- Identity and digital signature
Migration of PSIS to the Amazon Web Services cloud
Last February 29, the European Parliament approved, with 335 votes in favor, 190 against and 31 abstentions the proposed modification of European Regulation 910/2014, of July 23, relating to electronic identification and trust services for electronic transactions in the internal market, known as ReIDAS.
This Regulation establishes a framework of trust for the digital identification of natural persons in their online actions before any public administration of the European Union as well as for the provision of trust services such as the issuance of digital signature and stamp certificates emails, web authentication certificates or time stamps. Its new proposal modifies this framework by introducing a new model based on so-called digital identity wallets, and expands the number of trust services covered by the regulations with the aim of improving their implementation and cross-border use, overcoming the limitations of the previous model.
European digital identity wallets will allow people across Europe to securely store their documents and personal information in one app. These documents and information include much more than just citizens' IDs or driver's licenses, but also medical records, bank cards or even university degrees. Together, this data will be able to create a global EU digital identity for each citizen that can be used in all member states.
Specifically, the new identity cards will allow citizens to:
On the other hand, the new version of the regulation contemplates the following new trust services, which are added to those already defined in the current version (issuance of electronic signature certificates, electronic seals, web authentication certificates, validation, archive, stamp of time and electronic notification):
Also of note is the regulation relating to the use of qualified remote electronic signature creation devices.
With the approval by the European Parliament, the last remaining steps will be the approval of the text by the Council of Ministers of the EU and its publication. The arrival of the new European digital identity model based on identity wallets is expected to be two and a half years after its entry into force.
In accordance with Law 29/2010, of August 3, on the use of electronic media in the public sector of Catalonia, the Catalan Certification Agency has the competence to provide electronic signature services to the public sector of Catalonia for to guarantee the confidentiality, integrity, identity and non-rejection of electronic communications carried out by public sector entities in Catalonia, and any other task entrusted to it. These functions were assumed by the AOC Consortium directly, by virtue of the absorption of the Agency.
Thus, the AOC Consortium is the qualified trusted service provider, in accordance with the provisions of the ReIDAS, of the Catalan public administrations, issuing digital certificates for the staff in their service (TCAT) and for citizens (idCAT) as well such as the electronic stamps used in the automated administrative action. In the same vein, to facilitate its use, it also offers services for the creation, validation and preservation of electronic signatures that are widely implemented in all Administrations.
On the other hand, since 2016 it has been offering the VALID service as a digital identification mechanism integration bus that offers users of the integrated web applications to identify themselves either with their qualified certificate, with idCAT Mobile or with credentials validated by the Cl@ve platform, which gives access, among others, to the cross-border digital identity model regulated by ReIDAS.
It is through these services that the AOC Consortium guarantees that the administrations that use them comply with the technical and legal requirements regarding the use of electronic signature and identification mechanisms, facilitating access to the digital identity model established by ReIDAS and providing the trust services described therein.
Since its creation in 2001, the AOC Consortium has worked, in close collaboration with the rest of the country's administrations, to establish this Catalan model of identity and electronic signature, adapting it to changes regulations that have been produced over time, starting with the old Law 59/2003, of December 19, on electronic signatures, Law 11/2007, of June 22, on electronic access of citizens to public services, the approval of the National Interoperability and Security Schemes or ReIDAS itself.
However, it participates in innovation projects in order to take advantage of the latest trends in the field and improve the efficiency of the services it offers. Along these lines, he once participated in the STORK project, the seed of the current network of identification mechanisms established by ReIDAS, and is currently a member of the Early Adopters program of the EBSI network, collaborating in the development of different identification concept tests based on the new digital identity wallets that the new Regulation will promote.
Following this strategy of adaptation and continuous evolution, the AOC Consortium promotes the following projects related to identification and electronic signature in order to improve its services using the latest technological innovations, the current regulatory framework and in line with the new regulation that is about to enter into force:
A model is therefore presented focused on users who will be able to obtain and use their identity data from their mobile device as well as produce electronic signatures, very much in line with what the new Regulation establishes, integrated with the current services implemented and in use The AOC Consortium will guarantee, as it has always done, access to all the Catalan Public Administrations to the mechanisms based on the European digital identity portfolios that it will establish following a strategy that facilitates the path and leads to this point.