Interoperable Europe logo
Rolling Plan for ICT standardisation
Join this collection

Electronic identification and trust services including e-signatures (RP2024)

(A.) Policy and legislation

(A.1)   Policy objectives

This relates to Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.

(A.2) EC perspective and progress report

The eIDAS Regulation adopted on 23 July 2014 addresses in one comprehensive piece of legislation, electronic identification, electronic signatures, electronic seals, electronic time stamping, electronic registered delivery services, electronic documents and certificate services for website authentication as core instruments for electronic transactions in the European Union.

On 3rd of June 2021 the Commission adopted a proposal to amend the eIDAS Regulation, It proposes a Digital identity framework and mandates the creation of European Digital Identity Wallet which must offer secure and easy access to different e-services, from both the public and private sector and it should support a wide range of different use cases.  The wallet is required to support privacy by design and give users full control over their personal data including identity attributes that may be exchanged from the wallet.  The wallet must fulfill the requirements for Level of Assurance ‘High’ and the security and functionalities of the wallet must be certified and the data processing of the wallet must be certified according to GDPR. In addition, it creates a new qualified trust service for attestation of attributes concerning information related to identity, such as addresses, age, gender, civil status, family composition, nationality, educational and professional qualifications and titles, licenses, other permits and payment data, that can be offered, shared and exchanged across borders, in full security, enforcing strong data protection and with legal effect across borders. In addition, the proposed European Digital Identity Framework introduces additional trust services for the management of a remote electronic qualified signature creation device, electronic archiving and electronic ledgers.

The Commission will work with Member States and the private sector to establish technical and operational specifications, and reference standards for the requirements of the proposed European Digital Identity framework. The requirements include issuance and exchange of selected attestation of attributes, the functionality and security of the European Digital Identity Wallets, the assurance of the European Digital Identity framework including certification of the wallet, identity proofing and governance. Standardisation Bodies will be consulted and existing international and European standards and technical specifications should be re-used where appropriate.

For the European Digital Identity Framework and to support the remainder of the eIDAS regulation, further standardisation work will be needed, because the planned secondary legislation may refer to the availability of standards as possible means to meet the regulatory requirements. Existing standards that meet the requirements of the proposed framework should therefore be identified and new standards and guidelines are likely to have to be drafted to facilitate the implementation of the proposed new trust services of electronic archiving, attestation of attributes, the management of remote electronic signature and seal creation devices, and electronic ledgers.

(A.3) References

(B.) Requested actions

Action 1. Take ongoing EU policy activities into account in standardisation, e.g. in ISO/IEC JTC 1/SC 27/WG 5 (identity management and privacy technologies) and other working groups of ISO/IEC JTC 1/SC 27. Also, the standards being developed by ISO/IEC JTC1 SC17 including on mobile driving licenses and identity management via mobile devices are particularly relevant to electronic identification. Furthermore, in order to promote the strengths of the European approach to electronic identification and trust services at global level and to foster mutual recognition of electronic identification and trust services with non-EU countries, European and international standards should be aligned wherever possible. The promotion and maintenance of related European approaches, which especially take into account data protection considerations, in international standards should be supported. 

Action 2: As required by the framework established under the proposed regulatory framework for European Digital Identities prepare standards for 

  • interfaces between the European Digital Identity Wallet and trust services as well as services for signing by means of electronic signatures and seals
  • interfaces between the European Digital Identity Wallet and relying parties and issuers of electronic attestations of attributes
  • Issuance and revocation of wallets and electronic attestation of attributes
  • security evaluation and certification of the European Digital Identity Wallet
  • new trust services including electronic attestation of attributes, electronic archiving and electronic ledgers and including update of protocol and security standards and the trusted list format.
  • Supporting additional requirements for identity proofing and validation of attributes.
  • Adapting existing standards to take into account new provisions of eIDAS 2.0 including alignment with NIS2 and ensuring that the requirements of privacy by design are met.
  • Next generation of registered electronic mail and electronic delivery to take account of new services available under eIDAS 2.0 including EU digital identity wallets and electronic ledgers.
  • Use of electronic identities and electronic signatures with electronic ledgers in support of smart contracts.

