Digital Certificate
In order to comply with TicketBAI, the billing or POS system must be equipped with a software that generates an XML file for each transaction, signs it with a digital certificate and sends it to the corresponding Tax Authority.
The signature of the TicketBAI Files is carried out in the SIGN ES API signing component.
Each invoice will be chained to the previous one and the digital signature guarantees that the information is not tampered with. For this, a digital certificate provided by a Qualified Trust Service Provider (eIDAS QTSP) is required.
TicketBAI legislation allows the use of the following types of Digital Certificates:
- Device certificate
- Natural person or entity representative certificate
- Company seal
- Self-employed certificate
Why use our device certificate?​
At fiskaly, we've decided to implement a Device Certificate due to it's multiple advantages:
- It has been created exclusively for TicketBAI. It does not provide access to any other of the taxpayer's information within the Tax Authority.
- The taxpayer does not have to provide it's own private certificate.
- The signing and sending of the TicketBAI files can be done with the same certificate.
fiskaly’s SIGN ES API uses a Device Certificate provided exclusively for TicketBAI by Izenpe. The certificate is contained by each Signing Device object, but must be associated to the taxpayer’s NIF within the corresponding Tax Authority.
By performing the registration of fiskaly’s Device Certificate, the effort is minimized. However, the system allows for the introduction of a Device Certificate by the POS provider if required.
How do I register the device certificate?​
In order to send the TicketBAI Files to the Tax Authorities using a Device Certificate, the certificate has to be associated to the VAT Number (NIF) of the taxpayer who is issuing the invoices. This is a simple process done within the corresponding Tax Authority's website:
The taxpayer will have to log in to the Tax Authority's website, using their personal certificate. Once logged in, the Device Certificate's Number has to be informed, which will be provided by fiskaly or the POS provider.
The VAT Number (NIF) indicated must be associated with the Device Certificate used. If the taxpayer fails to inform the Device Certificate’s number to the Tax Authority, the mandatory sending of TicketBAI Files will result in rejection. This registration is the only required step to be performed on behalf of the taxpayer.
Due to the certificate type used, TicketBAI legislation does not allow for the creation of invoices by a third party or recipient. Only invoices created by the taxpayer indicated in the Signing component can be issued and sent to the Tax Authorities with a device certificate.