Advicero Nexia
Home / Blog / KseF ABC part 2

KseF ABC part 2

In the first part of our KSeF ABC lexicon, we presented you terminology concerning issuance and validity of e-Invoices. This time, we would like to introduce you terms regarding login and authorization.

If you have not yet read the first part of KSeF ABC, you can find it here.

1. KSeF application – KSeF application for taxpayers is a tool which enables taxpayers to access issuing, receiving, and viewing e-Invoices, managing KSeF access, checking the status of e-Invoices, downloading Official Confirmation of Receipt (UPO) i.e., certification of correct acceptance of an e-Invoice by the tax authorities and preview of an e-Invoice without the need to login (so-called anonymous access to e-Invoices).

2. Environment versions – Ministry of Finance shared test version, demo version and pre-production version of KSeF for the use of taxpayers. As the names indicate, the aim of these versions is for taxpayers to be able to test KSeF before it becomes obligatory. The test version enables the taxpayers to login  to KSeF with any data and issue test e-Invoices which do not have any legal consequences. In the demo version, taxpayers login with real data and can issue e-Invoices without any legal consequences. The pre-production version allows login with real data and issuing e-Invoices with legal consequences.

3. Authentication – Obligatory identity confirmation before accessing one’s KSeF profile. The authentication process demands using one of the 4 available tools: trusted profile, electronic signature, electronic seal, or token.

4. ZAW-FA – The form used for granting, changing, or revoking access permissions for the first individual to use KSeF which must be submitted in paper form to the appropriate tax authority, in the case of entities that do not have the ability to authenticate through one of the authentication methods.

5. Primary permissions – Default permissions to KSeF granted to sole traders. Through primary permissions, the taxpayer can assign and revoke permissions to other individuals and entities, as well as issue and view invoices.

6. Secondary permissions – Permissions granted by the taxpayer to other individuals or entities enabling them to use KSeF, such as issuing and receiving invoices, viewing invoices, and correcting them.

7. Qualified electronic seal – The digital equivalent of a company stamp, containing the name and tax identification number (NIP) of the entity. The most characteristic feature of an electronic stamp is that legal entities, such as companies, organizations, or institutions, can use it. In the case of an electronic signature, it is used by individuals and serves as their signature.

8. Qualified electronic signature – A tool used for creating electronic signatures, which hold the same legal validity as a handwritten signature. It is certified with a special qualified certificate that enables verification of the person signing the document.

9. ePUAP – Electronic Platform of Public Administration Services is a portal which enables citizens, entrepreneurs, and public institutions to access administration services through Internet. The website provides the opportunity to handle official matters from any place, at any time. Public authorities are obligated to accept documents in electronic form (submission of applications and requests, as well as other actions in electronic format). The ePUAP platform enables public institutions to meet this requirement by freely providing the Electronic Inbox (ESP).

10. Token – A unique string of 40 digits generated by KSeF for a specific organization and defined authorization scope (e.g., for issuing invoices). To generate the token, an authorized individual must access the Ministry of Finance’s KSeF webpage, provide the organization’s tax identification number (NIP) for which the token will be generated, and undergo authentication using a trusted profile, electronic signature, or electronic stamp. The authorization token allows logging into the KSeF system and integrating it with one’s own accounting system, thus avoiding the need to log in to KSeF each time. However, it’s important to note that the token is not used for initial authentication.

We hope that the second part of the lexicon helped you understand how KSeF functions. In the third part of our KSeF ABC, we will introduce concepts such as internal and aggregate identifiers, self-billing, SAF-T, or Electronic Invoicing Platform (PEF).

If you have any questions related to KSeF or need our support in this area and beyond, we warmly invite you to contact Advicero’s specialists.