eIDAS 2.0
European Digital Identity Framework Regulation
What is eIDAS 2.0?
eIDAS 2.0 (Regulation (EU) 2024/1183) is the EU regulation establishing a framework for European Digital Identity Wallets (EUDIW). It requires every EU member state to offer at least one digital identity wallet to citizens by December 2026. The regulation builds on the original eIDAS from 2014, extending it to cover verifiable credentials, mobile driving licences, and cross-border attribute attestations.
Technical Requirements
eIDAS 2.0 mandates specific credential formats and protocols for EUDIW implementations:
- Credential formats: SD-JWT VC and ISO mdoc (ISO 18013-5) are the two mandatory formats.
- Protocols: OID4VCI for issuance, OID4VP for presentation, conforming to the HAIP profile.
- Assurance level: Level of Assurance High (LoA High) for Person Identification Data (PID).
- Trust infrastructure: Trusted Lists, Qualified Electronic Attestations of Attributes (QEAA), and Qualified Electronic Signatures (QES).
How BaseID Implements It
BaseID provides the building blocks required for eIDAS 2.0-compliant wallet and verifier implementations through several crates:
- baseid-sd-jwt: SD-JWT VC issuance and verification with selective disclosure.
- baseid-mdl: ISO 18013-5 mdoc encoding with CBOR, MSO, and COSE signing.
- baseid-oid4vci / baseid-oid4vp: Protocol implementations for credential issuance and presentation.
- baseid-haip: HAIP profile enforcement for high-assurance interoperability.
Key Concepts
PID
Person Identification Data: core identity attributes issued by member states.
QEAA
Qualified Electronic Attestation of Attributes: verified credential from a qualified provider.
QES
Qualified Electronic Signature: legally equivalent to a handwritten signature across the EU.
EUCC
EU Common Criteria certification scheme for wallet security evaluation.
Timeline
Ready to build with BaseID?
Get started with our open-source libraries or contact us about managed services.