Instead of relying on traditional methods, such as mail or facsimile, or appearing in person to submit paper-based documents, they may now perform transactions across borders, like "1-Click" technology.

[9][10] In July 2024, the first eIDAS-Testbed was launched by the go.eIDAS-Association with a number of German tech firms and foundations to issue PID-Credentials to Architecture and Reference Framework (ARF)-compliant wallets.

By adhering to the guidelines set for technology under eIDAS, organisations are pushed towards using higher levels of information security and innovation.

The directive also allowed each member state to interpret the law and impose restrictions, thus preventing real interoperability, and leading toward a fragmented scenario.

[18] In contrast with the 1999 directive, eIDAS ensures mutual recognition of the eID for authentication among member states,[19] thus achieving the goal of the Digital Single Market.

[23][24][25] In 2023, a proposed change to the law was scrutinized as it would potentially enable EU governments to perform man-in-the-middle attacks, including encrypted communications.

[26] The proposal was condemned by groups of cyber security researchers, NGOs, and civil society, as a threat to human rights, privacy, and dignity.

[32][33] This would possibly allow government mandated CAs to issue certificates for any domain name and use it for impersonation, and most critically, without browsers being able to remove them as trustworthy.

There was additional concern that this allow private actors with state connections to gain access to and misuse the power for their own purposes.

But in order to access more sensitive information, some kind of certification is needed that identity numbers issued by two countries refer to the same person.