fiskaltrust specialises in securing POS systems against VAT fraud and our mission is to be present in every European country. In order to make this manageable for the international PosCreators, we rely on the ISCA principles and try to condense them for the manufacturer.
The ISCA principles
Inalterability, security, conservation and archiving are the four pillars of a secure POS system, as these are required to be implemented in every European country, only the means differ. In Germany, for example, a technical security device (TSE) is prescribed as an SSCD (Secure Signature Creation Device), in Italy a fiscal printer and in Austria a signature creation unit, and in France the four principles must be implemented directly in the POS system.
It is precisely with these different implementation variants that the fiskaltrust.Middleware comes into play. It takes away the headache for manufacturers of having to implement all possible variants. We use an abstract security device for the middleware to which we then dock the respective prescribed variants.
The SCU as an interface
The SCU thus creates a unique interface between the Queue and the national SSCD – this can be addressed by the fiskaltrust.Middleware via the Queue. However, it is also possible to address it directly via the network, depending on the national requirements.
The connection to the CashBox
In France, there is a loose coupling between the SCU and the CashBox. We have to look at the national circumstances here. The French legislator and also the two national certification agencies look at the security for tills from the block angle of the establishment of a company.
This view is also supported by the organisation of the business register. Each company receives a nine-digit and unique number from INSEE (Institut national de la statistique et des études économiques), the SIREN (commercial register number). For each establishment, this SIREN is extended by another five digits to become the 14-digit SIRET. The SIRET identifies each physical establishment with a unique number.
As a result, fiskaltrust has also adopted this methodology and requires a separate SCU per branch (outlet) to secure the data in a Queue. Since the CashBox (the configuration container for POS systems) is subsequently linked to an outlet via the Queue, the loose coupling is created here.
Security is written in CAPITAL LETTERS
This sounds as if the SCU can be connected and used at will. Of course, this is not correct. In the fiskaltrust.Portal, any number of SCUs can be created for a branch. This also makes sense for very large business establishments. But there are limitations!
- A Signature Creation Unit that has been created can no longer be changed.
- The SCU can never be assigned to another branch office.
- Once a connection to the queue has been established, the SCU can no longer be changed.
A central location for security
The Signature Creation Unit is thus one of the central points in the fiskaltrust.SecurityMechanism. With the national connection to an SSCD, an electronic signature is made available which makes the origin of the individual document clearly identifiable.
With this tamperproof architecture, fiskaltrust ensures that you can use our middleware in any country in Europe with only minor adjustments.