Onboard already verified users with Docless Verification in Europe
eIDs, Digital Identity Wallets, and trusted data sources now enable regulated businesses to onboard users with less friction. This guide maps Europe’s Docless verification landscape and shows how businesses can verify customers without identity documents while still maintaining a high level of assurance in onboarding.
Schedule a DemoWhy Docless, Why Now
Three pressures are converging on identity
Commercial
Digital-native users expect onboarding in minutes — nearly half abandon journeys that become too lengthy or cumbersome.
Regulatory
National eID schemes already serve millions, and eIDAS 2.0’s European Digital Identity Wallet becomes mandatory by the end of 2027.
Assurance
Beyond confirming the data is genuine, businesses must prove the person presenting it is its legitimate owner, using biometric binding that detects deepfakes and presentation attacks.

01 — The Conversion Challenge
Onboarding friction is a measurable revenue problem
Europe’s digital economy has reached a scale where remote onboarding friction translates immediately into lost revenue. With 94% of EU individuals online in 2025 and nearly nine in ten using mobile, regulated platforms onboard at volumes that demand an identity layer which never becomes a bottleneck in the way of customer acquisition.


To illustrate the revenue scale
in annual revenue forfeited by a platform processing 100,000 monthly registrations at €300 average lifetime value, with a 40% friction-attributable abandonment rate.
The Fraud Threat
Fraud is escalating specifically at the remote onboarding stage
While friction in customer onboarding drives revenue loss, the need for a higher level of assurance in onboarding is rising at the same time as fraud levels climb. Account creation is increasingly becoming the highest-risk stage of the customer lifecycle. European regulators continue to reinforce a risk-based approach to customer due diligence, requiring institutions to understand customer risk, apply proportionate verification measures, and maintain confidence in the identity established at onboarding.
projected surge in deepfake fraud by the end of 2026 — including document deepfakes and synthetic IDs.
Shufti internal verification dataRisk-sensitive due diligence
Verification depth must match each customer’s risk. Notified eID schemes at substantial or high assurance — BankID, MitID, SPID, DigiD, itsme, and others — satisfy the requirements.
Confirmed presence & identity binding
A mandatory liveness check confirms real-time presence, ruling out replays, masks, and AI-generated substitutes — increasing reliability through biometric capture where risk warrants.
02 — The European eID Ecosystem
Your users are already verifying with national and commercial eIDs
Each EU member state has built its own digital identity scheme, collectively covering hundreds of millions of verified citizens. Docless verification through these schemes is not a future capability — it is the current reality for most of Europe’s digitally active population.

Also live: Greece (Gov.gr Wallet), Austria (ID Austria), Finland (Finnish Trust Network). The European Commission’s 2030 Digital Decade target — 80% of EU citizens using a digital ID by 2030 — is already ahead of schedule in several markets.
03 — Docless Coverage Across Europe
Passive docless coverage across Europe
Passive docless verification validates identity using trusted government, telecom, credit, commercial, and consumer data sources without requiring document submission. By combining multiple authoritative data sources within a single verification flow, Shufti supports both one-to-one matching and two-plus-two verification methodologies, improving resolution rates across diverse markets. Bubble size reflects adult population, while colour represents the highest coverage available from an individual data source across key European economies.

04 · Active + Passive eIDV
Combined eIDV coverage across Europe
Bringing active and passive docless methods together extends reach further still. Many markets support both active docless, where the user authenticates with a national eID or wallet, and passive docless, where identity is confirmed silently against trusted data sources — while others are served by one method today.

05 — eIDAS 2.0 & The EUDI Wallet
A mandatory acceptance obligation is arriving in 2027
Is your business ready to accept the EUDI Wallet?
Regulation (EU) 2024/1183 requires every member state to issue a European Digital Identity Wallet by December 2026. From late 2027, regulated relying parties — banks, payment institutions, and regulated digital platforms — must accept those wallets as valid identity verification.
Identity binding rules
Implementing Regulation (EU) 2026/798 requires reinforced remote onboarding — and rigorous liveness — until the combined result reaches high assurance.
Wallet issuance
Every member state issues a government-backed portable identity container citizens use to share verified attributes selectively.
Mandatory acceptance
Regulated businesses must accept EUDI Wallets. A programme built on document capture alone will need a fundamental rebuild.
06 — One Platform, Three Requirements
Identity verification, assurance, and e-signing in one place
EU businesses may require docless verification, a higher level of assurance in authentication, and e-signing for loan applications or transaction authorisation — all in one place. Shufti brings these together on a single platform, applied in any combination a customer or transaction demands.
Three requirements · apply any combination, in any order
Identity VerificationConfirm the identity against an authoritative source or government credential such as BankID, MitID, SPID, DigiD, itsme, FranceConnect+, or a future EUDI Wallet.

