Learn more

eIDAS 2.0: How to accept EU Digital IDs at scale and achieve KYC compliance

Stefan Gajewski

Stefan Gajewski

Head of Product, Identity

eIDAS 2.0: How to accept EU Digital IDs at scale and achieve KYC compliance

By 2027, failing to accept Digital IDs during KYC checks won’t just slow down onboarding: it could also leave your business non-compliant with European Union (EU) regulations. 

Under the 2024 eIDAS 2.0 regulation, all EU member states must offer Digital ID wallets by December 2026. Following this, select types of businesses conducting KYC in these countries must accept these Digital IDs as a valid identity verification method by late 2027.

With the deadline approaching, you’re probably realizing your current onboarding flows and internal operations aren’t built for what’s coming. For one, there are many different Digital ID types with varying assurance levels, and you’re not sure which ones to trust. Integrating multiple IDs into your KYC process also requires additional time and resources, not to mention that you need to determine how to implement this feature into your existing workflows without adding unnecessary friction for customers.

In this guide, we’ll break down what you need to know about eIDAS 2.0, how Digital IDs already work in Europe, and how to implement Digital IDs into your KYC process for secure digital identity verification. 

We’ll cover:

  • What you need to know about eIDAS 2.0
  • Digital IDs in Europe: A brief overview (2025/2026)
  • How to implement Digital ID verification in your KYC process
  • How GBG helps businesses accept Digital IDs to support eIDAS 2.0 compliance

Want to start accepting Digital IDs now to get ahead of the competition and forthcoming eIDAS 2.0 regulations? Request a demo of GBG Go, our all-in-one identity orchestration platform we built based on 30+ years of experience.

What you need to know about eIDAS 2.0 (and the benefits it brings)

eIDAS 2.0 establishes a digital identity framework in Europe with the goal of creating a digital market that’s interoperable (meaning a Digital ID issued in one EU country can be recognised and used easily in another) and better protected against fraud through stronger identity verification.

The first version of the eIDAS regulation launched in 2014, and a draft of the second amendment, eIDAS 2.0, was issued in 2021 and came into force in 2024, with additional regulations around Digital IDs set to be enforced soon. 

The main takeaway is this: by December 2026, all EU member states must offer Digital Identity wallets like the European Digital Identity Wallet (EUDI). EUDI allows EU citizens to store and manage their national Digital IDs – as well as other verified attributes and credentials, such as a driver’s license or bank account information – on their smartphone or other device.

As a business conducting KYC onboarding, you must accept Digital IDs as an identity verification method by Jan. 1, 2027. eIDAS 2.0 also mandates compliance with General Data Protection Regulation (GDPR) and other data protection measures, multi-factor authentication methods, and standardized protocols and data formats to make interoperability between countries possible.

Many businesses feel the pressure to achieve compliance with eIDAS 2.0 on time. However, the regulation is actually a solution to a number of current challenges around Digital ID verification in Europe. 

For example, eIDAS 2.0 can help:

Standardize fragmented ID schemes across EU markets

Today, businesses operating in the EU are faced with a number of Digital ID schemes that differ by country, issuer, and technical standards. For example, there are four main types of Digital IDs globally:

  • National government eID: Official digital credentials issued by government authorities from a national identity database. Denmark’s MitID and Estonia’s ID-card are two examples.  
  • Local or state government eIDs: Regional credentials such as mobile driver’s licenses (mDL) issued by local or state authorities. For example, the states of Louisiana and California in the US, to name a few, offer mobile driver’s license Digital IDs.
  • Bank-issued IDs: These are issued by trusted financial institutions. Sweden’s BankID, which is issued by a consortium of Swedish banks, is an example. 
  • Private sector IDs: These are verified once through identity checks and can be reused across many services. In Belgium, for instance, itsme® is used for banking, telecoms, or public services.

In practice, each EU country will soon operate its own national ID scheme, alongside bank-issued and private-sector credentials. 

