Get in touch

What is eIDAS 2.0 and why does it matter?

Worn leather EU passport beside a smartphone displaying a digital credential card on dark slate, soft light from a frosted window.

eIDAS 2.0 is the updated European regulation on electronic identification and trust services, designed to create a unified digital identity framework across all EU Member States. It builds on the original eIDAS regulation from 2014 but goes much further by making digital identity accessible to every EU citizen, resident, and business through a standardised digital wallet. The sections below answer the most important questions about what this regulation means and what your organisation needs to do.

How does eIDAS 2.0 differ from the original eIDAS regulation?

The original eIDAS regulation, in force since 2014, allowed EU Member States to notify and recognise each other’s national electronic ID systems. Any scheme that was notified had to be accepted across the EU from 2018 onwards. However, there was no obligation for every country to create a national electronic ID or to make it compatible with others. This led to significant gaps and inconsistencies between Member States.

eIDAS 2.0 closes those gaps in three important ways. First, it makes participation mandatory rather than optional: every Member State is now required to offer a digital identity solution to its citizens and businesses. Second, it extends the scope to the private sector, meaning that private organisations offering services online are also brought into the framework. Third, it introduces a new tool at the heart of the regulation: the European Digital Identity Wallet.

In short, where the original regulation created a foundation, eIDAS 2.0 builds a complete structure on top of it. The goal is a consistent, interoperable, and user-controlled digital identity experience across the entire European Union.

What is the European Digital Identity Wallet?

The European Digital Identity Wallet, often referred to as the EUDI Wallet, is a secure digital application that allows EU citizens, residents, and businesses to store, manage, and share identity data and documents. Users can prove who they are, share specific attributes such as age or nationality, and sign documents digitally, all from a single app they fully control.

The wallet is designed with privacy at its core. Users decide exactly what information they share and with whom. If a service only needs to verify that someone is over 18, the wallet can confirm that without revealing a full date of birth or any other personal data. This selective disclosure principle is a significant improvement over traditional identity checks.

Wallets can be provided either directly by national governments or by private companies that have received official recognition. The European Commission has also published a reference implementation as open-source software, giving Member States and developers a technical foundation to build on. Large-scale pilot projects involving more than 350 organisations from 26 Member States have been testing the wallet across real-world scenarios, including opening a bank account, accessing government services, claiming prescriptions, and verifying educational credentials.

Which organisations are required to accept the EUDI Wallet?

Under eIDAS 2.0, a broad range of both public and private sector organisations will be required to accept the EUDI Wallet as a valid means of identification. Public authorities across all Member States must accept it for digital public services. On the private side, the obligation applies to organisations in sectors where identity verification plays a central role.

The sectors specifically covered include:

  • Financial services, including banks and institutions offering account opening or regulated services
  • Telecommunications providers requiring identity verification for SIM registration
  • Healthcare providers handling prescriptions or patient records
  • Transport and mobility services
  • Educational institutions issuing or verifying credentials
  • Any service that currently requires strong authentication under existing EU law

For organisations in financial services and healthcare, this is particularly relevant because identity verification is already a regulatory requirement. eIDAS 2.0 does not replace those existing obligations but provides a standardised, interoperable method for fulfilling them.

What are verifiable credentials and how do they relate to eIDAS 2.0?

Verifiable credentials are digital equivalents of physical documents or certificates, such as a driving licence, diploma, or proof of employment. They are cryptographically signed by the issuing authority, which means any recipient can verify their authenticity without contacting the issuer directly. The holder stores them in their digital wallet and shares them when needed.

eIDAS 2.0 places verifiable credentials at the heart of how the EUDI Wallet operates. When a citizen stores their national ID, professional qualification, or health insurance card in the wallet, these are issued as verifiable credentials by a trusted authority. When they present one of these credentials to a service provider, that provider can instantly verify its authenticity and integrity.

This has a practical benefit that goes beyond convenience. Because verifiable credentials are cryptographically bound to the wallet holder, they are far more resistant to fraud than traditional document copies or username and password combinations. For organisations that need to comply with know-your-customer requirements or other identity-based regulations, accepting verifiable credentials through the EUDI Wallet can streamline compliance considerably.

When does eIDAS 2.0 come into force and what are the key deadlines?

eIDAS 2.0 entered into force in 2024 following its publication in the Official Journal of the European Union. Member States are legally required to make the EUDI Wallet available to all citizens, residents, and businesses by 2026. This means that in 2026, the first national wallet implementations are expected to be live and accessible.

The key milestones organisations should be aware of are:

  1. 2024: The updated regulation entered into force and technical specifications were finalised through the Architecture and Reference Framework.
  2. 2025: Large-scale pilot projects concluded, providing the European Commission with real-world feedback to refine deployment requirements.
  3. 2026: Member States must have wallet solutions available. Organisations in scope must be capable of accepting the wallet for relevant services.
  4. Ongoing: Sectors with specific obligations will need to implement acceptance and integrate wallet-based flows into their digital services as national rollouts progress.

For organisations that have not yet started preparing, 2026 is not a distant horizon. The technical and compliance groundwork takes time, and waiting until wallet adoption is widespread before beginning preparation is a risk most regulated organisations cannot afford to take.

How should organisations start preparing for eIDAS 2.0?

Preparing for eIDAS 2.0 starts with understanding whether and how your organisation falls within scope, then mapping the gap between your current identity infrastructure and what the regulation requires. Most organisations in regulated sectors will need to make meaningful changes to how they verify identities, manage credentials, and handle digital signatures.

A practical starting point involves three areas of focus. First, assess your current identity verification and onboarding processes to identify where wallet-based verification could or must replace existing methods. Second, review your compliance framework to understand how eIDAS 2.0 interacts with obligations you already have under GDPR, AML, KYC, or sector-specific rules. Third, engage with your technology partners early to understand what integrations will be needed to accept and process EUDI Wallet credentials.

Organisations in government and highly regulated industries should also monitor national implementation timelines closely, as the pace of wallet rollout will vary by country. Connecting with industry groups or pilot consortia active in your sector can provide early insight into what technical standards and user flows are emerging as the baseline.

For more practical guidance and resources on navigating digital identity regulation, the TrustTech resource library is a useful starting point.

How TrustTech helps with eIDAS 2.0

eIDAS 2.0 is not just a compliance exercise. It is a shift in how digital identity works across Europe, and organisations that prepare well will benefit from faster onboarding, less friction, and stronger trust with their customers and partners.

TrustTech’s platform is built specifically to help organisations navigate this transition. Practically, this means:

  • Secure identity verification and onboarding that is eIDAS 2.0 ready by design
  • Reusable compliance flows that reduce the need for customers to re-verify across touchpoints
  • Qualified digital signatures that are identity-linked and fully auditable
  • Interoperability with EUDI Wallet infrastructure as national rollouts progress
  • Support for regulated sectors including finance, government, healthcare, and pharmaceuticals

Whether your organisation is just starting to understand the implications of the regulation or is already moving towards implementation, TrustTech can help you translate the requirements into a clear, workable plan. Get in touch with TrustTech to discuss where your organisation stands and what the next steps look like.