eIDAS V2 - Qualified Attribute Attestations
Attribute Attestations, the new eIDAS Trust Service
This service is aimed at public and private organizations responsible for guaranteeing these attributes, as well as at service providers wishing to provide certificates that are recognized and enforceable throughout the European Union.
eIDAS V2 regulation for Qualified Attribute Attestations
An Electronic Attestation of Attribute is qualified when it is issued by a Trusted Service Provider (TSP) meeting eIDAS v2 requirements.
In particular, the CSP must:
- Check the origin, quality and validity of the attribute issued,
- Guarantee the authenticity, integrity and non-alteration of the attestation,
- Ensure traceability of issuance, updating and expiry operations,
- Maintain a security system that complies with applicable standards,
- Enable automated, cross-border verification of the attestation.
Qualified attestations can be presented and used via EUDI Wallets, online platforms or local information systems.
The requirements for Attribute Attestation Providers are based on the following standards:
| Reference | Object | Scope for attributes | ||
| ETSI EN 319 401 | General requirements for trust services | Governance, organization, provider security | ||
| ETSI EN 319 412-1 to 5 | Certificate profiles and data formats | Structured modeling of qualified attributes | ||
| ETSI TS 119 461 | Identity verification for qualified CSPs | Enrolment procedures and validation of attribute sources | ||
| CEN/TS 17489 (series) | Identity and attribute management | Lifecycle management, publication, revocation, durability of proofs |
- Data models,
- Cryptographic mechanisms,
- Identity verification rules,
- The chain of trust associated with the attribute.
Who is eIDAS certification intended for?
Certification of Electronic Attestations of Attributes is aimed at entities responsible for :
- Issuing or validating attributes with legal or regulatory value,
- Certifying status or authorizations (e.g. professional orders, sector authorities),
- Providing digital services requiring reliable proof of attributes,
- Operate interoperable digital identity infrastructures at European level.
Certification demonstrates that attribute management is based on an identified, controlled, documented and verifiable source.
What does LSTI do for you?
LSTI acts exclusively as a Certification Body.
In this capacity, LSTI :
- Evaluates service compliance with applicable ETSI standards,
- Audits the governance and security system,
- Produces a detailed assessment report.
Certification is the basis for objective assessment.
The qualification decision is the sole responsibility of the competent authority, in accordance with the eIDAS v2 mechanism.
Why choose LSTI?
Recognized expertise
Specialized auditors