Action 3: SDOs to cooperate and work in the areas of identifiers, vocabularies, semantics, taxonomies, ontologies for electronic attestations

Action 4: The impact of quantum computing technologies on the cryptographic algorithms, in particular public key cryptography, used for electronic identification and trust services including e-signatures needs to be analysed, and the potential impact on the relevant standards identified.  This should lead to guidance on the migration to Quantum Safe Cryptography.

(C.) Activities and additional information 

(C.1) Related standardisation activities
CEN & CENELEC

CEN/TC 224 'Personal identification and related personal devices with secure element, systems, operations and privacy in a multi sectorial environment' develops standards for strengthening the interoperability and security of personal identification and its related personal devices, systems, operations and privacy. CEN/TC 224 addresses sectors such as Government/Citizen, Transport, Banking, e-Health, as well as Consumers and providers from the supply side such as card manufacturers, security technology, conformity assessment body and software manufacturers.

https://standards.cen.eu/dyn/www/f?p=204:7:0::::FSP_ORG_ID:6205&cs=1FB1CC5B5F03F85F0ECCECA7598551CFC

CEN-CLC/JTC 19 'Blockchain and Distributed Ledger Technologies' focuses on European requirements for Distributed Ledger Technologies and proceeds with the identification and possible adoption of standards already available or under development in other SDOs (especially ISO TC 307), which could support the EU Digital Single Market and/or EC Directives/Regulations. In the context of the revision of the rules on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation), CEN/CLC/JTC 19/WG 1 was established to address the development of standards in support of decentralized identity management.

https://standards.cen.eu/dyn/www/f?p=204:22:0::::FSP_ORG_ID,FSP_LANG_ID:2702172,25&cs=1C5DF4D2E1D80EA24F5896718E20EA6F3

CEN/TC 468 'Management and preservation of digital content' is relevant for archival and can be relevant for the qualified trust services for electronic archiving. 

ETSI

Under the standardisation mandate M/460 on e-signatures, ETSI TC ESI provided an initial set of upgraded and new standards within a rationalized framework. ETSI TC ESI provides standards for introducing the overall framework of standards, for trust service providers supporting digital signatures but also preservation services, edelivery services, for (remote) signature creation and validation, for cryptographic suites and for trust service status lists providers.

ETSI TC ESI is progressing several work items in support of the proposed amendment to the eIDAS Regulation and the associated “Common Union Toolbox” including: DTS/ESI-0019462: “Wallet interfaces for trust services and signing”, DTS/ESI-0019471: “Policy and Security requirements for Electronic Attestation of Attribute Services” and DTS/ESI-0019472: “Profiles for Electronic Attestations of Attributes” (see https://portal.etsi.org//tb.aspx?tbid=607&SubTB=607#/lt-50611-work-programme)

ETSI ISG PDL (Permission Distributed Ledgers) provides the foundations for the operation of permissioned distributed ledgers, with the ultimate purpose of creating an open ecosystem of industrial solutions to be deployed by different sectors.

ETSI ISG ETI (Encrypted Traffic Integration) is developing a Zero Trust Architecture approach to networks that builds on the identity management platform being developed by TC CYBER in TS 103 486 and in the cited work in TC ESI in order to enable a semantic, or capability, assured path through networks.

ETSI ISG CIM (for cross-cutting Context Information Management) has published GS CIM 019, to enable the NGSI-LD open API able to attest provenance of information, as well as to support fine-grained encryption. It leverages the draft W3C “Data Integrity” and “RDF Dataset Canonicalization” technologies from W3C’s Credentials Community Group Reports.

