INSIKA

from Wikipedia, the free encyclopedia

INSIKA stands for integrated security solution for measured value processing POS systems . It is a system for protecting the digital records of cash transactions against manipulation by means of cryptography (especially in cash registers and taximeters ). It is an alternative to conventional fiscal storage systems. The system was developed in a project led by the Physikalisch-Technische Bundesanstalt (PTB). The overall concept and the specification of all interfaces are fully disclosed.

Functional principle and goals

The manipulation protection is based on a digital signature that is generated by a smart card issued by an authorized central point . The data protected with the signature cannot be changed undetected. In the event of manipulation or complete loss of the data, it is possible to determine the total sales once signed using the summation memory on the smart card. The solution does not require any essential technical requirements for cash registers or taximeters and consequently no type approval or certification . The system was designed in such a way that it can be integrated as simply and inexpensively as possible and requires as little intervention as possible in the market. The functional principle of INSIKA should also prevent the use of complex manipulation processes such as zapper software . In contrast to the current legal and technical situation, a taxpayer could prove the formal correctness of his cash register data for the first time.

Technology in detail

Parts of the description are based on the illustration INSIKA: Cryptographic manipulation protection for cash registers and taximeters .

Smart card

Commercially available smart cards are used to secure a cash register or taximeter, but they are equipped with special software. If the INSIKA system is required by law, the smart cards should be procured by the tax authorities in an open tendering process and issued to taxpayers upon request. The smart card is connected to the device to be protected using a card reader or integrated into the device. The software of the cash register or the taximeter must control the smart card accordingly and guarantee the printing and storage of the data. Additional changes to the cash register or taximeter are not required. According to the project consortium, a large number of the cash registers and taximeters on the market can be retrofitted without great expense.

Signatures

A key element of the solution is the use of digital signatures. With digital signatures it can be determined with certainty that the data originates from a specific person or a system (here: a very specific cash register or taximeter) and that the data has not been changed since the signature was created. In the INSIKA system, as in most other applications with high security requirements, smart cards are used to generate the signatures. ECDSA is used as the signature algorithm because it provides relatively short and quickly calculated signatures.

supporting documents

Printed receipts and the associated electronically stored bookings are provided with a digital signature. This signature is calculated by the smart card. The smart card also has an internal counter with which a unique and consecutive number is assigned to each booking and the associated printed receipt. In addition, summation memories are managed in the smart card. These record the total sales in such a way that essential key figures (monthly sales, negative postings, etc.) can be determined in the event of the loss of stored data. The generation of the signatures and the management of the sequence counter and total memory are linked in the smart card in such a way that the generation of a signature for the printout simultaneously triggers the allocation of a new sequence number and the updating of the total memory. With the obligation to issue receipts with valid signatures, the correct recording of the data is ensured, since all further steps are enforced by linking the various functions within the smart card.

When used in taximeters, online data transmission was provided as a control option instead of generating receipts. Here, the correct use of the system is checked by checking the transaction data on a server and not by means of printed receipts.

exam

For the INSIKA solution, essentially only transaction data are saved, which taxpayers are already obliged to keep due to the BMF letter of November 26, 2010 at the latest. Only the signature is new. Adaptation to different types of data to be saved is possible via so-called profiles - currently there are profiles for cash registers and taximeters.

A check of the cash register data uses the saved and signed bookings. Since this data cannot be changed undetected, manipulations remain ineffective (also through conceivable manipulation functions deliberately integrated into a cash register). The checking of the recorded data can be automated to a large extent.

Reviewing printed receipts only requires information that is on the printout. It is not necessary to use the saved booking data. This makes it easy to check with every printed receipt whether it was created by a cash register with a valid smart card. Every incorrectly created invoice with no or invalid signature proves manipulation. With a 2D code on the printout, a receipt can be checked practically fully automatically.