Biometric liveness confirms the person presenting the credential is its legitimate holder.
Consent & SigningComplete transactions with electronic signatures, including Qualified Electronic Signatures where evidentiary strength is required.
07 — Risk-Based Orchestration
Match verification depth to customer risk
The best docless flows don’t apply one process to everyone. They run a lighter check for low-risk users and escalate only when the risk profile warrants. This is the architecture that makes docless both commercially viable and compliance-grade.
Invisible background check against authoritative data — under 3 seconds, no redirect.
Authentication with a government-issued digital identity credential the user already holds.
Liveness capture at iBeta Level 3 — ISO/IEC 30107-3 presentation-attack detection.
Verification depth escalates with customer risk → higher assurance
Future ready for the EUDI Wallet
Infrastructure for the future of digital identity in Europe
Shufti is actively investing in the future of digital identity — expanding eID coverage across Europe and integrating with the evolving EUDI Wallet ecosystem. Businesses are positioned to accept digital credentials and support customer onboarding as regulatory adoption milestones approach, without building and maintaining complex digital identity infrastructure from scratch.
08 — Provider Evaluation
Use this checklist to choose a docless verification provider for Europe

A single integration that opens docless verification across the entire EU, so one provider and one contract cover every market you operate in, with no need to source, integrate, or maintain a separate vendor per country.

Active docless verification via national government credentials across all major EU markets.

Passive data-source verification across member states, drawing on both government and non-government authoritative sources, with a demonstrable per-market resolution rate.

iBeta Level 3 conformance under ISO/IEC 30107-3, with deepfake detection built and updated by the provider on its own timeline, running in-session without redirects.

Verification depth configurable by segment, with automatic in-session escalation when a risk signal appears mid-flow.

EUDI Wallet acceptance readiness ahead of late 2027, QES support under eIDAS 2.0, and in-region plus on-premises deployment for GDPR and data sovereignty.
Onboard more than 400 million already verified users across Europe through a single solution
The eID schemes are live, the regulatory framework is set, and the capability already exists. The only question is whether your provider can deliver it across the markets you operate in.
Frequently Asked Questions
Docless verification confirms identity against an authoritative source of truth — a government registry, financial database, or government-backed eID — rather than from a submitted document image. It removes the long forms, repeated requests, and upload failures that drive onboarding abandonment, while combining authoritative data with biometric assurance for high confidence.
Regulation (EU) 2024/1183 requires every member state to issue a European Digital Identity Wallet by December 2026. From late 2027, regulated relying parties must accept those wallets as valid identity verification. Implementing Regulation (EU) 2026/798 further requires reinforced remote onboarding — including rigorous liveness — until the combined result reaches the high assurance level.
Even with authoritative data, you must confirm the person presenting the identity genuinely owns it — not someone using breached details or a synthetic identity. iBeta Level 3 conformance under ISO/IEC 30107-3 is the highest independently audited liveness standard, explicitly testing against AI-generated face attacks at the sophistication now in operational use.
Passive eIDV covers 30+ countries. Active eIDV supports national schemes including BankID, MitID, SPID/CIE, DigiD, itsme, Gov.gr, FranceConnect+, and the German eID. Direct biometric verification is available in Belgium, Estonia, Lithuania, and the UK, with on-device biometric authentication across the Nordics, Germany, Austria, Italy, and more.
Look for a provider that owns its core technology, returns a single consistent result schema across markets, holds iBeta Level 3 conformance, allows configurable risk-based escalation, and is positioned for EUDI Wallet acceptance ahead of late 2027 — with in-region and on-premises deployment for data residency.
Form submitted successfully!
Thank you for your interest — your report is loading now.
Verify Singapore customers before December 2026
With about eight months to the NRIC authentication deadline and MAS enforcement at its firmest since 2023, see Shufti configured for Singapore, with MyInfo routing, FIN-holder fallback, deepfake-resistant biometric authentication, AML screening, and MAS-calibrated audit records.

Back