A summary of ETSI TC ESI publications and ongoing work can be found at https://portal.etsi.org/TBSiteMap/ESI/ESIActivities.aspx

ETSI has published the document SR 019 003 "Possible Standards for eIDAS 2.0" that identifies the potential impact on the framework of standards already published in relation to the proposal to amend the eIDAS Regulation and establish a framework for a European Digital Identity.
The document is available at: https://docbox.etsi.org/esi/open/latest_drafts/ESI-0019003v002%20Public%20review%20draft_SR_019_003_Possible_Standards_for_eIDAS_2_0.pdf  

GS1

Digital Signatures - WR21-307_GSCN_AI_ISO20248DataStructure_eBallot with Errata (gs1.org)

ISO

The ISO Technical Committee, ISO/TC 154 Processes, data elements and documents in commerce, industry and administration, addresses standardisation and registration of business, and administration processes and supporting data used for information interchange between and within individual organizations and supports standardisation activities in the area of industrial data.

https://www.iso.org/committee/53186.html

Ongoing work:

  • Requirements and roles & responsibilities for fulfilling trusted e-communications in commerce, industry and administration
  • Qualified trust services for long-term signature of kinds of electronic documents
  • Validation of long-term signature
  • Trusted (or qualified) electronic registered delivery services (or platform)
  • Dematerialisation and proof of dematerialisation
  • Requirements for providing trusted e-communications in the mobile environment
  • Requirements for providing trusted e-communications in the cloud environment

Projects include the ISO 14533 series of standards for Processes, data elements and documents in commerce, industry and administration -- Long term signature profiles.

The ISO Technical Committee ISO/TC 321 Transaction Assurance in e-Commerce, addresses standardisation in the field of “transaction assurance in e- commerce related upstream/downstream processes”, including the following:

  • Assurance of transaction process in e-commerce (including easier access to e-platforms and estores);
  • Protection of online consumer rights including both prevention of online disputes and resolution process;
  • Interoperability and admissibility of inspection result data on commodity quality in cross-border e-commerce;
  • Assurance of e-commerce delivery to the final consumer.

https://www.iso.org/committee/7145156.html 

ISO/IEC JTC 1 

ISO/IEC JTC 1/SC 37, Biometrics, is responsible for the standardisation of generic biometric technologies pertaining to human beings to support interoperability and data interchange among applications and systems. Generic human biometric standards include: common file frameworks, biometric application programming interfaces, biometric data interchange formats, related biometric profiles and other standards in support of technical implementation of biometric systems, evaluation criteria to biometric technologies, methodologies for performance testing and reporting, cross-jurisdictional and societal aspects of biometric implementation. The complete list of standards published or under development, can be found in on the SC 37 homepage:

https://www.iso.org/committee/313770.html 

Published standards and ongoing projects related to the topics include the series of biometric data interchange standards for different biometric modalities, biometric technical interfaces, related biometric profiles and other standards in support of technical implementation of biometric systems, and cross jurisdictional and societal aspects of biometric implementation. Representative projects include revisions to some of the ISO/IEC 19794 series for Biometric data interchange formats, ISO/IEC 29794 series for Biometric sample quality and ISO/IEC 39794 series for Extensible biometric data interchange formats. These projects include generic extensible data interchange formats for the representation of data, a tagged binary data format based on an extensible specification in ASN.1 and a textual data format based on an XML schema definition (both capable of holding the same information). The ISO/IEC 30107 series for Biometric presentation attack detection and ISO/IEC 24779 series for Cross-Jurisdictional and societal aspects of implementation of biometric technologies - pictograms, icons and symbols for use with biometric systems are multi-part standards of relevance.

ISO/IEC JTC 1/SC 27, Information security, cybersecurity and privacy protection, is responsible for international IT security. The most relevant standards to electronic identification and trust services are developed by SC 27/WG 5 Identity Management and Privacy Technologies. After completion of foundational frameworks, specifically, the ISO/IEC 24760 series A framework for identity management and ISO/IEC 29100 for Privacy framework, priorities for WG 5 are related standards and Standing Documents on supporting technologies, models, and methodologies. WG 5’s Projects include:

