BERGAMO, 4 June 2026 – With the conclusion on 21 May of the transitional period set out by the provisions introduced by the eIDAS 2 regulation for Qualified Trust Service Providers (QTSPs), the European market for digital trust services enters a new phase of full compliance with the requirements set out by the updated European regulatory framework. 

Against this backdrop, Aruba announces that it has completed the compliance journey for its identity verification processes and for its remote signing and qualified electronic delivery services, further strengthening its contribution to building an increasingly secure, interoperable, and fully European digital trust ecosystem. The new eIDAS 2 framework requires QTSPs to strengthen the procedures for the identification and issuance of qualified certificates for digital signatures and seals by introducing higher standards for the reliability, control and security of processes.

For Aruba, this milestone represents a concrete step forward in a journey already well underway and based on established recognition methods, including identification via the Electronic Identity Card and the National Services Card (CNS, the health insurance card), in-person identification, and DVO video identification. 

These methods have been the subject of further measures to strengthen digital onboarding and identity proofing procedures, introducing new levels of control, verification and automation to make identification processes increasingly robust and compliant with evolving European regulations and supervisory body requirements. By way of example, biometric technologies, artificial intelligence tools, OCR of identity documents, and liveness detection and face matching checks have been implemented. 

Aruba has also introduced its Remote Automatic Identity Proofing (RAIP) solution, which combines document data capture via OCR, NFC reading of the Electronic Identity Card to extract chip data, biometric face matching and liveness checks where necessary, and a final offline review by a qualified operator before the process is validated and the service activated. Looking ahead, the system will also support electronic passports, confirming the growing role of qualified digital documents in building the Italian and European digital identity. Overall, the common objective is to offer customers more streamlined procedures while minimising the risk of fraud.

The compliance journey also covers the qualification of remote signing and sealing services, an area in which Aruba operates as both a Certification Authority and a provider of trust services. In this area, the company has completed the new certification process required under the eIDAS 2 framework, confirming that its services comply with the new European requirements. The end of the transitional period marks a new phase for the market, in which regulatory compliance is increasingly linked to providers’ ability to ensure operational continuity, process security and interoperability between European systems and operators.

In parallel, Aruba is also consolidating its role in the area of Qualified Electronic Registered Delivery Services, a central element in the evolution of PEC (Certified Electronic Mail) from a European perspective. Aruba's qualified e-delivery service has also achieved compliance with the new eIDAS 2 framework, and the company is the first Italian operator to have certified a qualified electronic registered delivery system in accordance with the REM standard—a milestone that strengthens its positioning in the field of interoperable trust services and in the construction of the future European digital trust infrastructure.