Electronic identification and qualified certificates
We have to talk again about Digital Transformation and the European eIDAS Regulation, now regarding Electronic Identification. Regulation (EU) No. 910/2014 of the European Parliament and of the Council, of July 23, 2014, specifically regulates all aspects related to electronic identification at the EU level between companies, citizens and public authorities.
Many sectors (especially the financial one) can benefit from eIDAS regulations on electronic identification by enhancing trust in the use of digital media. The authorization of February 12, 2016, effective from March 1, 2016, of the Executive Service of the supervisory body for the prevention of money laundering in Spain, (SEPBLAC) is aligned with this orientation towards non-contact identification through videoconference (now expecting a second authorization less restrictive)
Logalty is working on its secure remote identity solution, obtaining qualified certificates for later identification and advanced electronic signature of customer contracts. With this, it is possible to advance in digital identification and align operations in the banking sector with other European Directives, especially the PSD2 and AML4 regulations and the future directive for electronic contracting of banking services. Currently, this operation cannot be done in Spain as its regulation is still pending by the supervisory body of trust services, the Ministry of Energy, Tourism and Digital Agenda (more specifically, the Secretary of State for Information Society and for the Digital Agenda). Logalty is in different national and European working groups developing their processes to provide these services in compliance with the regulations currently in forcé.
Logalty has established as one of its priority objectives to develop in the market its Integrated Solution for Certified Electronic Contracting Services. Document capture and information validation services are already implemented by using OCR processes. Examples of this may be the validation of the data contained in a client’s ID Document (validity, format, age …), the contrast of these data with those defined in the MRZ coding, the extraction of the information, signature and photo, the possibility of comparing with a selfie and the later incorporation of these data in the contract.
After the publication on February 12 of the SEPBLAC authorization and the work carried out to meet the requirements of the financial sector, identification services with videoconferences are now available, complying with the provisions of the aforementioned authorization.
The requirements established by the Supervisor are clear and must be met with maximum exigency so that we can comply with the provisions of the Regulation, implementing Spanish Law 10/2010 of 28 April, on the prevention of money laundering and terrorist financing. Among these, we can highlight the risk analysis, the procedures to be carried out, the technical requirements, and even the mandatory training of the personnel who manage the videoconferences.
Given that the outsourcing of services is allowed, Logalty considers these procedures for remote identification through videoconference must be managed by personnel with specific training. This training must be accredited in accordance with the provisions of article 39 of the Regulations of Law 10/2010.
Logalty does not only want to comply with the supervisory body’s requirements but also to contribute under the same umbrella new functionalities and benefits that can be used in the very near future by the entity. Facial or voice biometrics are already services that must inevitably allow entities to deal with the maximum guarantees in the initial identification and subsequent maintenance of customer identification, within the Digital Single Market framework.
With these ID services, Logalty continues to develop solutions that lead our clients to speed up the digital transformation as much as possible with the greatest legal guarantees, as well as the highest efficiencies for the business.