  • A framework for identity management – Part 1: Terminology and concepts (ISO/IEC 24760-1, 2nd edition:2019)
  • A framework for identity management – Part 2: Reference framework and requirements (ISO/IEC 24760-2, 1st edition:2015)
  • A framework for identity management – Part 3: Reference framework and requirements (ISO/IEC 24760-3, 1st edition:2016)
  • Privacy framework (ISO/IEC 29100, 1st edition:2011; Amendment 1:2018)
  • Privacy architecture framework (ISO/IEC 29101, 2nd edition:2018)
  • A framework for access management (ISO/IEC 29146, 1st edition:2016)
  • Requirements for partially anonymous, partially unlinkable authentication (ISO/IEC 29191, 1st edition:2012)
  • Privacy enhancing data de-identification terminology and classification of techniques (ISO/IEC 20889, 1st edition:2018)
  • Privacy impact assessment – methodology (ISO/IEC 29134, 1st edition:2017)
  • Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management – Requirements and guidelines (ISO/IEC 27701, 1st edition:2019)
  • WG 5 Standing Document 2 – “Privacy references list”
  • WG 5 Standing Document 4 – “Standards Privacy Assessment”

ISO/IEC JTC 1 SC 27 is working in close collaboration with CEN/CLC/JTC 13 'Cybersecurity and Data protection' on eIDAS related standardisation activity. 

ISO/JTC 1/SC 17 Cards and security devices for personal identificationis responsible for standardisation and interface associated with their use in inter-industry applications and international interchange in the area of:

  • Identification and related documents,
  • Cards,
  • Security devices and tokens

https://www.iso.org/committee/45144.html

ITU-T

ITU-T SG2 is responsible for studies related to numbering, naming, addressing and identification, and resource assignment. SG2 Approved new Recommendation ITU-T E.118.1 in March 2023, “ITU-T management of the allocation of globally assigned Issuer Identifier Numbers (IINs)”, and is continuing work on: updates to Recommendation ITU-T E.118, "The international telecommunication charge card" to reflect current and future use of Issuer Identifier Numbers (IINs); a new Recommendation ITU-T E.IoT-NNAI, "Internet of Things Naming Numbering Addressing and Identifiers"; and a new Technical Report TR.OTTnum, "Current use of E.164 numbers as identifiers for OTTs".
More info: http://itu.int/ITU-T/go/tsg2

ITU-T SG3 is responsible, inter alia, for studying international telecommunication/ICT policy and economic issues and tariff and accounting matters (including costing principles and methodologies). SG3 has approved Recommendation ITU-T D.1140/X.1261, “Policy framework including principles for digital identity infrastructure”.
More info: http://itu.int/ITU-T/go/tsg3

ITU-T SG11 is developing a new standard Q.TSCA “Procedure for issuing digital certificates for signalling security”. This draft standard is a continuation of SG11 activities on implementation of security measures (Recommendations ITU-T Q.3057, Q.3062 and Q.3063) on signalling level in order to cope with different types of attacks on existing ICT infrastructure and services (e.g. OTP intercept, calls intercept, spoofing numbers, robocalls, etc.).ITU-T SG17 is responsible for the study and coordinate the work on ICT security and identity management. It has approved Recommendations ITU-T X.1058 “Information technology - Security techniques - Code of practice for Personally Identifiable Information protection”, ITU-T X.1087 “Technical and operational countermeasures for telebiometric applications using mobile devices”, ITU-T X.1148 “Framework of de-identification process for telecommunication service providers”, ITU-T X.1171 “Threats and requirements for protection of personally identifiable information in applications using tag-based identification”,  ITU-T X.1212 “Design considerations for improved end-user perception of trustworthiness indicators”, ITU-T X.1250 “Baseline capabilities for enhanced global identity management and interoperability”, ITU-T X.1252 “Baseline identity management terms and definitions”, ITU-T X.1275 “Guidelines on protection of personally identifiable information in the application of RFID technology”,  ITU-T X.1403 “Security considerations for using distributed ledger technology data in identity management”, ITU-T X.1451 “Risk identification to optimize authentication”,  ITU-T X.1363 “Technical framework of personally identifiable information (PII) handling system in IoT environment”, ITU-T X.1770 “Technical guidelines for secure multi-party computation” and is developing many more draft Recommendation in this domain: (X.5Gsec-t, X.guide-cdd, X.sec-QKDN-tn, X.smsrc, X.scpa, X.sgos, X.rdda, X.vide, etc).
More info: http://itu.int/ITU-T/go/tsg17

