Skip to content

TR-03153 - discovered, explain

BSI TR-03153

KassenSichV: Certified technical security equipment (TSE) is mandatory

In order to protect electronic cash register systems from such unauthorised tampering, the integrity, authenticity and completeness of the corresponding data must be guaranteed. This is made possible by the use of a technical security device (TSE), which protects and stores the data to be recorded. This must be certified in accordance with BSI TR-03153.

What is the BSI TR-03153?

The TSE is the central technical component for protecting basic records against subsequent manipulation. TR-03153 specifies which requirements it must fulfil, for example with regard to logging, storage or system functions.

The TSE basically consists of three components:

  1. A security module for creating signatures: This ensures that cash register entries are logged and electronically signed at the start of the recording process. This means that they can no longer be manipulated unnoticed at a later date.
  2. A non-volatile storage medium: The individual records are stored on this temporarily or for the duration of the statutory retention period.
  3. A standardised digital interface (API): A distinction must be made here between an optional standardised input interface and a mandatory standardised export interface for archiving or a cash register audit.

The electronic recording system transmits the data to be secured to the TSE step by step via the input interface. The security module then assigns a unique consecutive transaction number, records the start, additions and end of the transaction and generates check values (signatures) with consecutive signature counters. The transaction data obtained in this way is ultimately stored on the storage medium. The saved data can be retrieved in a standardised format via the (export) interface for archiving or a cash register audit.

More information from the BSI
Electronic cash register systems

Special features of BSI TR-03153

  • Since 2020, a TR certificate must prove that the TSE fulfils the requirements of the Technical Directive.
  • The security module of the TSE must be evaluated and certified according to the Common Criteria (CC). As part of this CC certification, conformity with the protection profiles [BSI PP-CSP] and [BSI PP-SMAERS] must be demonstrated.
  • Challenges for tax audits: The tax office sees an increased risk of tax fraud, especially in transactions with cash payments. This is because manipulation of the records can only be detected with a great deal of effort without appropriate protective measures. In order to protect electronic cash register systems from such unauthorised interference, the integrity, authenticity and completeness of the corresponding data must be guaranteed. If necessary, tax authorities can demand this data and check it for completeness and accuracy.

We will support you – no matter what

Get started at last!

We advise you

TÜV NORD IT Secure Communication I Berlin
To the consulting services Contact us
Goal achieved?

We check that

TÜV Informationstechnik I Essen
To the test offers Contact us

Frequently Asked Questions (FAQ)

What you need to know about BSI TR-03153

The technical security device (TSE) is the central technical component for protecting the basic records of cash register systems against subsequent manipulation.

The TSE has three basic components:

  • A security module for creating signatures: This ensures that cash register entries are logged and electronically signed at the start of the recording process. This means that they can no longer be manipulated unnoticed at a later date.

  • A non-volatile storage medium: The individual records are stored on this temporarily or for the duration of the statutory retention period.

  • A standardised digital interface (API): A distinction must be made here between an optional standardised input interface and a mandatory standardised export interface for archiving or a cash register audit.

The KassenSichV applies to all electronic or computerised cash register systems or cash registers that are used for the sale of goods or the provision of services, as well as electronic recording systems that specialise in their billing and have a "cash register function".

Electronic recording systems have a cash register function if they can be used to record and process at least partially cash payment transactions. This also applies to comparable electronic forms of payment used on site (e.g. cash cards, virtual accounts or bonus point systems from third-party providers) as well as vouchers, credit cards, receipts and the like accepted instead of cash.

It is not necessary to have a storage facility for the managed cash stock (e.g. cash drawer).

From January 2020, there is a general obligation to use an electronic recording system with certified technical security equipment. If companies have already started to make the necessary technical adjustments and upgrades before 31 December 2019, the non-objection rule also applies.

An exception applies to cash registers that were purchased after 25 November 2010 or before 1 January 2020 and meet the requirements of the Cash Register Directive. If these cannot be upgraded due to their design, they may continue to be used until 31 December 2022 at the latest.

For companies that began making the necessary technical adjustments and upgrades before 31 December 2019, the Federal Ministry of Finance's non-objection rule applies. In this case, no objections will be raised until 30 September 2020 if electronic recording systems do not yet have a certified technical security device.

Neither cash register systems or cash registers nor their software are certified. Only the installed or remotely connected TSE is certified.

What you need to know about CC certifications from the TSE

Proof of the security requirements must be provided by means of security certifications in accordance with Common Criteria with the following protection profiles:

For cloud-based solutions, the CSP component can be operated centrally in a secure data centre. If a sufficiently high physical and organisational security level for the data centre is demonstrated, security certification can alternatively be carried out in accordance with the following protection profiles:

As part of the introductory phase, the BSI allows a limited transition phase for certification. During this transition phase, a CC certification of the security module that has not yet been completed in accordance with the PP-CSP protection profile can be replaced by a favourable opinion from the BSI.

Further information can be found on the website of the BSI.

The actual certification is carried out by the BSI as the certification body. However, the basic prerequisite for this certification is testing by a recognised testing body such as TÜViT. The test is supervised by the BSI and the certificate is issued accordingly if the result is positive.

An overview of other frequently asked questions and answers can be found on the BSI website.

The certificates for a TSE are usually limited to five years. They can be extended by means of a reassessment. If weaknesses are identified during the reassessment that can be rectified by a software update, recertification is necessary.

Haven't found what you're looking for yet?

A person passes a credit card over an EC device during the payment process.
HSMs and Secure Server
A woman works at a desk in a hardware laboratory.
Common Criteria
IT baseline protection