Without a common framework, businesses need to evaluate which Digital IDs to implement, how much risk each represents, and how to integrate every Digital ID type to their existing KYC processes via connections to the right schemes. 

eIDAS 2.0 removes this complexity: by mandating mutual recognition and interoperability of Digital IDs that are part of and compliant with the EUDI Wallet, businesses can rely on a single framework instead of managing dozens of country- or scheme-specific integrations. 

And since Digital ID acceptance overall can replace fragmented manual ID checks like physical document scans, verification will be more effective and uniform across borders.

Normalize Digital ID assurance levels to make decision-making easier

Under eIDAS 2.0, assurance is harmonized across enrollment, authentication, and credential protection and presentation via the Architecture & Reference Framework (ARF) and implementing acts. This means each Digital ID can be assigned an assurance level (be it high, substantial, or low) which functions as a signal of reliability. But these varying assurance levels mean different things depending on the Digital ID issuing country or provider.

This makes it difficult to assess whether a Digital ID meets regulatory and risk requirements, and therefore whether you should accept it during onboarding.

eIDAS 2.0 eliminates this issue by formalizing EU-wide assurance definitions tied to:

  • How identity is verified at enrollment
  • How users authenticate
  • How credentials are protected and presented 

With assurance levels that are consistently defined and legally recognized across the EU, you can confidently decide which Digital IDs are acceptable for which use cases, without reinterpreting assurance country by country. 

Lower regulatory risk and audit complexity

eIDAS 2.0-recognized wallets – and the Digital IDs stored in them – are required to adhere to strict security standards. These include:

  • Secure authentication and access control, which reduces the risk of account takeover and unauthorized use of identity attributes like a person’s address or passport number
  • Standardized, secure protocols for data exchange that ensure businesses receive trusted data that hasn’t been altered in transit

If you operate in multiple member states, these EU-wide security standards make cross-border KYC onboarding more predictable, lower your risk of non-compliance, and give you a higher certainty that you’re onboarding genuine, trusted digital identities.

eIDAS 2.0 also helps simplify audits. This is because it standardizes how Digital ID verification is performed and recorded across EU markets, which means auditors can review and compare consistent evidence across borders.

Digital IDs in Europe: A brief overview (2025/2026)

Some EU countries already offer their own Digital ID, including:

Country

Digital ID

Use cases

Sweden

BankID

Government services, banking, accessing healthcare records, paying taxes, gym access

Italy

SPID

Managing tax information, booking health services, accessing employment and pension records, gaming account creation

Estonia

ID-card

Voting, online banking, filing taxes, accessing healthcare records

Denmark

MitID

Booking doctor’s appointments, online banking, signing documents electronically

Austria

ID Austria

Accessing electronic services offered by Austrian authorities, public institutions, and private companies

Spain

MiDNI

Identification at public offices, hotels, banks, pharmacies, universities, and postal services, proving age during commercial transactions, and accessing events or venues that require identity verification

Currently, these IDs aren’t fully interoperable: Sweden’s BankID, for example, won’t work for electronic identification in every other EU country. That will change with the rollout of EUDI.

How to implement Digital ID verification in your KYC process

To start accepting Digital IDs and create eIDAS 2.0-compliant onboarding, you’ll have to make some adjustments to your existing KYC process. Here are some ideas that help create a faster onboarding experience:

Redesign your onboarding journey to enable dynamic verification 

Dynamic verification enables you to onboard customers who have a Digital ID as well as those who don’t. To redesign your onboarding process to enable dynamic verification, take the following steps:

  • Introduce an early decision point in the journey instead of defaulting every user into document capture. 
  • Determine whether a government, bank-issued, or private Digital ID is available for the customer based on their location.
  • Present Digital ID verification as the primary option, with traditional verification methods, such as with a physical ID scan, offered as a fallback.

Dynamic verification reduces friction for users who already have high-assurance Digital IDs while ensuring those who don’t can still complete the onboarding process using another verification method. Being flexible in how users verify their identities enables you to onboard more genuine customers.

