eIDAS2.0 – a new era for digital identity in the EU

Click here to view the German version

Building a trusted digital europe

The European Union is entering a new era of digital identity with the introduction of eIDAS 2.0, a regulation designed to provide a secure, interoperable, and user-controlled digital identity framework across all EU Member States.
By 2030, the European Commission expects at least 80% of EU citizens to use a digital identity solution. eIDAS 2.0 lays the foundation for this transformation.

Building on the original eIDAS Regulation from 2014, eIDAS 2.0 introduces the European Digital Identity Wallet (EUDI Wallet), enabling EU citizens, residents, and businesses to manage and share their verified credentials safely and efficiently.

A major innovation accompanying the wallet is the concept of Qualified Electronic Attestations of Attributes (QEAA). These attestations enable trusted verification of individual attributes with the same legal standing as a national electronic ID. This granular approach supports both privacy-by-design and convenience, as users can share only the data required for a given transaction.

eIDAS 2.0 also expands the scope of trust services. Beyond electronic signatures and seals, the regulation now includes services such as electronic archiving, electronic ledgers (enabling blockchain and distributed ledger applications), and the management of remote signatures and seals. These additions provide a more comprehensive framework for securing digital transactions, data storage, and emerging digital asset ecosystems.

Importantly, the regulation introduces mandatory recognition obligations for the public sector and selected private entities such as banks, telecommunication operators, and large online platforms. These will be required to accept EUDI Wallets as valid identification, ensuring consistent user experience across borders and sectors.

Finally, eIDAS 2.0 places strong emphasis on security, privacy, and user control. The framework mandates compliance with GDPR principles and introduces safeguards to prevent data misuse. Users will decide which attributes are shared, with whom, and for how long, ensuring transparency and trust in every interaction.

In sum, eIDAS 2.0 transforms the European digital identity landscape from a fragmented system into a pan-European ecosystem of trust, built on interoperability, transparency, and individual empowerment.

Key changes and implications for the financial sector

The financial industry will be among the sectors most directly influenced by eIDAS 2.0. Since identity verification and authentication lie at the heart of banking, the European Digital Identity Wallet (EUDI Wallet) has the potential to transform core processes — from customer onboarding to cross-border service delivery.

A key impact will be on Know Your Customer (KYC) and Customer Due Diligence procedures. Instead of relying on manual checks or fragmented national eIDs, banks will be able to verify customer identities through trusted digital credentials shared directly from the EUDI Wallet. This enables faster onboarding, lower compliance costs, and greater data accuracy — all while keeping customers in control of their information.

The EUDI Wallet also supports Strong Customer Authentication (SCA) under PSD2, offering a secure and standardized method for verifying users across the EU. With built-in capabilities for biometric verification and qualified electronic signatures, it enhances fraud prevention and reinforces customer trust.

The wallet paves the way for cross-border banking by harmonizing digital identity verification across Member States. Customers will be able to open accounts or access services in another EU country without repeating identity checks, helping banks expand their reach and improve customer experience.

The legal recognition of electronic signatures and seals under eIDAS 2.0 streamlines the handling of contracts and transactions, making digital banking more efficient and compliant.

Implementation challenges and strategic adjustments

While eIDAS 2.0 opens clear opportunities, adaptation will require banks and financial institutions to rethink parts of their digital and compliance infrastructure. Integrating the EUDI Wallet and related trust services by the end of 2027 is not simply a technical upgrade — it requires coordinated adjustments across technology, governance, and customer interaction models.

On the technical side, institutions must establish secure connections to national wallet ecosystems and standardized interfaces for verifying and exchanging digital credentials. This includes aligning with EU interoperability frameworks and ensuring systems can process Qualified Electronic Attestations of Attributes (QEAA) in real time.

Banks will need to design robust processes for data consent, storage, and revocation in line with both GDPR and eIDAS 2.0 requirements. Clear audit trails and liability frameworks must be defined for all interactions involving verified credentials and digital signatures.

Employees and customers will require education on how to use digital wallets safely and effectively, while customer support functions must adapt to handle identity-related issues in a digital-first environment.

Success will depend on ecosystem collaboration. Banks may need to partner with qualified trust service providers, identity brokers, and wallet issuers to integrate services securely and efficiently.

Capco view: turning regulation into competitive advantage

At Capco, we see eIDAS 2.0 as more than a compliance exercise — it is a strategic inflection point for the financial industry.

Banks that act early can leverage the EUDI Wallet to reimagine customer journeys, simplify onboarding, and embed digital trust into every interaction. This positions them not merely as service providers, but as trusted digital identity custodians.

By adopting interoperable identity frameworks and engaging with national wallet schemes, financial institutions can extend their role within digital ecosystems — from KYC utilities to open finance and beyond.

A phased approach is essential:

• Short term: assess wallet readiness and interoperability requirements.
• Medium term: redesign authentication and consent frameworks.
• Long term: embed identity verification as a service capability across platforms.

Institutions that align technology, governance, and customer engagement early will not only meet regulatory deadlines but lead the market in digital trust.