Great news - on November 8th Council and Parliament reach a provisional agreement on eID. We take the chance to highlight the importance of this step and the role of identification and authentication as a very important pillar on the way to a digital single market and an integrated participative energy system.

Background and initial situation

More and more new market roles are using electronic services and data communication related to the energy networks. Energy service providers other European countries, energy communities and other organizations need to participate in energy market communication in order to fulfill their responsibilities. Increasingly complex tasks have to be performed simultaneously by different energy industry institutions and applications. Each of these systems faces the challenge of identifying these actors - natural persons as well as companies - reliably and securely. In addition, under European law, it is mandatory to make it available to authorized third parties from other member states.

This ability to identify energy service providers, energy supply companies, flexibility service providers and private individuals from other countries in the European Union is increasingly becoming an urgent requirement for the security of sensitive data and the efficient participation of citizens and innovative solution providers in the energy system of the future. The interoperability requirements and procedures are regulated, among other things, in the Internal Market for Electricity Directive (EU) 2019/944. They must be implemented by the Member States.

The European Union's digital strategy also highlights the importance of improving access to high-quality data while ensuring the protection of personal and sensitive data.

In view of the ever larger and more diverse group of participants in energy market communication, there is a need for action to ensure sustainability, efficiency, security and, above all, user-friendliness in the future.

Objective

eIDAS is planned as an important pillar of a common digital internal market as part of the European Union's digitalization strategy. The current development step is the use of electronic IDs not only for public but also for private sector applications.

At the national level, work is underway e.g. in Austria to implement national eID implementations (e.g. ID Austria, BrugerID in Denmark, etc.). Embedded in the European eIDAS infrastructure, the solution supports EU logins - thus also the reliable identification of actors from other EU countries. This eliminates the need for a double check.

The identification feature provided by eID implementations is used as a unifying feature across all relevant energy industry platforms. Citizens and companies can use their signatures to log in to the digital office or the company service portal without any additional effort.

Signing contracts on paper is no longer necessary, which also eliminates the need to receive documents via email, print them and then send them back again. Media disruptions are eliminated and manual interventions are minimized as far as possible and very safely.

Economic benefit:

• Domestic and non-domestic European citizens and companies benefit from the elimination of bureaucracy. Processes are significantly simplified and administrative costs are minimized.
• Energy companies, energy service providers, energy communities and flexibility service providers save considerable costs by eliminating the need for complex checks and by setting up and managing their own authentication infrastructure.
• Domestic companies get a low-threshold opportunity to offer their customers integrated, innovative products and to scale them across Europe. A decisive competitive and locational advantage. Especially front-running MSs will profit.

Benefits

Energy data management environments typically feature different platforms, and different platforms have different requirements for identification and authentication. For example, a DSO customer portal will have different prerequisites than the onboarding to a balancing platform or a national energy market communication infrastructure. eID/EIDAS offers a lot of operational low-hanging fruits to both, with slightly different benefits. Please see the table below for an overview on some of them.

eID/EIDAS used to identify final customers (e.g. DSO customer portal)	eID/eIDAS used to identify market participants
Eliminate complex and paper-based processes and media breaks for identification and authentication.	Eliminate complex and paper-based processes and media breaks for identification and authentication.
Data-sharing infrastructure providers like DSOs and TSOs don't need to manage their own credential infrastructure.	Data-sharing infrastructure providers like DSOs and TSOs don't need to manage their own credential infrastructure.
Final customers don't need to remember/manage credentials for each and every platform. They may use their secure social security sign-in.	Market participants don't need to remember/manage credentials for each and every platform. They may use their secure social security sign-in.
It is easy to use and directly linked with official registers. Any change of that official person-related data will be reflected.	Right for representation may be given to multiple employees.
Natural persons may represent other natural persons or legal persons like companies or associations. If their right to act on behalf of these persons, this will be reflected in the authentication schema. For example, if a managing director of a company gets fired, this will be reflected in the schema.	As energy data is often sensitive, data-sharing infrastructure operators need to verify the identity of eligible parties. This is a big challenge and effort, especially when market participants from other countries are affected. With EIDAS, that effort is reduced to a minimum. Especially this point places a big benefit, as eligible parties are often blocked or slowed down nowadays, as they have to perform a lot of burdensome formalities currently.
Hopping between different platforms without re-authentication may be offered to allow an integrated experience for final customers. This is especially important as a participative energy system will not feature just one platform operator, but multiple and diverse actors for different purposes.	Hopping between different platforms without re-authentication may be offered to allow an integrated experience for market parties. This is especially important as a participative energy system will not feature just one platform operator, but multiple and diverse actors for different purposes.

