Export / Integrity Check
Introduction
The Fiscal Archive must be created at least once a year and may not contain more than 365 days. If the POS System does not rely on the EFSTA Cloud for archiving, it must regularly create the archive itself and store it in a revision safe manner.
To access EFSTA documentation in French for exporting the data archived and checking its integrity follow this link.
Note that the POS System end-user is obliged to provide all fiscal archives of the last 7 years (the current fiscal year plus 6 past years). The POS System end-user must prove that the archives have not been changed and have also been stored in an audit-proof manner.
This obligation can be transferred to the POS System Creator if the POS System end-user does not have direct access to the archives. For example, the POS stores the archives in its own memory and only grants access via the user interface.
If the archives are stored locally on the POS, the POS System end-user is obliged to restore the entire system with a regular backup in case of failure, theft or similar.
Access to archived data via EFSTA Portal
Connection to EFSTA Portal
Depending if the archive obligation relies on the POS System Creator or the POS System end-user, connect to EFSTA Portal using the appropriate Username and Password or by using an existing Microsoft or Google account.
Selection in organizational structure
As archiving can be seen per Location or Cash register terminal (EFR), make the selection within the organizational structure in the left side menu.
Data Export
Data export: Location level
On the “Locations” page in the EFSTA portal, select the location for which you need the data export. Then click on in the location level. A properties window will open in which you must click on the "Data sharing" tab. There you can select a period and create the data release.
A link to exported data and a key to decrypt the exported data are then created.
Copy the password then click on the link to access data.
The download will start. Kindly note that depending on the volume of data to be exported this action can take several minutes. Do not put the tab with the download in the background as it might get into the « Eco mode » which then stops the download.
Download in process
Download finished
Once download is finished, select from the drop down menu the Download type: Fiscal FR = export.xml, the journal containing all proof able document and record types as XML file FR Grand Totals = total.xml, the journal containing all month and year signatures since start of recording (this data is never purged) as XML file FR Journal Archive - .json
Once download type selected in the drop down menu, past the previously copied password and click “OK”.
Downloaded files will be saved by default in “download” folder on local computer.
Data export: EFR level
Search in the efsta portal under "Fiscal Register" for the EFR for which an export is required. click on – a properties window opens. In the properties window, select the "Data Sharing" tab. You can now select the period for which you want to create the export. On the “Fiscal Register” page in the EFSTA portal, select the EFR for which you need the data export. Then click on in the EFR level. A properties window will open in which you can select a period and create the data release.
A link to exported data and a key to decrypt the exported data are then created.
Copy the password then click on the link to access data.
The download will start. Kindly note that depending on the volume of data to be exported this action can take several minutes.
Download in process
Download finished
Once download finished, select from the drop down menu the Download type: Fiscal FR = export.xml, the journal containing all proofable document and record types as XML file FR Grand Totals = total.xml, the journal containing all month and year signatures since start of recording (this data is never purged) as XML file FR Journal Archive - .json
Once download type selected in the drop down menu, past the previously copied password and click “OK”.
Downloaded files will be saved by default in “download” folder on local computer.
Content of the export
- export.xml: the journal containing all proofable document and record types as XML file
- total.xml : the journal containing all month and year signatures since start of recording (this data is never purged) as XML file
- .json
- audit.csv: the journal containing audit events (JET) as CSV file
Detailed naming of data file item as well as coding values of the headings used can be found in Chapter Contents of exported files.
Access to archived data on local computer
To access data on EFR locally, use a browser interface to http://localhost:5618/control
Export fiscal data
To export the journal containing all proof able documents and record types as XML file select the period for which you want to create the export and click on “Commence”.
Downloaded files will be saved by default in “download” folder on local computer.
Export Grand totals
Click on “Commence” to export the journal containing all month and year signatures since start of recording (this data is never purged) as XML file.
Downloaded files will be saved by default in “download” folder on local computer.
Export audit events
Click on “Commence” to export the journal containing all month and year signatures since start of recording (this data is never purged) as CSV file.
Downloaded files will be saved by default in “download” folder on local computer.
Export fiscal data, grand totals and audit events as .zip
You also have the possibility to download fiscal data, grand totals and audit events as .zip. To do so, select the period for which you want to create the export and click on “Commence”.
Downloaded zip folder will be saved by default in “download” folder on local computer.
