Home » Regulations » REM Certified Email: the new european standard for secure communications
Regulations
03.02.2025
| Reading time: 8 min

REM Certified Email: the new european standard for secure communications

3 February 2025

From PEC to REM: the future of certified mail in Europe

Posta certificata REM: il nuovo standard europeo per comunicazioni sicure

La Posta Elettronica Certificata (PEC) sarà sostituita dalla Registered Electronic Mail (REM), un nuovo standard europeo per comunicazioni sicure, che garantirà maggiore interoperabilità e sicurezza. La transizione, prevista tra il 2025 e il 2026, offrirà vantaggi significativi per utenti e imprese, semplificando la gestione delle comunicazioni legali a livello europeo.

In questo articolo scoprirai:

Certified Electronic Mail (PEC), regulated by Presidential Decree No. 68 of 2005, is currently the primary tool for “official communications” between professionals, businesses, and public administrations, having replaced paper-based registered mail some time ago. Its widespread adoption is also due to its accessibility, allowing private citizens to interact with both public and private entities by sending communications that provide “proof of delivery,” thus holding legal value.

Although PEC is widespread, it is set to evolve into REM (Registered Electronic Mail), also known as “European PEC,” because it will be valid for communications across the entire EU. If PEC is already such a commonly used and established tool, what are the reasons for its “replacement” with REM? And when will this transition take place?

Why the transition from PEC to REM?

The European Commission has long been working to “standardize” certified digital services within the EU, aiming for greater interoperability, including through the revision of the eIDAS 2.0 regulation.

However, there is also a more “formal” need driving this transition in Italy: according to Regulation 910/2014 (eIDAS), PEC, due to its characteristics, can be considered a “SERC,” a Certified Delivery Service. REM, on the other hand, which also includes strong authentication of the mailbox holder, is a “SERCQ,” a Qualified Certified Delivery Electronic Service.

Key differences between PEC and REM

There are key differences between PEC and REM that allow REM to be defined as a Qualified Certified Delivery Service. Here are the main differences:

  • Identification of the holder: As mentioned earlier, the main difference between PEC and REM is the process of recognition and identification of the account holder. Currently, activating a PEC only requires registering the personal data of the holder, whereas for REM, it will be mandatory to complete a verified identification process, including through digital identities such as SPID and CIE. This system not only ensures the receipt of the message but also guarantees the certainty of the identity of both the recipient and the sender.
  • Two-factor authentication: To access REM, it will be mandatory to activate a two-factor authentication system. When logging into the portal provided by the REM provider, it will be necessary to enter an additional code, usually a One Time Password (OTP) generated through an app or received via SMS. Currently, two-factor authentication for PEC is optional and can be set up at the user’s discretion.
  • European interoperability: Another difference between PEC and REM is that REM can be considered a valid tool throughout the EU. By sending a REM to a user in another European country, it will have the same legal value, something that does not apply to PEC today, as it is exclusively an Italian tool.

Benefits of REM for users and businesses

Registered Electronic Mail (REM) will offer significant advantages for users and businesses, ensuring more secure and reliable communications across the EU through the traceability and certification of sent and received messages. Additionally, this solution will provide standardized access and a qualified digital communication tool for public administrations and businesses throughout Europe, facilitating interaction with international entities and partners. For Italian businesses operating at the European level, REM reduces bureaucratic obstacles, simplifies document management, and ensures compliance with cross-border regulations, leading to improved operational efficiency and accelerated business processes.

How to transition from Certified Electronic Mail (PEC) to REM

The transition from PEC to REM will occur transparently for users. It will be the provider’s responsibility to upgrade their mailboxes to the European standard.

Implementation timeline for REM

Let’s clarify a bit: the transition from PEC to REM will not be mandatory in 2024. For the migration obligation to take effect, a DPCM (Decree of the President of the Council of Ministers) is required, which, as of November 2024, is still awaiting publication. Once published in the Official Gazette, the timelines indicated within the DPCM will determine when the obligation comes into effect, which is why the deadline will likely be extended, probably between the end of 2025 and the beginning of 2026.

Conclusion

The transition from PEC to REM (European PEC) will bring numerous advantages in terms of security, reliability, and interoperability. However, it is undeniable that the need for strong identification and two-factor authentication could pose operational challenges for companies that require multiple mailboxes, which need to be accessed by several individuals.

Intesa PEC Management System

For this purpose, Intesa, as a Qualified Trust Service Provider and digital solution provider, offers its clients a PEC Management System designed to simplify the operations of those who need to manage multiple mailboxes simultaneously, even across different providers. With the official introduction of the mandatory requirement, the service will subsequently be adapted to manage REM mailboxes.

Today, it is even more important to equip yourself with a dedicated PEC management system, and here’s why:

  1. Widespreat Use
    With the expansion of the potential PEC user base across the EU, both as recipients and senders, the opportunities for using the electronic legal correspondence channel within businesses will increase. Users will increasingly need an organized and traceable management of messages and receipts.
  2. Simplification and Security
    Adopting a PEC management system helps overcome the complications of handling two-factor authentication (MFA), which is only valid for direct access to the webmail via the REM Provider’s site. For application-to-application authentication to the REM mailbox, an application-based authentication mode, based on the OAuth 2.0 protocol, has been introduced. Thanks to this mode, managed directly by the PEC Management System and completely transparent to the user, the PEC Management System will securely handle connections to the REM mailbox for receiving and sending emails without any impact on businesses or users.
  3. Interoperability
    The PEC Management System will allow retroactive interoperability between the retiring PEC channel and the new REM channel; the transition will be seamless for users.

Potrebbero interessarti

The partnership between Intesa and Pagero will help companies conduct international business in a simple, interconnected, compliant and digital way.

Intesa, a Kyndryl Company, diventa Service Provider CIE

Intesa adds an additional important authorisation from the Italian Digital Agency (AGID): consent for authentication using Electronic ID Cards (eIDs) for those accessing the company's services, as permitted by its status as an accredited service provider.

The integration of Trustfull into Intesa's remote identification processes marks a new chapter in digital security innovation, not only in the financial sector but beyond, delivering significant tangible benefits for customers

EPREL: come ottenere e apporre il sigillo elettronico

Manufacturers and distributors of electronic equipment will be required to apply the qualified electronic seal on the EPREL portal. Let’s explore what the Qe-Seal is and how it works.

Voglio essere informato su prodotti, servizi e offerte di INTESA.
Ho letto e accetto l'informativa sulla privacy.

È possibile ritirare il proprio consenso in qualsiasi momento inviando una e-mail al seguente indirizzo: privacy_mktg@intesa.it. Oppure, se non si desidera ricevere più le e-mail di marketing, è possibile annullare la sottoscrizione facendo clic sul relativo link di annullamento sottoscrizione, in qualsiasi e-mail.
Per confermare l'iscrizione, controlla la tua email!
Share