Simon Tragatschnig explains in an interview what the so-called technical security system is all about and what role it plays in the KassenSichV.
Unternehmer, Finanz & Technik-Experte
KassenSichV.net: In the context of Kassensicherungsverordnung haunts the term TSS or even TSS cash register. Could you tell us more what this is all about?
The TSS is a so-called technical security system. This is responsible for recording the individual recordings in such a way that no manipulation is possible afterwards. It is almost a safe container and all data that ends up in this container cannot be changed anymore.
KassenSichV.net: How is the TSS connected to the cash register?
S. Tragatschnig: By introducing the KassenSichV, manufacturers, and users of cash registers or similar recording systems are obliged to consider how the data is stored without being modified later.
In the context of KassenSichV, the legislator stipulates that cash registers must be equipped with a technical safety system. The TSS is in charge of ensuring protection against data manipulation. And the POS itself continues to do what it does best, namely to be a cash register.
KassenSichV.net: What is the technical security system made of? How can one imagine it?
Simply put, one can think of the TSS as a large box with two other smaller boxes inside it: the SMA (Secure Module Application) and the CSP (Crypto Service Provider).
KassenSichV.net: Does the TSS have to be implemented with hardware or is a cloud-based solution also possible?
According to the Federal Ministry of Finance (BMF), a physical identity of the security module and of the storage medium is not required. This means that the TSS-requirements can be fulfilled with both a traditional disk, such as a memory card and cloud storage.
I recommend the modern and future-proof version of storage in the cloud. On the one hand, potential problems can be minimized (for example, a memory card could be destroyed or lost), and on the other hand, implementation is less complicated and more cost-effective because no additional hardware investment is necessary.
Incidentally, we at fiskaly are already making our cloud-based TSS available for testing.
KassenSichV.net: The implementation of this regulation seems to be really complex. What can I do now as a company or cash register provider to get prepared for the KassenSichV?
The topic on the KassenSichV and the functioning of the technical security system are actually very complex. Nevertheless, the motto is: do not despair! It’s best to get in touch with experts as quickly as possible. Experts who have been working on the issue for some time, or who have already implemented the topic of tamper protection in other European countries.
Of course, we at fiskaly are here for you!
We explain why there will be no ‘complete solution’ for the launch of the KassenSichV on 1.1.2020 and what the provisional release of the BSI is.
The cash register regulation via cloud implementation is an option that more and more companies are considering. We explain why the cloud solution is the best.
DSFinV‑K: The data standard for cash registers explained in detail Last August, version 2.0 of DSFinV‑K was released. Here we explain the most important points
