What happens to existing eIDAS 1.0 trust services after 2026?

EU-certified paper seal partially covered by a modern digital identity card on a government desk, contrasting aged and current identity systems.

Existing eIDAS 1.0 trust services do not simply stop working after 2026. Qualified trust service providers that were already recognized under eIDAS 1.0 retain their legal standing, but they must upgrade their practices, technical standards, and documentation to comply with the stricter requirements introduced by eIDAS 2.0. For organizations that rely on qualified certificates, electronic signatures, or other trust services, this is primarily a compliance and transition challenge rather than a sudden shutdown. This article walks through the most important questions your organization likely has about what changes, what stays the same, and what to do next.

Will eIDAS 1.0 trust services stop working after 2026?

No, eIDAS 1.0 trust services will not simply stop working after 2026. The transition to eIDAS 2.0 is a regulatory upgrade, not a hard reset. Trust services that were qualified under eIDAS 1.0 remain legally recognized during the transition period, but providers are expected to align with the new requirements within the timeframes set by the European Commission’s implementing regulations.

Think of it less as a cliff edge and more as a rolling migration. The eIDAS 2.0 regulation introduces new trust service categories, updated technical standards, and expanded supervision requirements. Existing qualified trust service providers must demonstrate conformity with these updated rules to retain their qualified status on the national and European Trusted Lists. Until they do, their current services continue to operate, but without proactive action, organizations risk falling out of compliance as supervisory bodies begin enforcing the new framework.

The practical impact depends heavily on the type of trust service involved. Qualified electronic signatures, seals, timestamps, and registered delivery services each have their own updated reference standards. Providers that offer these services need to assess which implementing regulations apply to them and plan accordingly.

What changes for qualified trust service providers under eIDAS 2.0?

Under eIDAS 2.0, qualified trust service providers face a significantly expanded compliance landscape. The regulation introduces new categories of qualified trust services, raises the bar for conformity assessment, and requires alignment with a large set of new implementing regulations covering everything from technical protocols to annual reporting formats.

Some of the most significant changes include:

  • New qualified trust service categories: eIDAS 2.0 adds qualified electronic ledgers and qualified electronic archiving services as recognized trust service types, which did not exist under the original framework.
  • Remote qualified signature creation devices (QSCDs): Managing remote QSCDs is now recognized as a qualified trust service in its own right, with dedicated implementing regulations.
  • Stricter conformity assessment: The accreditation process for conformity assessment bodies has been tightened, and the conformity assessment scheme itself has been updated.
  • Expanded notification and reporting obligations: Providers must follow updated formats and procedures for notifying supervisory bodies, reporting security breaches, and submitting annual reports.
  • Interoperability requirements: New standards apply to qualified electronic registered delivery services and validation services to ensure cross-border interoperability across EU Member States.

For organizations in regulated sectors such as financial services or healthcare, these changes are particularly relevant because trust services underpin critical processes like digital onboarding, consent management, and legally binding document signing.

How long do trust service providers have to comply with eIDAS 2.0?

The transition timelines under eIDAS 2.0 are staggered rather than uniform. Different implementing regulations carry different deadlines, and the European Commission has been rolling out these regulations progressively. In 2026, several key implementing regulations are either already in force or approaching their compliance dates, making this year a critical window for action.

Providers that were qualified under eIDAS 1.0 generally benefit from a grace period that allows them to continue operating while they update their systems and documentation. However, this grace period is not indefinite. National supervisory bodies are responsible for monitoring compliance, and providers that fail to demonstrate conformity within the applicable timeframes risk losing their qualified status.

The Architecture and Reference Framework (ARF) developed by the eIDAS Expert Group provides additional technical guidance, particularly for providers that also need to interact with the European Digital Identity Wallet ecosystem. Large-scale pilot projects that ran until 2025 have already generated significant feedback on interoperability and security requirements, and that feedback is now shaping the final technical specifications that trust service providers must meet.

