Skip to main content

Middleware

The Middleware is fiskaltrust's core product. It is a freely available software solution that complements your POS System and provides the central service of issuing signatures for POS receipts and keeping track of both receipts and their signatures in its chained receipt datastore. It does so using the relevant and mandatory national signing mechanisms.

The Middleware is available for all supported countries and provides a single, standardized, and unified communication interface.

It features a REST-, gRPC- and SOAP-compatible interface for communication with POS Systems and is available for on-premise deployment on Desktop devices and Android, as well as an off-premise SaaS solution.

Security mechanism

The fiskaltrust.Middleware processes some of the most essential data fields on the receipt. The receipt number, serving as a unique identifier of a receipt transmitted by the cash register, is created by the fiskaltrust.Middleware to ensure that each receipt is properly processed.

Compliance is achieved through a combination of several methods and components.

First, the fiskaltrust.Middleware ensures that all receipts are processed by a third-party in addition to the PosCreator and PosOperator. This is the organizational implementation of security.

First, the fiskaltrust.Middleware ensures that all receipts are processed by a third party, in addition to the PosCreator and PosOperator. This represents the organizational implementation of security.

As the technical implementation of security, each request and response is hashed to ensure the integrity of the data. To guarantee immutability, another hash value is generated that relates to the entire request-response cycle. This includes the cycle identification, the time of operation, the human-readable document number, and the hash values of the request, response, and the previous receipt, called the document hash value. This concatenation of the receipt hash value provides immutability and the ability to detect any changes or deletions in actions provided by the POS system.

receipt-chaining

To limit the risk of attacks on the chain originating from the last unlinked hash value, fiskaltrust provides a mechanism that mirrors the current data to the fiskaltrust cloud. This data mirror can detect attacks that would not be visible at the cash register itself.

As the final component of the security mechanism, the fiskaltrust.Middleware also provides direct implementations for all relevant market-related security mechanisms (e.g., smart cards and online signing in Austria, and all TSSs in Germany).

To remain open to different platforms and operating systems and to act as a stable interface to the POS system, the fiskaltrust.Middleware follows a strict architecture:

mw-architecture

The configuration container - identified by the unique CashboxId - can be integrated into various platforms and operating systems. The management of the configuration and status of these components is handled through the market-related fiskaltrust.Portal. The fiskaltrust security mechanism is provided by the Queue component and the SCU (Signature Creation Unit) component, which implements the market-related security mechanism requirements.

Country-specific variants

Wherever possible, fiskaltrust offers a cloud-hosted version of the Middleware to simplify the rollout process. Using this product, the Middleware doesn't need to be installed on-site, drastically reducing the installation effort. Please select the market you're interested in below for further details.

SignatureCloud

SignatureCloud is fiskaltrust's SaaS Middleware platform.

It offers the same features as a locally hosted Middleware instance but without needing to install or maintain any software on your side. Your POS System requires a working Internet connection, which can communicate with SignatureCloud over an encrypted, HTTPS-secured connection.

More details