Pro­vi­sio­nal release of the TSS

Will the Kas­sen­SichV take effect on 01.01.2020? Will there be a solu­ti­on by then? We took a closer look a these two important questions.

Simon Tragatschnig

Simon Tra­gatsch­nig

Unter­neh­mer, Finanz & Technik-Experte

Our cus­to­mers fre­quent­ly ask when there will be a cer­ti­fi­ca­ted TSS. The answer is: timely. But the descrip­ti­on of details is not that easy. All par­ti­ci­pants work hard to reach a easy and sus­tainab­le solu­ti­on. But good things take their time. In this arti­cle we descri­be our inter­pre­ta­ti­on of the cur­rent situa­ti­on and the pos­si­bi­li­ties as of today.

The Kas­sen­SichV will defi­ni­te­ly take effect on 01.01.2020; this is defi­ned in the legal rank and will not change. Due to the cir­cum­s­tan­ces, howe­ver, this is dif­fi­cult to imple­ment. Here, we will inform you about how you can ope­ra­te a TSS with a pro­vi­sio­nal release and what this means.

No cer­ti­fied TSS until 01.01.2020

It is cur­r­ent­ly not rea­listic to expect a fully cer­ti­fied TSS with SMA and CSP by 01.01.2020 on the market . Due to the eva­lua­ti­on lead times, fully cer­ti­fied TSS are not expec­ted until the new year. In addi­ti­on the spe­ci­fi­ca­ti­ons and pro­tec­tion pro­files are cur­r­ent­ly being revi­sed. From our point of view there will be no cer­ti­fi­ca­ted TSS by 01.01.2020, but there will be a pro­vi­sio­nal release of the BSI.

Cur­r­ent­ly there are some rumors about a decree of the BMF with which details on the app­li­ca­ti­on of TSS are expec­ted. We expect this announ­ce­ment at the begin­ning of Octo­ber 2019.

CSP light

The CSP is cur­r­ent­ly being rede­fi­ned asCSP light”, which is inten­ded to address the app­li­ca­ti­on case in cloud ope­ra­ti­on.

What does this mean in the case of a hard­ware solu­ti­on com­pa­red to a cloud solu­ti­on? At pre­sent only a pro­vi­sio­nal release of the TSS by the BSI is rea­listic. This means that a com­ple­te cer­ti­fi­ca­ti­on of all com­pon­ents cannot cur­r­ent­ly be car­ri­ed out on time. The pro­vi­sio­nal release is limi­ted to one year and can be exten­ded for ano­t­her year. During this period, the CSP must be adap­ted and cer­ti­fied. TSS and SMA must also be recertified. 

The dif­fe­rence bet­ween hard­ware & cloud solutions

A cloud TSS is not affec­ted by a poten­ti­al exchan­ge and the asso­cia­ted finan­cial and time expen­dit­u­re. The imple­men­ta­ti­on as well as the cer­ti­fi­ca­ti­on con­cerns only the com­pon­ents in the fis­ca­ly cloud, not howe­ver the com­pon­ents with the final tax­payer local­ly. In the worst case, if some­thing should change at the inter­faces, a soft­ware update is necessary.

With a hard­ware-only solu­ti­on, there is a risk that the hard­ware will have to be updated within these two years. Once a TSS has been fully cer­ti­fied (pro­bab­ly bet­ween 2020/2021), the cer­ti­fi­ca­ti­on is valid for five years, after­wards the TSS has to be recer­ti­fied. If adap­t­ati­ons are necessa­ry in the mean­ti­me, exis­ting hard­ware TSS must be actua­li­zed with an update.

Pro­vi­sio­nal release of the fis­ka­ly TSS

As of 01.01.2020 there will be some manu­fac­tu­rers (incl. fis­ka­ly) which are in the status ‘in eva­lua­ti­on’.

As soon as we have recei­ved the status ‘in eva­lua­ti­on’, it is pos­si­ble to get a pro­vi­sio­nal release from the BSI (see also FAQ of the BSI). We are alrea­dy working clo­se­ly with the BSI to ensure a smooth eva­lua­ti­on pro­cess. Within the next two years the com­ple­te cer­ti­fi­ca­ti­on (incl. CSP) will take place. With the pro­vi­sio­nal release for the TSS and SMA one can go into ope­ra­ti­on (accord­ing to KassenSichV).

You might also be inte­res­ted in this:

Kontaktlos Bezahlen

Server site Germany 

Data sto­rage fis­ka­ly Cloud — Server Site Ger­ma­ny At fis­ka­ly we take a tho­rough inte­rest in data pro­tec­tion and data secu­ri­ty, becau­se our cus­to­mers’ data

Weiterlesen » 

Cer­ti­fi­ca­ti­on of the TSS

How is the Tech­ni­cal Secu­ri­ty System (TSS) Cer­ti­fied? The requi­re­ments for the com­pon­ents SMAERS (Secu­ri­ty Module App­li­ca­ti­on for Elec­tro­nic Record Kee­ping System) and CSP (Cryp­to­gra­phic

Weiterlesen »