Content of the export
- export.xml: the journal containing all proof able document and record types as XML file
- total.xml : the journal containing all month and year signatures since start of recording (this data is never purged) as XML file
- audit.csv: the journal containing audit events (JET) as CSV file
- Jou zip folder:
- 0000.jou
- 0001.jou
- 0002.jou
- 0003.jou
The number of files depends on the amount of transactions made. EFR will include 1.000 transactions within one journal (*.jou) file then a new file will be created. In the example are three files with 1.000 transactions at each file and the last file will still store transactions. Detailed naming of data file item as well as coding values of the headings used can be found in Chapter Contents of exported files.
Integrity verification tool
Verification Tool "proof.js"
The EFR itself includes methods to check the integrity of the archive/journal. This tool "proof.js" can be copied from /ProgramData/EFR/app/FR/web/proof.js or downloaded from http://localhost:5618/control/proof.js or from EFSTA Cloud Portal or the check can be done directly at the EFR “controle” page.
It verifies the content of data export files by:
- verifying signatures
- checking the signature chain per DataType
- check file hash
To test the effectiveness of proof.js use a text editor to manipulate a signature value in the input file – proof.js will detect signature and file hash invalidity.
Proof.js error codes:
| Code | Severity | Description | Exit |
|---|---|---|---|
| #FILENAME | abort | Filename to be specified as start parameter | 2 |
| #OPEN | abort | Cannot open file specified | 3 |
| #FORMAT | error | Line is not a valid XML element | 1 |
| #ERROR | error | Unexpected runtime error | 1 |
| #ES256 | error | Incompatible input file (“alg“:“ES256“ expected) | 1 |
| #EC | error | Incompatible curve (NIST P-256 expected) | 1 |
| #CHAIN | error | “Payload“: predecessor signature mismatch | 1 |
| #CERTIFICATE | error | “_“:“certificate“ missing | 1 |
| #PAYLOAD | error | “Payload“: missing in line | 1 |
| #SIGNATURE | error | “Signature“: missing in line | 1 |
| #VERIFY | error | Line signature verification failed | 1 |
| #SIGN | error | “Signature“: invalid length (base64url 86 bytes) | 1 |
| !CONTINUED | warning | First “Payload”: with unknown predecessor signature | 0 |
Journal File Verification "proofjou.js"
This program is automatically contained in jou*.zip when an export of local journal archive is performed (alternatively run from …/ProgramData/EFR/app/FR/web) or when entering the EFR on localhost:5618/.
Checks performed on .jou files:
- file checksum
- structural integrity
- gap lessness of sequence number SQ
- signature chain per DT
- signature verification against fiscal.cer
- in –expert mode analysis of transaction amounts
- and gap lessness of TN, DN per DT
proofjou.js errors and warnings
Following errors (#...) and warnings (!...) may be reported:
| Code | Name | Description |
|---|---|---|
| #LIC | File checksum error | May be caused by exception during operation or modification |
| #PARSE | Data parsing error | May be caused by execption during |
| #AUDIT | Audit message | Important selfcheck event |
| !INCR | Number not incremental | Regarding SQ, TN or DN; possibility caused by operation exception |
| !DIFF | Recalculation difference | Within transaction or against GT |
| ?CONTINUED | Chain continuation | Signature chain continued from previous transaction |
| #CHAIN | Chain broken | Possibility transaction missing in signature chain |
| #FORMAT | Format error | Cannot verify signature |
| #VERIFY | Signature invalid | For payload given using fiscal.pem |
| #HASH | File modified | File content has been modified resulting in a hash mismatch |
Program exit code is 1 in case of errors.
How to check integrity of exported data
- Download the file(s) to check by selecting the right download type and the right time range
- Select one of the proof methods you want to use. Recommendation here is to use the localhost method when using a system where you can access EFR and where you can see the webpage. Most Linux systems do not provide access to that screen, so therefore the download of the proof.js would be the better solution. After the download a readme.txt file will be within the download packet, please read this file first, it contains the manual of checking files.
- Method with EFR screen described
-
Local export from EFR
- Open any internet browser and access EFR (http://localhost:5618)
- Download the export.xml file
- In the line xml proof – add the downloaded file and click on “verifier”
- The result of the check will be seen right after the check
-
Export from the efsta Cloud
- Open any internet browser and access the efsta Portal
- Select the EFR where you have to provide the data as mentioned above as well as the proof.js file that is also provided at the exports
- Download the export.xml file and proof.js (from the efsta cloud or from local EFR) by downloading the “FR Journal archive” you get additionally the possibility to download the readme.txt for explanation by downloading the “FR Grand Totals” and/or “FR Fiscal” the proof.js can be downloaded as it can check both files.
