Major vulnerability patched in the EU’s eIDAS authentication system

European authorities have released today a patch for the eIDAS system. The patch fixes two security flaws that could allow an attacker to pose as any EU citizen or business during official transactions.

eIDAS stands for electronic IDentification, Authentication and trust Services. It is a very complex, cryptographically-secured electronic system for managing electronic transactions and digital signatures between EU member states, citizens, and businesses.

The EU created eIDAS in 2014 to allow member state governments, citizens, and businesses to carry out cross-border electronic transactions that can be verified against official databases in any country, regardless of the origin state of the transaction.

Read more…
Source: ZDNet