Commission Implementing Regulation (EU) 2024/2981 of 28 November 2024 laying down... (32024R2981)
INHALT
Commission Implementing Regulation (EU) 2024/2981 of 28 November 2024 laying down rules for the application of Regulation (EU) No 910/2014 of the European Parliament and the Council as regards the certification of European Digital Identity Wallets
- COMMISSION IMPLEMENTING REGULATION (EU) 2024/2981
- of 28 November 2024
- laying down rules for the application of Regulation (EU) No 910/2014 of the European Parliament and the Council as regards the certification of European Digital Identity Wallets
- CHAPTER I
- GENERAL PROVISIONS
- Article 1
- Subject matter and scope
- Article 2
- Definitions
- CHAPTER II
- NATIONAL CERTIFICATION SCHEMES
- Article 3
- Establishment of national certification schemes
- Article 4
- General requirements
- Article 5
- Incident and vulnerability management
- Article 6
- Maintenance of national certification schemes
- CHAPTER III
- REQUIREMENTS RELATING TO SCHEME OWNERS
- Article 7
- General requirements
- CHAPTER IV
- REQUIREMENTS RELATING TO PROVIDERS OF WALLET SOLUTIONS AND THE ELECTRONIC IDENTIFICATION SCHEME UNDER WHICH THEY ARE PROVIDED
- Article 8
- General requirements
- CHAPTER V
- REQUIREMENTS RELATING TO CERTIFICATION BODIES
- Article 9
- General requirements
- Article 10
- Subcontracting
- Article 11
- Notification to the supervisory body
- Article 12
- Incident and vulnerability management
- CHAPTER VI
- CONFORMITY ASSESSMENT ACTIVITIES
- Article 13
- Evaluation activities
- Article 14
- Certification activities
- Article 15
- Complaints and appeals
- Article 16
- Surveillance activities
- Article 17
- Consequences of non-compliance
- CHAPTER VII
- CERTIFICATION LIFECYCLE
- Article 18
- Certification lifecycle
- CHAPTER VIII
- RECORDKEEPING AND PROTECTION OF INFORMATION
- Article 19
- Retention of records
- Article 20
- Protection of information
- CHAPTER IX
- FINAL PROVISIONS
- Article 21
- Transition to a European cybersecurity certification scheme
- Article 22
- Entry into force
- ANNEX I
- RISK REGISTER FOR EUROPEAN DIGITAL IDENTITY WALLETS
- Introduction
- SECTION I
- High-level risks to the wallets
- SECTION II
- System-related risks
- SECTION III
- Technical threats
- SECTION IV
- Threats to the wallets
- ANNEX II
- CRITERIA TO ASSESS THE ACCEPTABILITY OF ASSURANCE INFORMATION
- ANNEX III
- FUNCTIONAL REQUIREMENTS FOR WALLET SOLUTIONS
- ANNEX IV
- METHODS AND PROCEDURES FOR EVALUATION ACTIVITIES
- 1.
- Audit of the implementation of a wallet solution
- 2.
- Evaluation activities related to the wallet secure cryptographic device
- 3.
- Evaluation activities related to the wallet secure cryptographic application (WSCA)
- 4.
- Evaluation activities related to the end user device
- 5.
- Evaluation activities related to the wallet instance
- 6.
- Evaluation activities related to the services and processes used for the provision and operation of the wallet solution
- 7.
- Evaluation activities related to the ICT services used for the provision and operation of the wallet solution
- ANNEX V
- LIST OF PUBLICLY AVAILABLE INFORMATION ABOUT WALLETS
- ANNEX VI
- METHODOLOGY TO ASSESS THE ACCEPTABILITY OF ASSURANCE INFORMATION
- 1.
- Assessing the availability of assurance documentation
- 2.
- Assessing assurance related to individual requirements
- ANNEX VII
- CONTENT OF THE CERTIFICATE OF CONFORMITY
- ANNEX VIII
- CONTENT OF THE PUBLIC CERTIFICATION REPORT AND THE CERTIFICATION ASSESSMENT REPORT
- ANNEX IX
- SCHEDULE FOR MANDATORY SURVEILLANCE EVALUATIONS
Feedback