- Depending on the operating system you might need the proof.js file (if node modules are not installed locally).
- Open command (cmd) and enter the installation path ot the node installation (like node.exe) then the proof.js and the path of the file that should get checked. Example:
C:\Users\efsta\Desktop\Test FR>C:\ProgramData\EFR\app\node.exe proof.js total_001_1.xml
If node modules are already installed, it would be enough to enterC:\Users\efsta\Desktop\Test FR>node proof.js total_001_1.xml - The result of the check will be seen right after the check
-
Contents of exported files
export.xml
Example export.xml:
Record Types and Fields:
| Type | Field | Description |
|---|---|---|
| source | File created by… | |
| format | “export“ | |
| name | Generator program name (“EFR“=EFSTA Fiscal Recorder) | |
| version | Program version | |
| issuer | System id | |
| EFR | Unique EFR id | |
| RN | Register Number (for multiclient EFR, “def” by default) | |
| time | Time of generation | |
| D | Date/time | |
| Time offset | In Online mode offset to cloud time (ms) | |
| cert | Local signing certificate | |
| alg | JWT hash and signature algorithm according to RFC7519 “ES256” required | |
| Public Key | Signature public key | |
| cfg | Sales header (cf Header and Issuer Data) | |
| fis | Fiscal record | |
| SQ | Journal SeQence number | |
| DT | Document Type | |
| Payload | Signature payload | |
| Signature | Signature (base64url) | |
| Per | For month/year grand totals | |
| signature | File signature | |
| Payload | File data hash up to this line (sha256 base 64) Canonicalization: all characters except \r and \n, plain ASCII | |
| Signature | Signature (base64url) | |
| Readme | Textual description how to proof the file | |
| info | Text line |
Tables of data recorded, archived, secured and restored
Header and Issuer Data
| Field | ESR references |
|---|---|
| Unique document identifier in Database | ESR.TL/TT/TN |
| Unique document number | ESR.DN |
| Software version | Cfg.Trm.Version |
| Number of prints | persisted in dat/reprint.dat |
| Name of the issuer | Cfg.Cmp.Nam |
| Issuer's address | Cfg.Loc.Adr |
| Postcode of the issuer | Cfg.Loc.Zip |
| City of the issuer | Cfg.Loc.City |
| Country of the issuer | Cfg.Cmp.Ctry |
| Siret (France: institution number, 14 digits) | Cfg.Loc.FR_SIR |
| Code NAF / APE (France: 5 characters, 1 letter + 4 digits) | Cfg.Cmp.FR_NAF |
| Legal Form | Cfg.Cmp.FR_TYPE |
| Social Capital | Cfg.Cmp.FR_CAPITAL |
| Issuer’s RCS | Cfg.Cmp.FR_RCS |
| Trades Directory Registration number | Cfg.Cmp.FR_METIER |
| Intra-Community VAT number | Profile.TaxId |
| Salesperson code | ESR.Slp |
| Designation of the salesperson | ESR.SlpN |
| Input operator code (cashier) | ESR.Opr |
| Designation of the operator (cashier) | ESR.OprN |
| Input operator code (cashier) | Cfg.Trm.TT |
| Date and time of recording the document in Database | ESR.D |
| Type of operation (sale, cancellation, partial return, ...) | within Fis.Payload |
| Type of document : note (bill), receipt (ticket), proof of payment, ... | ESR.DT |
| Number of sales lines per document | ESR.PosC |
| Document produced by a special function (Training/School mode/…) | ESR.Test |
| Electronic Signature | Fis.Signature |
| Restitution of Electronic Signature | Fis.Tag[Sec] |
| Software name | Cfg.FR_LOG |
Line Data
Item positions are represented as array ESR.PosA within the transaction object. Fields required by certification in France which are not provided in the input data are computed:
| # | Field | ESR references |
|---|---|---|
| 1 | Unique document identifier in Database | ESR.TL/TT/TN |
| 2 | Unique document number | ESR.RTL/RTT/RTN, Pos.RPN or Pos.RTL/RTT/RTN/RPN |
| 3 | Line number | PosA.PN |
| 4 | Product/article code | Pos.IN |
| 5 | Product/article description | Pos.Dsc |
| 6 | Quantity of product/article per line | Pos.Qty |
| 7 | VAT code | Pos.TaxG |
| 8 | VAT rate | Pos.Prc |
| 10 | Tarif amount | Pos.Amt |
| 12 | Unit price incl. VAT | Pos.Pri |
| 14 | Discount rate (%) | Pos.ModPrc |
| 15 | Discount rate (%) | Pos.ModAmt |
| 16 | Total excluding VAT | Pos.NMAmt - "net modified Amt" |
| 17 | Total incl. | VAT Pos.MAmt - "modified Amt" |
| 18 | Quantity (possibly measured) | Pos.Qty |
| 19 | Unit of measurement | Pos.QtyU |
Summary Data
Tax breakdown and totals are added.