Update decisioning logic based on the different levels of Digital ID assurance and enable dynamic routing

A few adjustments to your decisioning logic can help you implement Digital IDs in your KYC process:

  • Add Digital ID assurance level as a key factor in assessing onboarding risk and weigh the assurance level alongside your other existing core inputs, such as geography, product risk, and customer type. 
  • Allow the assurance level to reduce or increase risk. For example, a high-assurance, government-issued Digital ID should lower a customer’s inherent identity risk more than a basic document upload. 
  • Enable the assurance level to influence which controls are required – not just pass or fail – to reduce friction without compromising compliance. High-assurance Digital IDs can replace or downgrade certain checks, while additional controls can be triggered only when assurance is insufficient for the use case. 

For example, a customer with a high-assurance Digital ID can skip document capture, while one with a medium-assurance ID will be required to do a biometric check. Someone with a low-assurance Digital ID may be required to complete the full document and biometric workflow. 

To achieve this automated routing between different KYC modules, you can use dynamic orchestration, which allows you to automatically decide, in real time, which journey a user should follow based on factors like their risk level (instead of sending everyone through the same fixed process).

By layering checks only where necessary, you can improve your conversion rates without weakening compliance.

Choose an identity orchestration provider with an existing integration infrastructure to access the right ID schemes via a single API

Each Digital ID scheme has different technical standards, assurance levels, and consent and data-sharing rules. Without an identity orchestration provider, you would have to deal with separate contracts and integrations for each ID scheme, long development cycles, and ongoing maintenance as standards for personal data sharing and security evolve. 

An identity orchestration provider with pre-built integrations absorbs that complexity. By connecting once, you gain access to multiple ID schemes through a single API. 

The provider can also normalize assurance signals across multiple ID schemes and present them in a consistent format. This is helpful if you’re an international business onboarding customers in, let’s say, Denmark, Spain, and Italy, all of which have their own Digital IDs schemes. 

Normalization of assurance levels also enables risk engines to make comparable decisions, regardless of the ID’s origin, which makes scaling into new markets easier and quicker since you won’t have to rebuild your risk logic. 

To access the right ID schemes through a global, end-to-end identity orchestration provider, book a demo to learn how we can help you.

How GBG helps businesses accept Digital IDs to support eIDAS 2.0 compliance

As a global identity technology company with more than 30 years of experience in the identity verification space, we provide identity document and biometric authentication in more than 195 countries. 

We also offer 80 global identity, risk, and fraud protection KYC modules, including one for Digital ID verification. Our Digital ID module supports a wide range of ID schemes in the EU and globally, including government and bank-issued IDs, such as MitID in Denmark and BankID in Sweden, and private-sector credentials. 

Through a single API, your business can accept current IDs from EU countries and new ones as they’re rolled out leading up to the eIDAS 2.0 deadline. Further down the line, as other regions see how eIDAS plays out in Europe and start mandating Digital ID acceptance, you can easily add those IDs when they become available as well.

Here are some reasons businesses choose to work with us:

Accept Digital IDs of all types from every EU country and onboard more genuine customers

To accept Digital IDs at scale, you need to handle multiple Digital ID types – ideally without rebuilding your onboarding infrastructure every time a new ID is introduced.

Our GBG Go platform, an end-to-end identity verification solution, provides a single integration point to multiple Digital ID schemes. This means you don’t need to build and maintain separate integrations for each country or ID type, saving you time and resources.



If a customer doesn’t have a Digital ID, they can fall back to more traditional verification methods, like document authentication or biometrics, thanks to dynamic verification. Identities can be securely compared against our continuously updated global library of more than 8,500 government-issued IDs from 195 countries, or matched via biometric technology that compares an ID photo to a customer-captured selfie using 68 biometric facial landmarks.

You can also A/B test to see how many people are onboarding with Digital IDs versus traditional methods by country. Then you can adjust your onboarding journeys based on actionable insights for an improved user experience.

To reduce the risk of fraud, you can place GBG Trust, our cross-industry dataset built from billions of identity insights across 28+ sectors, at the beginning of each onboarding journey. GBG Trust can identify if the same identity details have been used multiple times in a short period of time – indicating a Digital ID may have been compromised – and block fraud earlier on in the onboarding process so that only genuine customers are let through.

