maintain the list of authorisations and privileges of each users, acting under the instructions of a legal representative of the organisation. Finally, the eRecognition brokers are responsible for the interface between the eHerkenning network and the service providers. This scheme has been notified at Levels of Assurance Substantial and High.
The Connecting Europe Facility (CEF) eID Building Block primarily supports the Member States in the roll-out of the eIDAS Network (the technical infrastructure which connects national eID schemes). CEF eID is a set of services (including software, documentation, training and support) provided by the European Commission and endorsed by the Member States, which helps public administrations and private Service Providers to extend the use of their online services to citizens from other European countries.
To see the full overview of pre-notified and notified eID schemes under eIDAS,
Summer 2019 ends with a new pre-notified eID scheme
©Adobe Stock
On 16 August 2019, the European Commission announced that Denmark has pre-notified NemID, Denmark’s nationally-issued eID scheme.
The pre-notification is the first step in a process that would enable citizens legally residing in Denmark to use their NemID credentials to access public services in other Member States. This would make cross-border interactions easier and more secure for Danish and Denmark-based EU citizens. Denmark is the fourteenth Member State to pre-notify its national eID scheme, and a full overview of pre-notified and notified eID schemes under eIDAS can be found here.
The mutual recognition of eID schemes across Europe is mandated by Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market (commonly known as the eIDAS Regulation). The Regulation states that, since 29 September 2018, all online public services requiring electronic identification assurance corresponding to a level of 'substantial' or 'high', must be able to accept the notified eID schemes of other EU countries.
NemID consists of a user ID, a password and a code card containing one-time codes needed to log-in. This allows Danish citizens and individuals legally residing in Denmark, including students, to digitally prove their identity online to access eGovernment services such as health, student loans, education and others. Users can also securely log onto mobile banking, and access a variety of other private services. In total, over 13,000 public and private services can be easily accessed with NemID.
Users must enter their User ID and Password to authenticate.
The NemID code-card, pictured above, contains numbered rows and corresponding one-time codes. When logging in, the one-time code corresponding to a specific row will be asked. The corresponding one-time code can only be found on your code-card. Don't lose it!
Here, the one-time code corresponding to row #1111 must be entered to complete the authentication process and access over 13,300 public and private services. The corresponding code can only be found on the code-card.
The eID scheme relies on municipal citizens’ offices, banks, and on the Danish Prison and Probation Services that can issue a NemID on several means, such as a key card, a mobile app, and others. Already, NemID is used by approximately 5.15 million individuals, and has an average 60 million transactions per month.
Following the Danish pre-notification, the other Member States participating in the Cooperation Network may peer-review NemID. The actual notification of the eID scheme should then follow within six months. Other Member States have to recognise a notified eID scheme at the latest 12 months after the publication of the notification in the Official Journal of the European Union.
The Connecting Europe Facility (CEF) eID Building Block primarily supports the Member States in the roll-out of the eIDAS Network (the technical infrastructure which connects national eID schemes). CEF eID is a set of services (including software, documentation, training and support) provided by the European Commission and endorsed by the Member States, which helps public administrations and private Service Providers to extend the use of their online services to citizens from other European countries.
To see the full overview of pre-notified and notified eID schemes under eIDAS,