Summary by VAT rate – Array ESR.TaxA:
| # | Field | ESR References |
|---|---|---|
| 3 | Total amount excl. tax by VAT rate | Tax.Net |
| 4 | VAT code | Tax.TaxG |
| 5 | VAT rate | Tax.Prc |
| 6 | Amount of VAT | Tax.TAmt |
General Summary
| # | Field | ESR References |
|---|---|---|
| 3 | Total excluding tax of the document | ESR.NT |
| 4 | Total incl. VAT of the document | ESR.T |
| 5* | Total discount amount | ESR.ModT |
Payment Data
Payment records are represented in array ESR.PayA:
| # | Field | ESR References |
|---|---|---|
| 3 | Code of the method(s) of payment (credit card, cheque, cash, Ticket Restaurant...) | Pay.PayG |
| 4 | Name of the method of payment (credit card, cash, cash on delivery ...) | Pay.Dsc |
| 5 | References of the method(s) of payment of the invoice (No. cheque, type of credit card, etc.) | Pay.UID |
| 6 | Amount of the payment or customer's account | Pay.Amt |
| 18 | GDH timestamp of the payment recording | Pay.TS |
Traceability of duplicate documents
Journal:
Field mapping:
| # | Field | ESR References |
|---|---|---|
| 1 | Identifier of the duplicate | Fis.Tag["FN"] |
| 2 | Original document number | Fis.Tag["RFN"] |
| 3 | Type of original document (Invoice, Credit note, Down Payment, Pro Forma) | Part of RFN |
| 4 | Reprint number | Reprint.Cnt, Fis.Tag["ReprintCnt"] |
| 5 | Operator code issuing the duplicate | Reprint.Opr |
| 6 | Date and time of issue of the duplicate | Reprint.TS |
| 8 | Signature of the duplicate | Fis.Signature |
| 10 | Software version | Cfg.FR_LOG |
| 11 | Reason for issuing the duplicate | Reprint.Rsn |
total.xml
Grand Totals per day are triggered by a closure transaction ESR.NFS="Z" Month/Year Totals are created automatically with the first Z report in a new month (e.g. with closure on February 1st for January).
Journal example Daily Z Report:
Journal example Month/Year Totals:
Field mapping:
| # | Field | ESR references |
|---|---|---|
| 1 | Period ID | Z.Per |
| 2 | Amounts incl. VAT Breakdown by VAT rate | ZTax.Amt |
| 3 | Amounts excluding VAT broken down by VAT rates | ZTax.Net |
| 4 | Associated VAT rate | ZTax.Prc |
| 5 | Grand Total including VAT for the period | Z.T |
| 6 | Grand Total excluding VAT for the period | Z.NT |
| 7 | Perpetual Cumulative Algebraic Grand Total (GTPCA) | Tot.GT |
| 8 | Perpetual Absolute Value Grand Total (GTPVA) | Tot.GTabs |
| 9 | Date/Time Grand Total Periodic Recording | Tra.TS |
| 10 | Electronic Signature of the Grand Total Periodic | Fis.Signature |
| 11 | Grand Totals of multi purpose vouchers | Tot.GTvou |
audit.csv
audit.csv is a journal containing audit events. It can be download at any time following the process described above in this document. Some audit events are logged automatically by EFR and some are triggered by frontend application.