Cost and impact on the market

Classic fiscal storage solutions are based on a mechanical protection of a storage device for the data to be protected, the secrecy of technical details and on a number of complex requirements for the functionality of the cash registers. Compliance with the regulations is checked in a certification process. This entails high costs, reduces the range of functions and prevents further technical developments (since every change requires recertification). It is difficult to check that it is being used correctly because the receipts do not have any security features. At the same time, the level of security no longer corresponds to today's standards. In recent years, the classic fiscal systems have been supplemented with cryptographic functions, but have not been redesigned. This has resulted in complex solutions, but they do not eliminate the elementary disadvantages.

INSIKA was designed in such a way that only minimal requirements have to be made. Correct use can be monitored via the signed documents and signed data without the need for specifications for the type of system and certification of compliance with the specifications. Innovations in the field of cash registers and taximeters are therefore not hindered. Since the competition between the manufacturers of cash registers and taximeters is not hindered due to the low costs of smart cards, INSIKA is associated with significantly lower costs than alternative systems.

history

In the 2003 annual report of the Federal Audit Office (BRH), the threat of tax losses running into billions due to the possibility of manipulation in modern cash registers was pointed out. Data stored in cash registers could be changed in many systems without leaving the slightest trace. Remedy is urgently needed.

That is why the Federal Ministry of Finance (BMF) worked in two federal-state working groups to develop a technical concept for securing the data generated in cash registers and taximeters. Together with several partners from industry, the PTB developed the necessary technical solution as part of the INSIKA project. This project was funded by the Federal Ministry of Economics and Technology .

In July 2008, the legal basis required for the introduction of the system was to be created within the framework of the Federal Government's Action Program for Law and Order on the Labor Market. However, the relevant passages were removed from the draft before the start of the legislative process. In the brief public discussion during this time, the terms “control chip” or “fiscal chip” were used instead of “INSIKA”.

On November 26, 2010, the BMF published a letter on the “Storage of digital documents for cash transactions”. This removes earlier relief for the recording of cash register data and basically requires the electronic recording of individual transactions, so it applies the GoBS and GDPdU to cash registers without restriction. An unchangeable storage of the data is required, however, without making concrete specifications and defining the necessary technical and legal framework conditions. The BRH's requirements have not been met.

The INSIKA project was nevertheless continued according to plan. As early as 2008, working prototypes of the smart cards used were available and were successfully tested in laboratory and practical tests. The project was successfully completed in February 2012. The INSIKA concept has been supported by ADM e. V. (User Association of Decentralized Measurement Systems) supported and further developed.

Following another initiative by NRW Finance Minister Norbert Walter-Borjans in April 2014, the Federal and State Finance Ministers ' Conference decided in May 2014 to pursue the issue further.

According to a report by Spiegel , the Federal Ministry of Economics and the Federal Ministry of Finance want to prevent the introduction of Insika. The motive is reported from an unnamed state ministry that Gabriel and Schäuble would probably prefer to operate economic development through the back door for the industries stricken by the minimum wage. The PTB, which is subordinate to the Federal Ministry of Economics, also states that the project has been completed. The mirror further writes:

“Even the Wikipedia entry on Insika was subsequently changed from a PTB computer. Suddenly there was a hint: Insika will not be pursued. "

In March 2016, the Federal Ministry of Finance announced another legal solution, although it spoke out against the INSIKA procedure. The law passed in December 2016 to prevent manipulation of basic digital records does not make any statements on this question, but according to the reasons for the law in the government draft, it provides for the use of components of the INSIKA process with modifications.

In Austria, the introduction of INSIKA was proposed in the “Report of the Tax Reform Commission 2014”. In July 2015, as part of the Tax Reform Act 2015/2016, the National Council decided on a cash register obligation (from January 1, 2016) and an obligation to use a technical safety device (from January 1, 2017). The technical security device is described in the Cash Register Security Ordinance. The procedure is based on INSIKA, but deviates from it in many details.

Practical use

The technology is currently (as of March 2014) used in two projects (in Hamburg and Berlin) to secure taximeter data, after the INSIKA concept was transferred to the taxi environment from 2010. The system is used in over 2,000 taxis in Hamburg. INSIKA smart cards are available from D-Trust (subsidiary of Bundesdruckerei ) for these applications .