For organizations that plan their compliance approach now rather than waiting, the transition is entirely manageable. The risk lies in assuming that existing qualified status automatically transfers without any action.

Do existing qualified certificates and signatures remain legally valid?

Yes, qualified certificates and electronic signatures issued under eIDAS 1.0 remain legally valid after 2026. The legal effect of a qualified electronic signature, seal, or certificate does not expire simply because the regulatory framework has been updated. Documents signed with a qualified certificate issued under eIDAS 1.0 retain their legal standing under EU law.

This is an important distinction for organizations that have built workflows around existing certificates or that hold archives of signed documents. The validity of those signatures is not retroactively affected by the transition to eIDAS 2.0.

However, there is a practical consideration around long-term validation. eIDAS 2.0 introduces updated reference standards for qualified preservation services and qualified validation services. Organizations that need to validate signatures over extended time periods, particularly in sectors like government or pharmaceuticals, should review whether their current validation and archiving infrastructure aligns with the new standards. Relying on outdated validation methods could create legal uncertainty in the future, even if the original signature itself remains valid.

For new certificates issued after the transition, providers must issue them in accordance with eIDAS 2.0 reference standards for qualified certificates for electronic signatures and electronic seals. This means organizations procuring new certificates should verify that their trust service provider has already updated their offering.

What should organizations relying on eIDAS 1.0 services do now?

Organizations that currently rely on eIDAS 1.0 trust services should take a structured approach to assessing their exposure and planning their transition. Waiting for providers to notify them of changes is not a reliable strategy, particularly in regulated sectors where compliance gaps carry real legal and operational risk.

A practical starting point involves four steps:

  1. Inventory your current trust service dependencies: Identify every process in your organization that relies on qualified certificates, electronic signatures, seals, timestamps, or registered delivery services. This includes onboarding flows, contract signing, regulatory reporting, and any cross-border identity verification.
  2. Check your providers’ eIDAS 2.0 status: Verify whether your current trust service providers are on the European Trusted List and whether they have communicated a roadmap for eIDAS 2.0 compliance. Providers that have not yet published a clear transition plan are a risk factor.
  3. Review your internal compliance framework: eIDAS 2.0 is not just a technical update for providers. Organizations that rely on these services also need to ensure their own policies, audit trails, and contractual arrangements reflect the updated requirements.
  4. Assess readiness for the EUDI Wallet ecosystem: If your organization operates in a sector where the European Digital Identity Wallet will become a standard method of identity verification, now is the time to understand how wallet-based interactions connect to your existing trust service infrastructure.

Organizations in science and research, for example, face specific considerations around qualified credentials and cross-border data sharing that benefit from early preparation. Reviewing your available resources on eIDAS 2.0 implementation is a good first step toward building a clear action plan.

How TrustTech helps with eIDAS 2.0 trust service transitions

Navigating the shift from eIDAS 1.0 to eIDAS 2.0 requires more than reading the regulation. It requires translating complex implementing rules into practical changes across your systems, contracts, and compliance processes. That is exactly where TrustTech adds value.

TrustTech supports organizations at every stage of the eIDAS 2.0 transition, including:

  • Compliance gap assessments that map your current trust service dependencies against eIDAS 2.0 requirements
  • Implementation support for qualified electronic signatures, seals, and identity verification aligned with the latest EU standards
  • Reusable identity infrastructure that connects identity proofing, authentication, and signing in a single compliant platform
  • Sector-specific guidance for finance, government, healthcare, and other regulated industries where trust services are business-critical
  • EUDI Wallet readiness to ensure your organization is prepared for wallet-based identity interactions as they become mainstream

Whether you are assessing your current exposure, planning a migration, or building new digital identity infrastructure from the ground up, TrustTech provides the expertise and technology to make it straightforward. Contact TrustTech to discuss your eIDAS 2.0 transition and find out how we can help you stay compliant and future-ready.