Some energy data-sharing infrastructure operators have already integrated eID authentication. Here some examples:

• Belgian DSO Fluvius - https://mijn.fluvius.be
• Energinet's Eloverblik - https://eloverblik.dk/welcome
• Fingrid Data Hub - https://www.fingrid.fi/en/electricity-market/datahub/

Challenges

There are dependencies on national eID systems for the integration of EIDAS. It is just not enough to have private persons identifiable in our sector.

The prerequisite for applicability in the context of energy market communication is that the identification of legal entities (companies AND associations) and the correct representation of representations (natural for natural, natural for legal persons - the latter for example when representing managing directors) are also available.

The location of the civil status register (often maintained by ministries of the interior) and the non-existent connection to the company register and the association register (often in ministries of economics) were identified as challenges. Cooperation between both ministries is therefore necessary.

This should be considered when national roadmaps prioritizing the requirements for eID integrations are developed. For the reasons mentioned above, the EDDIE Project recommends that the implementation of these representations are implemented as cleanly and as quickly as possible and are happy to cooperate and work more intensively on behalf of European electricity customers and the development of a data-driven energy economy.

Demonstrative example from Austria

In order to demonstrate the potential of EIDAS and to make it more tangible for stakeholders, EDDIE Consortium partner Entarc.eu have implemented a little demonstrator (in German) to demonstrate, how the identification of natural persons and representations would look like to platform operators. At the end, they need to receive reliable handles and authentication information. Screenshots below show examples for how steps of an EIDAS authentication look like and what data you will get. The code below show the data delivered about the identification subject in an example of a login of a natural person FOR a legal person (association).

The image above shows screenshots of the test/evaluation integration done by Entarc.eu ( https://eidtest.entarc.eu ) against the ID Austria Test Environment ( see a list of test identities [here] ). The code below displays the data that integrators / data-sharing infrastructure operators may use to identify the natural person being active and the organisation (association in this case) they represent with their activities.

{
  'at_hash': 'sRU-fOUTvZUqQkwpscuNSQ',
  'sub': '5TDXGBB4IJK77BCGBOVFSNBBWGQL3GS5',
  'urn:pvpgvat:oidc.eid_issuing_nation': 'AT',
  'birthdate': '1990-02-28',
  'urn:pvpgvat:oidc.eid_citizen_qaa_eidas_level': 'http://eidas.europa.eu/LoA/high',
  'urn:pvpgvat:oidc.eid_online_identity_link': 'IDENTITY_LINK_CODE',
  'iss': 'https://eid2.oesterreich.gv.at',
  'urn:pvpgvat:oidc.mandator_legal_person_source_pin_type': 'urn:publicid:gv.at:baseid+XZVR',
  'sid': 'PATTERN_SID',
  'urn:pvpgvat:oidc.mandate_type': 'Einzelvertretungsbefugnis',
  'acr': 'http://eidas.europa.eu/LoA/high',
  'urn:pvpgvat:oidc.eid_identity_status_level': 'http://eid.gv.at/eID/status/testidentity',
  'auth_time': 1702547208,
  'urn:pvpgvat:oidc.bpk': 'OFFICIAL_PERSON_IDENTIFIER',
  'urn:pvpgvat:oidc.mandate_type_oid': '1.2.40.0.10.1.7.3.2.1.1',
  'exp': 1702550809,
  'iat': 1702547209,
  'urn:pvpgvat:oidc.eid_ida_level': 'urn:eidgvat:eid.status.full',
  'urn:pvpgvat:oidc.eid_ccs_url': 'https://hs-abnahme.a-trust.at/securitylayer2',
  'urn:pvpgvat:oidc.pvp_version': '2.2',
  'given_name': 'XXXMaria-Theresia Kunigunde',
  'aud': 'https://eid.entarc.eu',
  'urn:pvpgvat:oidc.mandator_legal_person_full_name': 'IDA Sonderzeichenverein (ÖÄÜäöüß)',
  'family_name': 'XXXHabsburg-Lothringen',
  'urn:pvpgvat:oidc.mandator_legal_person_source_pin': 'LEGAL_PERSON_IDENTIFIER'
}

Would you like to have further insights?

Please contact press@eddie.energy for a closer demo or deep dive or register to our Best Practices Round-Table for Data-Sharing Infrastructure Operators for an ongoing and structured knowledge exchange. Registration Link: https://eddie.energy/round-tables

References

Official website of EIDAS: https://digital-strategy.ec.europa.eu/en/policies/eidas-regulation
Official EIDAS Toolkit for testing and integration: https://digital-strategy.ec.europa.eu/en/news/eidas-interactive-tool-test-eid-and-trust-services-simulated-environment
eID / ID Austria Test application (German) written by our consortium partner Entarc.eu ( https://entarc.eu ) to demonstrate functionality/representation provided by ID Austria TEST: https://eidtest.entarc.eu/
For more information on the agreement see https://www.consilium.europa.eu/en/press/press-releases/2023/11/08/european-digital-identity-council-and-parliament-reach-a-provisional-agreement-on-eid/