Under the Security, Infrastructure and Trust Working Group led by ITU under the Financial Inclusion Global Initiative (a joint programme of the ITU, World Bank and Bank for International Settlements and supported by the Gates Foundation), studies on strong authentication technologies applications for digital financial services are being undertaken. The use of identity verification and authentication system based on DLT are also being studied. See Report:

https://www.itu.int/en/ITU-T/extcoop/figisymposium/Documents/ITU_SIT_WG_Implementation%20of%20Secure%20Authentication%20Technologies%20for%20DFS.pdf

ITU-T SG20 is the lead study group for Internet of Things identification. The Study Group developed Recommendation ITU-T Y.4811 “Reference framework of converged service for identification and authentication for IoT devices in decentralized environment”. ITU-T SG20 is working on draft Technical Report “Requirements and capability framework for identification management service of IoT device” (YSTR.IoT-IMS).

More info: https://itu.int/go/tsg20

UNECE

The United Nations Economic Commission for Europe in its Recommendation 14 outlines base elements to take into account in the use of electronic authentication methods. It recommends that the authentication methods should be chosen in light of the nature of the electronic transaction and the relationship between the parties involved in the exchange. Not all electronic exchanges require the highest level of reliability.

See: (available also in French and Russian) http://www.unece.org/fileadmin/DAM/cefact/recommendations/rec14/ECE_TRADE_C_CEFACT_2014_6E_Rec14.pdf

Further work is being developed on this topic within UN/CEFACT. See:

http://www.unece.org/fileadmin/DAM/cefact/cf_plenary/2018_plenary/ECE_TRADE_C_CEFACT_2018_7E.pdf

OASIS

The OASIS Security Services (SAML) TC maintains and extends the widely used Security Assertion Markup Language (SAML, also ITU-T Recommendation X.1141) standard. A profile of SAML is used for cross-border identification and authentication of citizens in the eIDAS nodes provided by the eID Building Block of the Connecting Europe Facility (CEF). SAML is also used at national level in Member States.

The PKCS#11 industry cryptographic method is commonly used in most commercial certificate authority (CA) software for proving identity, as well as cross-platform smart card software.  The OASIS PKCS#11 committee  recently released its Specification v3.1 and Profiles v3.1 in support of the "Cryptoki" (from "cryptographic token interface") API to use and access PKCS#11 certificates.  

OASIS' Lightweight Verifiable Credential Schema and Process (LVCSP) committee (https://www.oasis-open.org/committees/lvcsp) defines methods for enabling individuals (credential subjects) to voluntarily share their verified identity attestations, such as know-your-customer (KYC) determinations across different platforms and services, using the W3C Verifiable Credential (VC) standard.  These methods allow shared identity attestations consistent with GDPR traceability, the permission of data subjects, and decentralized exchanges.  

The OASIS Trust Elevation TC defines a set of standardized protocols that service providers may use to elevate the trust in an electronic identity credential presented to them for authentication.

The OASIS DSS-X TC defines standard Digital Signature Service Core Protocols, Elements, and Bindings. The latest version provides both JSON- and XML-based request/response protocols for signing and verifying, including updated timestamp formats, transport and security bindings and metadata discovery methods. This TC works in close liaison with the ETSI Electronic Signatures and Infrastructures (ESI) TC.

The OASIS ebXML Message TC maintains the OASIS ebMS3 (also ISO 15000-1) standard and the AS4 standard (also ISO 15000-2). AS4 is profiled as the message exchange protocol of the European Commission’s eDelivery Building Block. Several dozens policy domains use eDelivery for cross-border secure and reliable exchange of documents and data. AS4 is also used in the EESSI system for digitalisation in social security coordination.

