What is a technical security system (TSS)?

Simon Tragatschnig explains in an interview what the so-called technical security system is all about and what role it plays in the KassenSichV.

11. April 2019

Simon Tragatschnig

Unternehmer, Finanz & Technik-Experte

KassenSichV.net: In the context of Kassensicherungsverordnung haunts the term TSS or even TSS cash register. Could you tell us more what this is all about?

The TSS is a so-called technical security system. This is responsible for recording the individual recordings in such a way that no manipulation is possible afterwards. It is almost a safe container and all data that ends up in this container cannot be changed anymore.

KassenSichV.net: How is the TSS connected to the cash register?

S. Tragatschnig: By introducing the KassenSichV, manufacturers, and users of cash registers or similar recording systems are obliged to consider how the data is stored without being modified later.

In the context of KassenSichV, the legislator stipulates that cash registers must be equipped with a technical safety system. The TSS is in charge of ensuring protection against data manipulation. And the POS itself continues to do what it does best, namely to be a cash register.

KassenSichV.net: What is the technical security system made of? How can one imagine it?

Simply put, one can think of the TSS as a large box with two other smaller boxes inside it: the SMA (Secure Module Application) and the CSP (Crypto Service Provider).

The cash register sends the data to the TSS. It is, so to speak, the gatekeeper that decides what data is allowed in, who gets access.
The TSS then forwards the data to the SMA. Its task is to ensure that nothing can go wrong during the security operation and that nothing can be manipulated during the communication operation.
In the end, the CSP generates the signature and sends it back to the SMA. The SMA merges the signature with the original data. When the process is complete, all of it is stored in memory.

KassenSichV.net: Does the TSS have to be implemented with hardware or is a cloud-based solution also possible?

According to the Federal Ministry of Finance (BMF), a physical identity of the security module and of the storage medium is not required. This means that the TSS-requirements can be fulfilled with both a traditional disk, such as a memory card and cloud storage.

I recommend the modern and future-proof version of storage in the cloud. On the one hand, potential problems can be minimized (for example, a memory card could be destroyed or lost), and on the other hand, implementation is less complicated and more cost-effective because no additional hardware investment is necessary.

Incidentally, we at fiskaly are already making our cloud-based TSS available for testing.

KassenSichV.net: The implementation of this regulation seems to be really complex. What can I do now as a company or cash register provider to get prepared for the KassenSichV?

The topic on the KassenSichV and the functioning of the technical security system are actually very complex. Nevertheless, the motto is: do not despair! It’s best to get in touch with experts as quickly as possible. Experts who have been working on the issue for some time, or who have already implemented the topic of tamper protection in other European countries.

Of course, we at fiskaly are here for you!

You might also be interested in this:

Operating Cloud TSS

Current developments and legally compliant operation of the cloud TSS In the panel discussion, the panelists will discuss the current solution on German KassenSichV as well

30. March 2021 No Comments