Final Declaration of the 1st edition of the Trusted Economy Forum
The Trusted Economy Forum is currently one of the largest conferences in the world dedicated to digital trust services, electronic identification and cybersecurity. This is a new edition of the well known in the market and positively evaluated the European Forum on Electronic Signature and Trust Services (EFPE) conference, which has a tradition of more than 20 years.
This year we decided to change our banner, but the EFPE’s values are still close to our hearts and will remain the same. The mission of the Trusted Economy Forum is to build a space for discussion, exchange of views and experience of experts in various fields. The conference is aimed at representatives of the world of science, business and government, attracting, as in previous years, more than 600 experts and practitioners from around the world. It should be noted that about 150 people attended the meeting in Warsaw.
Rapidly advancing globalization, not only in the business area, but also in both social or cultural areas, forces us to think, plan and design technology in such a way that it can be used, regardless of territorial boundaries. Technology that will be uniform, safe and universal. Therefore, the first edition of the Trusted Economy Forum was held in hybrid form under the theme “Process, signature, identification — the basis for a unified and trusted global economy”.
EUROPEAN DIGITAL ID WALLET
One of the main topics discussed at this year’s Trusted Economy Forum was the legal and technical changes resulting from the revision of the eIDAS regulation — eIDAS 2.0. The amendment will introduce the European Digital ID Wallet, which will allow data related to the wallet holder to be
retrieved and presented in various activities carried out in both the offline and online worlds on end-user devices, i.e., phone, tablet or PC. The implementation of ID wallets is multifaceted activity and requires the cooperation of both government entities and trust service providers and end-device manufacturers in order to achieve the universality of the solution, i.e., widespread use and wide acceptance. At the same time, the ID wallet provides previously unattainable opportunities for data protection and user security. This feature of the ID wallet must be defined in detail at both the legal and technical levels, e.g., through appropriate standardization. The basis for the implementation of a digital identity wallet is the availability of appropriate technology that allows for the secure retrieval and handling of electronic documents and attribute credentials.
During the Forum, which was held in Poland, the capabilities of the national ID wallet, the mCitizen application, which operates and is a legally recognized solution for presenting personal data in Poland, were demonstrated. At the same time, an analysis of Self-Sovereign Identity solutions in terms of their technological maturity shows that technically implementing ID wallets is possible, but standardization at the European level is needed to ensure their interoperability and widespread use.
Electronic identification systems and means are in widespread use by Europeans, but due to their legal and technical design, their use is very often limited to public administration. The real social benefit can be seen where the electronic identification means provided can be used for both public and commercial services. In this regard, European countries should take local measures to support the universality and accessibility of means of identification in all citizen activities. At the same time, when building European Digital ID Wallets, the highest priority of activities should be assigned to the universality of use and recognition of the wallet in all services used by users.
THE MARKET NEEDS GOOD EXAMPLES OF DIGITIZATION AND EDUCATED SPECIALISTS
Digitization of business processes is a fact of life, but it is also a challenge all the time for numerous business entities that would like to improve processes at the interface with contractors and customers.
Presented at the Trusted Economy Forum, the report by Asseco “Paperless gap and other challenges on the path of digitization of documents in business” showed how much there is to be done, especially in terms of raising awareness among entrepreneurs and users. Lacking positive messages about the benefits, 41% of respondents are unaware of actual cases of successful use of digitization. It is worth mentioning that current restrictions on the availability of electronic identification means that as many as 66% of companies have no plans to introduce eID.
The forum also showed that implementing solutions to change processes to digital is a team effort, requiring companies to work together and deliver products that are easy to use, yet at the highest level of IT security. Forum participants had the opportunity to learn about solutions implemented in banking, financial services and at telecommunications service provider.
The business cases shown provide tangible impacts of process digitization. Participants at the forum suggested that a broad demonstration of successful implementations of process digitization solutions is necessary for market development.
An important issue raised in the debate at the Forum was competence in digital transformation and effective execution of the migration process. According to the report cited above, 61% of the companies surveyed cited a lack of specialists in process digitization as a major challenge. In this egard, educational actions with the participation of universities, training support for employees and the action of competent and recognizable consulting companies are both necessary. Above all, public-private cooperation is needed to allow the use of competencies available in commercial companies (e.g., technology solution providers) in education.
GEOPOLITICS AND CYBERSECURITY
Russia’s aggression against Ukraine in February of this year, sharply redefined the priorities of geopolitics, the economy and security, including cybersecurity. Ukraine is a strategic partner of the European Union, and the ongoing European integration requires adaptation of solutions also in the area of electronic transactions. Ukraine is already implementing solutions based on electronic signatures and seals that comply with the requirements of the eIDAS regulation. The use of the same technical standards, including electronic signature formats, should enable electronic transactions.
Indeed, the security of electronic transactions is at the heart of government and business operations.
In light of the development of electronic services and new threats in the geopolitical arena, the security of services provided has a fundamental impact on the economy and society. For the first time in the forum’s history, the importance of cybersecurity in the provision of trust and eID services was more strongly emphasized. Participants in the debate argued that only a holistic approach stands a chance of ensuring transaction security. How do you accomplish this? In this regard, it is advisable to dive deeper into the topic during the future editions of the forum. Also, in this regard, it is necessary to draw on both the experience of institutions such as ENISA and to benefit from the exchange of experiences of market participants.
Forum participants noted that further adoption of trust services in business and universal services requires not only adherence to security and interoperability standards. Electronic transactions require a structured understanding of the needs of the customer using them first, and then an adequate adaptation to reality. An important conclusion of the presentations given was that “Trust is not a function. Trust is an emotion, experienced by customers”.
READINESS FOR QUANTUM TECHNOLOGY
The continuous development of technology, including quantum technologies, poses a challenge for trust services, whose security is based on algorithmic problems that are difficult to solve with modern computers. Quantum computers will be able to solve these problems, which could pose a threat to the functioning of today’s cryptographic algorithms. Even today, companies are taking steps that should prevent problems arising from the capabilities of quantum computers. Readiness analysis should not only be performed by trust service providers, but also by the public administration, which is the trusted party and accepts the trust service results necessary to build the security of services using today’s cryptographic algorithms.
The first edition of the Trusted Economy Forum showed how important new opportunities from trust services, eID and cybersecurity are for the market. Speakers and participants, both during the presentations given and in behind-the-scenes conversations, repeatedly emphasized how important and groundbreaking the coming year is for the electronic services market and the information society.
The Trusted Economy Forum will be the place where particular emphasis will be placed on engaging representatives of the public and private sectors in the coming years to address all the challenges arising not only from the introduction of eIDAS 2.0, but also from changes in the awareness of users of electronic services themselves. The effect of achievable synergies should contribute to the spread of electronic services, supported by trust services that are not only simple and user-friendly, but also secure and interoperable.
This final document was prepared by international experts and participants of the Trusted Economy Forum 2022 in English and Polish.
We ask politicians, legislators and decision-makers to take into account in their future actions the demands of the participants of the Trusted Economy Forum 2022 and their substantive contribution to the European and international discussion.