The OASIS Business Document Exchange TC provides complementary eDelivery specifications for service location and capability lookup.

The OASIS ebCore TC has delivered version 3 of the CPPA specification. CPPA3 provides standard data definitions, and formats for electronic, XML-based protocol profiles and business collaboration agreements, as well as algorithms for formation, matching, discovery and registration. Version 3 is an evolution of work done in the joint ebXML project with UN/CEFACT. It complements other ebXML standards for messaging including AS4.

OIDF

Set of standards and related certification profiles addressing identity transactions over the internet. Active working groups in this area include: the OpenID Connect WG, AccountChooser WG, Native Applications WG, Mobile operator Discovery, Registration and Authentication WG (MODRNA), Health Related Data Sharing WG (HEART), and Risk and Incident Sharing and Coordination WG (RISC)

http://openid.net/wg/

IETF

The following IETF Working Groups are active in this area:

The Web Authorization Protocol (OAUTH) WG developed a protocol suite that allows a user to grant a third-party Web site or application access to the user's protected resources, without necessarily revealing their long-term credentials, or even their identity. It also developed security schemes for presenting authorisation tokens to access a protected resource.

The ongoing standardisation effort within the OAUTH working group is focusing on enhancing interoperability of OAUTH deployments.

The Public Notary Transparency (TRANS) WG developed a standards-track specification of the Certificate Transparency protocol (RFC6962) that allows detection of the mis-issuance of certificates issued by CAs or via ad-hoc mapping by maintaining cryptographically verifiable audit logs.

The Automated Certificate Management Environment (ACME) WG specifies conventions for automated X.509 certificate management, including validation of control over an identifier, certificate issuance, certificate renewal, and certificate revocation. The initial focus of the ACME WG is on domain name certificates (as used by web servers), but other uses of certificates can be considered as work progresses.

The Supply Chain Integrity, Tranparency, and Trust (SCITT) Working Group works to define a set of interoperable building blocks that will allow implementers to build integrity and accountability into software supply chain systems to help assure trustworthy operation. For example, a public computer interface system could report its software composition that can then be compared against known software compositions or certifications for such a device thereby giving confidence that the system is running the software expected and has not been modified, either by attack or accident, in the supply chain.

https://wiki.ietf.org/en/group/iab/Multi-Stake-Holder-Platform#h-315-electronic-identification-and-trust-services-including-e-signatures

W3C

Verifiable Credentials provide a mechanism to express credentials, e.g. driving licenses, on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable. Currently, the following Specifications and Notes have already been issued: 

Decentralized Identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID refers to any subject (e.g., a person, organization, thing, data model, abstract entity, etc.) as determined by the controller of the DID. In contrast to typical, federated identifiers, DIDs have been designed so that they may be decoupled from centralized registries, identity providers, and certificate authorities: 

Web Authentication defines an API enabling the creation and use of strong, attested, scoped, public key-based credentials by web applications, for the purpose of strongly authenticating users. The current work is on Web Authentication: An API for accessing Public Key Credentials - Level 3 https://www.w3.org/TR/webauthn-3/

Web payments:  An important goal of Secure Payment Confirmation (SPC) is to streamline strong customer authentication (SCA). One way to reduce friction is to allow many authentications for a given registration. In other words, ideally the user registers once and can then authenticate “everywhere” (consistent with the policies of the relying party; they have to opt-in). The following Specifications are relevant: 

Work on Social Networking includes identity schemes that can play a role:

The Web Crypto API describes a JavaScript API for performing basic cryptographic operations in web applications, such as hashing, signature generation and verification, and encryption and decryption: https://www.w3.org/TR/WebCryptoAPI/ See also the note on use cases: http://www.w3.org/TR/webcrypto-usecases/ narrowing the scope of the Web Crypto API.

