Certification
fiskaly is the first TSS of its kind to be certified for the maximum term - up until 2029. All necessary certificates have been granted!
This page provides:
- Access to all official certificates;
- Background on the certification process;
- The Compliance Report of our TSS. Publishing this report is to meet our goal of transparency, one of the key values from our code of conduct - something we'd envision from all vendors #fairness!
A TSS has to be certified with the BSI - the Federal Cyber Security Authority of Germany - in order to meet the requirements of KassenSichV.
fiskaly was the first company to have been issued a certification id by the BSI in 2019 for the SMAERS
-Component. During the certification process, there were numerous adaptations, iterations and major improvements to the technical requirements of building a Cloud-TSS.
The following certificates have to be achieved:
- TR-03153 - the TSS end-to-end checks
- SMAERS - Security Module Application for Electronic Record-Keeping Systems - the connector-unit to the CSPL
- CSPL - Cryptographic Service provider - creating the digital signature creation unit
Background
The requirements for the safety module are defined in a technology-independent protection profile according to ISO / IEC 15408 (Common Criteria, CC). To meet these requirements, manufacturers must have their technical devices certified by the BSI. The aim of certification is to ensure a standard minimum level of trust and security from all TSEs and compliance with the necessary interoperability requirements. The following protection profiles issued by the BSI are prescribed for the Common Criteria certificates:
Offical document downloads:
Private Key Infrastructure
All certified TSS need to have certificates issued by a certified Private Key Infrastructure. All fiskaly TSS are using the following Sub-CA and Root-CA certified towards TR-03145
TR-03153 - "end2end"
BSI-K-TR-0403-2021 - fiskaly sign Cloud-TSS 28.05.2021 - First Cloud-TSS to have achieved the maximum certificate validity - until 2029
BSI-K-TR-0403-2021 - Certificate 27.05.2021 - certificate according to technical guideline TR-03153 for fiskaly sign Cloud-TSE
BSI-K-TR-0403-2021 - Certificate of Conformity 27.05.2021 - conformity statement according to technical guideline TR-03153 for fiskaly sign Cloud-TSE
BSI-K-TR-0403-2021 - Compliance Report 27.05.2021 - certificaton report according to technical guideline TR-03153 for fiskaly sign Cloud-TSE
Environment Protection - "Umgebungsschutz" 27.05.2021 - tldr: what fiskaly needs to provide in order to securely operate the TSS for its customers
CSPL - "signature creation unit"
fiskaly Cloud Crypto Service Provider 1.3.0
Certificate BSI-DSZ-CC-1153-V3-2021 17.12.2021 - Certificate for fiskaly Cloud Crypto Service Provider, Version 1.3.0
fiskaly Cloud Crypto Service Provider 1.3.0
Certification Report BSI-DSZ-CC-1153-V3-2021 14.12.2021 - Certification report for fiskaly Cloud Crypto Service Provider, Version 1.3.0
Security Target BSI-DSZ-CC-1153-V3-2021 09.07.2021 - Security Target for fiskaly Cloud Crypto Service Provider, Version 1.3.0
fiskaly Cloud Crypto Service Provider 1.2.0
Certificate BSI-DSZ-CC-1153-V2-2021 20.05.2021 - Certificate for fiskaly Cloud Crypto Service Provider, Version 1.2.0
fiskaly Cloud Crypto Service Provider 1.2.0
Certification Report BSI-DSZ-CC-1153-V2-2021 20.05.2021 - Certification report for fiskaly Cloud Crypto Service Provider, Version 1.2.0
Security Target BSI-DSZ-CC-1153-V2-2021 20.04.2021 - Security Target for fiskaly Cloud Crypto Service Provider, Version 1.2.0
fiskaly Cloud Crypto Service Provider 1.0.4
Certificate BSI-DSZ-CC-1153-2021 05.03.2021 - Certificate for fiskaly Cloud Crypto Service Provider, Version 1.0.4
Security Target BSI-DSZ-CC-1153-2021 05.03.2021 - Security Target for fiskaly Cloud Crypto Service Provider, Version 1.0.4
Certification Report BSI-DSZ-CC-1153-2021 05.03.2021 - Certification report for fiskaly Cloud Crypto Service Provider, Version 1.0.4
SMAERS - "CSPL connection unit"
fiskaly Security Module Application for Electronic Record-keeping Systems 1.0.6
Certificate BSI-DSZ-CC-1130-V2-2021 03.12.2021 - Certificate for fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.6
BSI-DSZ-CC-1130-V2-2021 03.12.2021 - fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.6
Security Target BSI-DSZ-CC-1130-V2-2021 03.08.2021 - Security Target for fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.6.
Certification Report BSI-DSZ-CC-1130-V2-2021 03.12.2021 - Certification Report for fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.6
fiskaly Security Module Application for Electronic Record-keeping Systems 1.0.5
Certificate BSI-DSZ-CC-1130-2021 21.05.2021 - Certificate for fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.5
BSI-DSZ-CC-1130-2021 17.05.2021 - fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.5
Security Target BSI-DSZ-CC-1130-2021 21.05.2021 - Security Target for fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.5
Certification Report BSI-DSZ-CC-1130-2021 21.05.2021 - Certification Report for fiskaly Security Module Application for Electronic Record-keeping Systems, Version 1.0.5