Audit.csv example
Audit code list
| Code | Code Title | Intitulé du code |
|---|---|---|
| 10 | Changing the continuous sequence management mode | Changement du mode de gestion de la séquence continue |
| 20 | Intermediate Fiscal archiving | Archivage fiscal de période |
| 30 | Fiscal year or fiscal period end archiving | Archivage fiscal d'année ou d'exercice |
| 40 | Stopping the terminal, disconnecting, logging off | Arrêt du terminal, déconnexion, fermeture de session |
| 50 | Period closing (Day/Month) | Clôture de période (Jour/Mois) |
| 60 | Annual or Fiscal period end closing | Clôture annuelle ou d’exercice |
| 70 | Start of degraded mode (offline, ...) | Début de mode degrade (hors connexion, …) |
| 80 | Starting up the terminal, connecting, logging in | Démarrage du terminal, connexion, ouverture de session |
| 90 | Detection of an integrity failure in secure data or in a fiscal tax archive | Détection d’un défaut d’intégrité dans les données sécurisées ou dans une archive fiscale |
| 95 | Detection of a break in the continuous sequence | Détection d'une rupture de la séquence continue |
| 100 | Start of execution of a special function | Début de l'exécution d'une fonction spéciale |
| 105 | End of execution of a special function | Fin de l'exécution d'une fonction spéciale |
| 110 | Data export | Exportation de données |
| 120 | End of degraded mode | Fin de mode dégradé |
| 123 | Forced data forwarding to the central system | Renvoi forcé de données vers le système central |
| 125 | Centralization of data after the end of the downgraded mode | Centralisation des données après la fin du mode dégradé |
| 126 | Adding a point of sale or a user workstation | Rajout d’un point de vente ou d’un poste utilisateur |
| 127 | Deletion of a point of sale or user workstation | Suppression d’un point de vente ou d’un poste utilisateur |
| 128 | Change of taxable entity using the software | Changement d’assujetti utilisant le système d’encaissement |
| 130 | User Authorisation/Rights Management | Habilitation d’utilisateur/Gestion des droits |
| 140 | Importing external data | Importation de données externes |
| 150 | Printer unavailable | Imprimante indisponible |
| 155 | Duplicate of a note (bill) | Duplicata d’une note |
| 160 | Accounting entries recording | Enregistrement des écritures en comptabilité |
| 170 | Treatment of cash register closure and balance | Traitement de fond de caisse |
| 180 | Generation of an export file for accounting entries | Génération d'un fichier d'exportation des écritures comptables |
| 190 | Cancellation of a receipt (ticket) | Annulation de ticket |
| 200 | Data purging | Purge des données |
| 205 | Partial purging of JET | Purge Partielle du JET |
| 210 | Data recovery from other software following system changes | Reprise de données d’autres logiciels suite à changement de systèmes |
| 220 | Restoration of a database | Restauration d’une base de données |
| 230 | Backup of a database | Sauvegarde d’une base de données |
| 240 | Follow-up of maintenance interventions | Suivi des interventions de maintenance |
| 250 | Installation of a new major version of the software | Installation d’une nouvelle version majeure du logiciel |
| 255 | Installation of a new minor version of the software | Installation d’une nouvelle version mineure du logiciel |
| 260 | Data Initialization | Initialisation des données |
| 270 | Evolution of compliance parameter | Evolution de paramètre de conformité aux règles |
| 280 | Start/end of tax audit | Début/fin d’opération de contrôle fiscal |
| 290 | Exchange with a chartered accountant (sending the FEC or the Z summation of the cash register) | Echange avec un expert-comptable (envoi du FEC ou du Z de caisse) |
| 295 | File transfer at the request of the administration | Transfert de fichier à la demande de l'administration |
| 300 | Parameter activation allowed and documented | Activation de paramètre autorisé et documenté |
| 320 | Abandonment of a commercial sale (transaction) not yet recorded | Abandon d’une opération de vente (transaction) commerciale non encore enregistrée |
| 323 | Cancellation/Modification of an article line | Annulation/modification d’une ligne d’article |
| 324 | Abandonment of a validated note (bill) | Abandon d'une note validée |
| 325 | Cancellation(s) of article(s) after order | Annulation(s) d’article(s) après commande |
| 326 | Return(s) of article(s) after a note (bill) has been issued | Retour(s) d'article(s) après une émission d’une note |
| 327 | Change to "offered" note (bill) | Passage en note « offerte » |
| 328 | Change to “offered” article | Passage d’article en « offert » |
| 329 | Unprinted note (bill). | Non édition d’une note |
| 330 | Initialization of period-end closing | Initialisation de la clôture de fin de période |
| 400 | Change of fiscal period duration | Changement de la durée de l’exercice |
| 410 | Change of data regarding the identification of the taxable company or agent | Changement de données affectant l’identification de l’assujetti ou du mandataire |
| 420 | Changing the method of payment after issuing the receipt (ticket) | Changement du mode de règlement, après émission du ticket |
| 430 | Change of table (in restoration) already assigned to a note | Changement de table (en restauration) affectée à une note |
| 440 | Transfer of the tax archive to an external medium | Transfert des archives fiscales sur support externe |
| 450 | Traceability of the change of the pair of keys used for the electronic signature | Traçabilité du changement du trousseau de clés utilisé pour signer |
| 900-999 | Editor function | Fonction éditeurs |