The INSIKA architecture (but not the exact implementation) was also adopted as the core of the multiple delayed system for fiscal registers (“registreerd kassasysteem”), the so-called VSC (“VAT Signing Card”), which will be mandatory in Belgium from 2015 onwards - however associated with many, very complex technical and organizational requirements and additional requirements that are not required in the INSIKA system.

To what extent it will be possible to use it to meet the requirements of the German law on protection against manipulation of basic digital records is still open. In the explanatory part of the government draft it says:

"Due to the openness to technology, the certification process also enables the INSIKA smart card to be used as a security module in a technical security device, provided that the legal requirements are met."

Motivation for the project

The demand for the introduction of the INSIKA system (or another fiscal storage system) is based on the assumption that in certain industries with a high proportion of cash transactions, taxes ( sales tax and income taxes ) and social security contributions (through undeclared work ) are evaded to a significant extent . There are no unambiguous verifiable numbers for this, but estimates and reports on individual cases (e.g. on the discoveries of manipulation software , so-called zappers ). The Federal Court of Auditors speaks of considerable potential for tax losses: “In cash transactions in the multi-digit billions, there is a risk of unpredictable tax losses. ... The Federal Ministry of Finance shares the opinion of the Federal Audit Office. "

Since the immutability of digital recordings required in § 146 Paragraph 4 AO without officially recognized technical safeguards cannot be proven by taxpayers due to the principle involved (with the possible consequence that according to § 158 AO the bookkeeping is not recognized as a tax base and an estimate as well as a tax and Criminal proceedings), the INSIKA system could create legal certainty here. A correspondingly safe and legally sound alternative cannot be achieved without this technical security. The result is also confirmed by the new GoBD of November 14, 2014. This means that the digital records are usually not unchangeable in accordance with § 146 Abs. 4 AO.

Tax evasion assessment

The NRW Ministry of Finance estimates the annual tax loss in Germany in all cash-intensive industries at “up to 10 billion euros”. There are only a few publications on the subject. Two rough calculations based on official figures:

  • An estimate by the tax authorities of Québec is for the fiscal year 2007/2008 (this differs from the calendar year in Canada) of tax evasion of approximately 830 million dollars (417 million dollars in provincial taxes and another comparable amount of taxes that are to be paid to the state of Canada) only in restaurants and only for the province of Québec (approx. 8 million inhabitants). Of this, 133 million is attributable to the provincial sales tax , which is around 10%. So sales must have been cut by around $ 1.3 billion. The stated turnover of the industry in Québec in 2008 was around 9.2 billion dollars ( assuming missing data for special food services and drinking places analogous to the distribution for Canada as a whole). The actual turnover must have been around 10.4 billion, which results in a reduction rate of around 12.5%. If this quota is transferred to Germany with an annual turnover of the catering trade as well as of leased canteens and caterers in 2013 of 48 billion euros and an assumed tax rate of 40%, this would mean evaded taxes and duties of around 2.4 billion euros in this industry. If one were to transfer the per capita amount (830 million Canadian dollars with 8 million inhabitants) directly to Germany, this would result in a tax loss of around 6 billion euros for restaurants, leased canteens and caterers.
  • After the introduction of a mandatory safety device for cash registers in Sweden, the tax authorities published an analysis of the effects on all branches with cash transactions. This analysis comes to the conclusion that the introduction would lead to at least 1% higher declared sales in cash transactions in Sweden (equivalent to 3 billion Swedish kronor, i.e. around 300 million euros). In the study, however, declared sales were 7% higher - the reduction to 1% in the conclusions is apparently arbitrary and is not justified plausibly. If you take the 7% as a basis, there are around 2 billion euros in additional tax income for Sweden. In addition, it was determined in the course of controls that approx. 9% of sales are not registered - the very low density of controls certainly plays a role here (less than once every two years per company). If one calculates for Germany with a turnover of 500 billion euros in industries with a significant share of cash (retail and hospitality together are already above this value), an increase in the declared turnover of only 5% with a tax rate of 40% would lead to a 10 billion euros reduction in taxes.

literature

  • Höft, Danelsing, Grams, Rook: Estimation of tax bases . Schäffer-Poeschel, Stuttgart 2014, ISBN 978-3-7910-3207-8 .
  • Erich Huber: Cash registers and cash register systems in tax law. LexisNexis, Vienna 2012, ISBN 978-3-7007-5360-5 .

