As early as 2016, the Digital Primary Accounting Record Anti-Tampering Act (Gesetz zum Schutz vor Manipulationen an digitalen Grundaufzeichnungen), also referred to as the ‘Cash Register Act’, came into effect. This provided the basis for the Cash Register Anti-Tampering Ordinance introduced by the Federal Ministry of Finance, which prescribes the standards for preventing manipulation of cash register systems. Since 30 September 2020, all cash registers must be equipped, if technically possible, with a so-called technical security device (TSE). The TSE stores transaction data signed in a protocol, ensuring that the data cannot be subsequently changed. It must be possible to export this protocol during an audit and present it to the tax office.
All taxable persons who operate an electronic cash register system are affected by fiscalization, i.e., especially wholesalers and retailers, the catering and hotel industry, as well as taxis in the future. Technically, TSE integration is to be implemented by cash register or taximeter manufacturers.
The need for this step is clearly demonstrated by the ten billion euros which, according to the Federal Court of Auditors, the German government loses each year due to unregistered cash payments. Cash is also a frequent means of payment in the taxi industry, and there is a great deal of concern that turnover is being smuggled past the tax office.
To protect digital records in electronic cash register systems (for instance, cash registers) and taximeters against manipulation, D‑Trust has developed practical solutions for cash register and taximeter manufacturers.
Three options for legally secure fiscalization
D-Trust offers various solutions for legally compliant electronic cash register systems and taximeters. There are two options available for cash registers: The hardware-based solution (TSE module) integrates the TSE functions locally into the POS system as a microSD card or with adaptors as an SD card or USB stick. This makes the solution suitable for retailers with only a few cash registers or poor network coverage. A cloud-based solution is also available, i.e., Fiskal Cloud which was developed in a partnership between Deutsche Fiskal and D-Trust. Fiskal Cloud relies on a local security component (SMAERS) that records transactions at the point of use but signs them centrally in the cloud. This ensures that manipulation is not possible even for offline-enabled cash registers. This model makes the cloud solution particularly attractive for companies with several branches and many single cash registers. Now, once installed, all of the cash registers can be managed centrally.
When it comes to protecting taximeter data, the TIM Card Taxi offers cryptographic protection against manipulation of digital taximeter records. The TIM Card, a smart card implemented according to INSIKA Specification, is used to automatically secure the taximeter data with an electronic signature. With this card, data manipulation cannot go unnoticed. Now that the Cash Register Anti-Tampering Ordinance has been amended to include taxis, taximeter manufacturers are obliged to integrate a TSE beginning in 2024. Manufacturers who already have a TIM Card Taxi from D-Trust are likely to be granted an extended transition period.
The fiscalization solutions from D‑Trust GmbH at a glance