Navigation and service

Certification of technical security devices

Requirements for certification

Manufacturers of technical security devices of electronic record-keeping systems according to the Ordinance establishing the technical requirements for electronic recording and security systems in commercial transactions (Kassensicherungsverordnung) must prove that the technical security device complies with the interoperability requirements of the Technical Guidelines TR-03153, TR-03151 and TR-03116-5. Proof shall be provided by the following certification of conformity:

Furthermore, the manufacturer must prove that the technical security device meets the necessary security requirements. Proof must be provided by the following security certifications according to Common Criteria:

For cloud-based solutions, the CSP component can be operated centrally in a secure data centre. If a sufficiently high physical and organisational security level for the data centre is demonstrated, security certification can alternatively be provided according to the following protection profiles:

  • CC certification in line with the protection profile BSI-CC-PP-0105-yyyy (SMAERS) (protection profile currently in re-certification)
  • CC certification in line with the protection profile BSI-CC-PP-0111-2019 (CSP Light) in the configuration according to BSI-CC-PP-0113 (Time Stamp Service, Audit and Clustering)

The certificates issued by the certification body are limited to eight years and include the requirement to carry out a reassessment after five years.

Current information on products undergoing certification, provided the applicant has agreed to publication, can be found here.

General information on the certification of products can be found under Product Certification.

The certification obligation is limited to the technical security device with which the records of the cash register system are to be secured at the start of the recording process. Certification of the cash register (or cash register software) itself is not provided for.

Transitional arrangements for certification

As part of the introductory phase, the BSI allows a limited transitional phase for certification. Within this transitional phase, a CC certification of the security module in line with the protection profile PP-CSP that has not yet been completed can be replaced by a positive expert opinion by the BSI.

As a prerequisite for the assessment by the BSI, the manufacturer must provide the following evidence:

The assessment is carried out by the BSI and includes the security functions of the CSP relevant for SMAERS. For this purpose, the manufacturer must provide the BSI with the documentation required for a vulnerability analysis, in particular design information on the implementation of the cryptographic procedures including the source code, the user guidance of the certified hardware used, as well as suitable samples for performing penetration tests.

A positive expert opinion confirms that, based on an early vulnerability analysis, a sufficient level of security is achieved according to the state of the art, but that formally a successful CC certification according to BSI-CC-PP-0104-2019 (CSP) in the configuration according toBSI-CC-PP-0107 (Time Stamp Service and Audit) is not yet available. In addition, the expert opinion confirms that the technical security device certified in accordance with the transitional arrangement may be placed on the market for fifteen months.

This is a transitional arrangement for the introductory phase, which can be applied to CC certification procedures for which the completion of the certification procedure is planned by the end of the year in accordance with the schedule agreed with the certification body.