Identity for WebRTC 1.0 defines a set of ECMAScript APIs in WebIDL to allow and application using WebRTC to assert an identity, and to mark media streams as only viewable by another identity. This specification is being developed in conjunction with a protocol specification developed by the IETF RTCWEB group.  https://www.w3.org/TR/webrtc-identity/

IEEE

IEEE has standards and pre-standards activities relevant to Electronic Identification and Trust Services, including dealing with blockchain technology, authentication, and biometric identification. 

IEEE 1363.3, Standard for Identity-Based Cryptographic Techniques using Pairings
IEEE 2410, Standard for Biometric Open Protocol
IEEE 2790, Standard for Biometric Liveness Detection

IEEE 3801, IEEE Standard for Blockchain-based Electronic Contracts

IEEE P2049.3, Standard for Human Augmentation: Identity
IEEE P2799, Standard for Confirming and Conveying Identity Over the Internet
IEEE P2933, Standard for Clinical Internet of Things (IoT) Data and Device Interoperability with TIPPSS–-Trust, Identity, Privacy, Protection, Safety, Security
IEEE P2989, Standard for Authentication in Multi-Server Environment
IEEE P3210, Standard for Blockchain-based Digital Identity System Framework

There are also several pre-standards activities looking at digital identity, including guidelines for the provision and use of digital identities for digital resilience.

For more information, see: https://ieee-sa.imeetcentral.com/eurollingplan/.

(C.2) Other activities related to standardisation

Related important projects ordered by date: 

  • 2023-08-23 OntoChain https://ontochain.ngi.eu
    OntoChain aims to enable trustworthy transactions of services and contents. The project defines innovative decentralised reputation models that reveal the hidden quality/types of services and credibility of data sources, keeping a balance between privacy and trust.
  • 2022-10-31 eSSIF-Lab https://essif-lab.eu
    Self-sovereign identity (SSI) supports identity management in a safe and reliable internet allowing secure transactions and eliminating logins. SSI aims to empower EU organisations to make secure and innovate transactions with stakeholders saving billions of euro on administrative expenses.
  • 2020-12-31 AMBER https://www.amber-biometrics.eu 
    AMBER addresses issues facing biometric solutions on mobile devices and develop solutions and theory to ensure secure, ubiquitous and efficient
    authentication whilst protecting privacy of citizen.
  • 2020-08-31 SMOWL https://smowl.net/en/
    SMOWL is a practical and reliable solution for online user identification and monitoring. It consists in a new cyber-security service covering the need for a continuous, automatic and scalable authentication of online user’s identity and monitoring.
  • 2020-03-31 Smart-Trust https://web.archive.org/web/20201230011033/https://smart-trust.eu/
    Smart-Trust introduces a new technological enabler for Mobile ID which drastically increases the reliability and trust levels of identity verification at European borders, thus increasing the security of member states.
  • 2019-12-31 DECODE https://decodeproject.eu
    DECODE provides tools that put individuals in control of whether they keep their personal information private or share it for the public good.
  • 2019-02-28 ARIES - A ReliAble euRopean Identity EcoSystem https://www.aries-project.eu/
    ARIES aims to set up a reliable identity ecosystem combining mature technologies for high level of assurance, such as biometrics or use of secure elements, with innovative credential derivation mechanisms.
  • 2018-12-31 SAFEcrypto https://www.safecrypto.eu
    SAFEcrypto will provide a new generation of practical, robust and physically secure post quantum cryptographic solutions that ensure long-term security for future ICT systems, services and applications. Novel public-key cryptographic schemes (digital signatures, authentication, public-key encryption, identity-based encryption) will be developed using lattice problems as the source of computational hardness.
  • 2018-09-30 CREDENTIAL - Secure Cloud Identity Wallet https://credential.eu 
    The goal of CREDENTIAL is to develop, test and showcase innovative cloud based services for storing, managing, and sharing digital identity information and other critical personal data.
  • 2018-04-30 ReCRED http://www.recred.eu 
    ReCRED’s ultimate goal is to promote the user’s personal mobile device to the role of a unified authentication and authorization proxy towards the digital world.
Report abusive content Share