Certification of fiskaly Cloud Crypto Service Provider

Certi­fi­cation of fiskaly Cloud Crypto Service Provider

Among other things, the Tax Code provides for a combi­nation of technical and organ­i­sa­tional measures to effec­tively prevent manip­u­lation of digital basic records. The core of the tax code is a certified technical security device (TSE for short). The TSE is the central technical component for securing the basic records against subse­quent manip­u­lation. The certi­fi­cation aims to ensure a uniform minimum level of trust and security in the TSE as well as compliance with necessary inter­op­er­ability requirements.

Cash register systems carry out digital basic records in the above sense. Therefore, the cash register security ordinance of the Federal Ministry of Finance specifies require­ments for the certi­fi­cation of TSEs, which have been imple­mented accord­ingly by the BSI. These include detailed require­ments for the security module, the storage medium, the digital interface and the electronic storage, which have been published in the form of several technical guide­lines and protection profiles.

The central security component of a TSE is a so-called Crypto­graphic Service Provider (CSP). This is the component that performs the crypto­graphic signature opera­tions and securely manages essential compo­nents such as crypto­graphic keys and other parameters.

The BSI has certified fiskaly’s CSP Light based on the evalu­ation results of the SRC. This CSP Light is imple­mented as a cloud service to enable integration into networks.

In contrast, CSPs can also be created in the form of smart cards for stand-alone systems. Such products have also already been evaluated by SRC.