Source: European Parliament
The intention of Regulation (EU) No 910/2014[1] as amended by Regulation (EU) 2024/1183[2] is to enable all EU citizens and residents to identify in a secure way and under full protection of personal data for online public and private services. Providing digital identification guaranteed by governments to the private sector is therefore a basic objective of the regulation.
In addition, user identification by private services is mandated in paragraph 2 of Article 5f on the cross-border reliance on European Digital Identity Wallets in the basic act.
It specifically states that where ‘… strong user authentication for online identification or where strong user authentication for online identification is required by contractual obligation, including in the areas of transport, energy, banking, financial services, social security, health, drinking water, postal services, digital infrastructure, education or telecommunications, those private relying parties shall, … also accept European Digital Identity Wallets that are provided in accordance with this regulation.’
Relying parties, whether private or public must register in the Member State where they are established in order to rely upon European Digital Identity Wallets.
As noted above, there is already a broad obligation for the private sector to rely upon the European Digital Identity Wallet for user authentication and identification.
As Regulation (EU) No 910/2014 is not regulating how to provide for identity matching for private relying parties, it is up to Member States how to tackle this.