Web links

Individual evidence

  1. INSIKA flyer. (PDF; 714 kB) INSIKA project website, accessed on September 1, 2014 (published under a Creative Commons license).
  2. BMF letter of November 26, 2010. (No longer available online.) Federal Ministry of Finance, archived from the original on August 25, 2012 ; Retrieved November 21, 2012 .
  3. a b Comments 2003. (PDF; 2.1 MB) (No longer available online.) Bundesrechnungshof, November 25, 2003, pp. 31–32, 197–198 , archived from the original on September 27, 2007 ; Retrieved November 21, 2012 .
  4. a b NRW wants to stop tax evasion at the cash register. (No longer available online.) Ministry of Finance NRW, April 3, 2014, archived from the original on April 8, 2014 ; Retrieved April 7, 2014 .
  5. ^ Initiative against tax evasion. WDR, accessed September 1, 2014 .
  6. Michael Fröhlingsdorf: Everything is brought up . In: Der Spiegel . No. 6 , 2015, p. 36-38 ( Online - Jan. 31, 2015 ).
  7. David Böcking: Fight against sales tax fraud: A cash register for itself. Der Spiegel, accessed on March 18, 2016 .
  8. a b Law on the protection against manipulation of basic digital records. (PDF) In: Federal Law Gazette. Federal Gazette, December 28, 2016, accessed on January 26, 2017 .
  9. ^ Draft of a law to protect against manipulation of basic digital records. (PDF) Federal Council, August 12, 2016, accessed on January 26, 2017 .
  10. ^ Report of the Tax Reform Commission 2014. (PDF) (No longer available online.) Austrian Federal Ministry of Finance, pp. 174–187 , archived from the original on December 22, 2014 ; accessed on December 22, 2014 .
  11. National Council fixes tax reform: the population is relieved with € 5 billion. (No longer available online.) Parliament of the Republic of Austria, archived from the original on July 10, 2015 ; Retrieved July 10, 2015 .
  12. Analysis of the Austrian Cash Register Security Ordinance of September 1, 2015. (PDF) ADM eV, accessed on March 18, 2016 .
  13. Funding for taximeters in Hamburg. (No longer available online.) City of Hamburg, traffic trade supervisory authority, archived from the original on February 22, 2013 ; accessed on January 31, 2013 .
  14. ^ Hamburg: Proud balance for fiscal taximeters. taxi today, accessed on March 27, 2015 .
  15. Geregistreerde kassa's. (No longer available online.) Federale Overheidsdienst Financien, archived from the original on September 3, 2014 ; Retrieved February 8, 2013 .
  16. ^ Draft of a law to protect against manipulation of basic digital records. (PDF) German Bundestag, p. 14 , accessed on July 6, 2017 .
  17. Huber, Reckendorf, Zisky: The immutability of the (cash) bookkeeping according to § 146 Abs. 4 AO in the IT age and INSIKA . In: BBK . 12 to 14 NWB Verlag, 2013.
  18. ^ Quebec's Sales Recording Module (SRM): Fighting the Zapper, Phantomware, and Tax Fraud with Technology. (PDF; 522 kB) Canadian Tax Journal, 2009, p. 718, footnote 4 , accessed on November 21, 2012 .
  19. ^ Food services and drinking places (Quebec). Statistics Canada, accessed August 3, 2015 .
  20. Figures I / 2015. (PDF) DEHOGA , May 21, 2015, p. 11 , accessed on August 3, 2015 .
  21. ^ Requirement of cash registers - Impact evaluation. (PDF) Swedish Tax Agency, 2012, accessed July 31, 2015 .