Stay compliant with evolving EU regulations through a KYC provider with Digital ID expertise

Staying on top of evolving regulations can be time consuming and resource intensive, especially with Digital IDs getting rolled out so quickly. This is why we continuously maintain and update integrations with new EU Digital ID schemes: this way, you automatically gain access to new Digital IDs and updated assurance standards as they become available.

With our team of experts, you can navigate shifting regulations across regions more comfortably. We typically recommend selecting one or two markets to launch in initially instead of expanding into dozens right away. From there, we can familiarize you with the different types of IDs, adoption rates, and assurance levels in your selected markets so you’re better prepared to expand into more later down the line. 

For example, we’ve helped a major gaming company based in the UK expand its operations in Italy by enabling it to accept the country’s Digital ID, SPID, to comply with Legislative Decree No. 41/2024, which requires individuals who want to open an online gaming account to use a valid identity document for verification. 

We tested Digital ID workflows that aligned with the regulation, and now the company is live in Italy and able to onboard more legitimate customers compliantly. 

Centralize all KYC checks in one platform with dynamic routing and normalized assurance levels

If you’re using different vendors for different KYC elements, you’re forced to juggle multiple relationships, contracts, and billing cycles. On top of a digital identity solution, you may need to use separate vendors for biometrics authentication and sanctions screening, for instance. You’ll also have to integrate with each vendor separately, which adds complexity to your KYC process. 

Having everything in one centralized location reduces this fragmentation. We built our GBG Go solution to be a unified KYC platform that brings all the necessary KYC components – not just Digital ID verification – together in one place, from document authentication and biometrics to watchlists screening and ongoing monitoring. 

The solution also normalizes assurance levels across Digital IDs from different countries, mapping them to recognized standards like eIDAS 2.0’s low, substantial, and high assurance levels. 

This enables you to automatically route users through verification paths based on assurance thresholds and regulatory requirements for faster onboarding.

How Digital ID verification works in GBG Go

Here is how you can add Digital ID verification to your onboarding flow within GBG Go:

1. Configure the Digital ID module in GBG Go.



2. Present Digital ID as an identity verification option during customer onboarding.



3. Instruct the customer to scan a QR code and follow the steps to complete the verification process. 



4. Inform the customer that their Digital ID has been successfully verified and that they can continue to the next step. 

Start accepting Digital IDs to achieve eIDAS 2.0 compliance with GBG

By adopting eIDAS 2.0-compliant Digital IDs that are available today, you can decrease onboarding times, reduce fraud risk, and provide a smoother customer experience – and as more countries launch their own IDs to comply with eIDAS 2.0 regulations, you can easily start accepting those when they roll out.

Our GBG Go solution enables flexible workflows in which Digital IDs are seamlessly orchestrated alongside your existing verification methods through a single API, combining authoritative identity data and global coverage to help you meet eIDAS 2.0 requirements without disrupting your current onboarding flows.


We make it easy to improve your identity verification process with Digital IDs and comply with eIDAS 2.0 regulations. Learn how by requesting a demo today.

FAQs: eIDAS 2.0

eIDAS 2.0 can streamline KYC processes by enabling businesses to accept trusted digital credentials without manual document verification, therefore speeding up onboarding.

Businesses can automate decisioning based on Digital ID assurance levels and reduce friction for low-risk customers while maintaining compliance. Because Digital IDs from any member state are recognized across borders, international onboarding is easier. 

Businesses that are required to perform identity verification under EU regulations, including financial institutions, fintechs, gaming platforms, and other regulated entities, must be able to accept EU-recognised Digital IDs as a valid verification method by January 1, 2027.

No, businesses can use an identity orchestration platform that provides single-API access to multiple Digital ID schemes and wallets, such as GBG Go. This way, businesses only need to integrate once to accept multiple IDs from different countries while also reducing dependency on individual trust service providers.