On 8 December 2015, the European Banking Authority published a Discussion Paper on strong customer authentication and secure communication. How is this relevant for eIDAS?

The Discussion Paper will allow EBA to obtain input from stakeholders in relation to the Regulatory Technical Standards it has to deliver, by January 2017, in the context of the revised Payment Services Directive (PSD2).

How is this relevant for eIDAS?

The discussion paper considers whether the eIDAS Regulation could provide a possible solution for facilitating the strong customer authentication under PSD2.

The need for regulatory alignment between the two legislations, i.e. PSD2 and eIDAS, was already raised one year ago by stakeholders participating in our events with a focus on the financial/banking sector.

eIDAS is also mentioned in the recently published green paper on retail financial services which outlines the eIDAS' role in facilitating distance payments as well as matching the Know-Your-Customer (KYC) requirements of anti-money laundering legislation.

The eIDAS Regulation offers, therefore, a set of tools to match the requirements set in the PSD2 in relation to strong authentication for on-line payments. Similarly, thorough identification of customers under the Anti-Money Laundering Directive will allow banks to meet the KYC requirements thus enabling anybody (natural and legal persons) to open and operate a bank account in another EU country online, without undergoing face-to-face identity verification in a branch.

In addition, in relation to consenting to transactions, the Regulation gives qualified electronic signatures (for natural persons) the same legal effect as handwritten signatures everywhere in the EU.

For legal persons, eSeals ensure the origin and integrity of data.

Last but not least, the Regulation provides for qualified website authentication by which users are reassured that there is a properly identified natural or legal person behind the website they visit.

The outcome of the current discussion paper will serve as the basis for EBA's further work on drafting the Regulatory Technical Standards in January 2017 in the context of the PSD2.

Now you have the opportunity to make your voice heard. We encourage you to send your comments and you have time until 8 February at the latest.

In the meantime, we continue our efforts in engaging with stakeholders to promote the uptake and use of eID and trust services in the market.