ELSTER Explanations Part III

Security technology and IT protection

In addition to compliance with all legal regulations and the correct handling of the data, ELSTER also ensures that the technical components guarantee the highest possible level of security.

According to GRADCHEM, ELSTER also provides detailed information on the encryption of the data using algorithms and three different authentication methods on the website.

The transparent explanation and explanation give the user the secure feeling that everything is being done to ensure that the data does not fall into the wrong hands.

SSL encryption

The ELSTER services are certified according to ISO 27001, so absolute security is guaranteed. In order to protect tax secrecy, all tax data is encrypted and transmitted by the user to the accounting center of the respective federal state.

Hybrid encryption based on the latest security technology is used.

With the help of a so-called SSL certificate, the user browser can check whether there is a secure connection to ELSTER and whether the data is actually being transmitted there. The SSL certificate ensures that a cryptographic key is bound to the ELSTER site.

Cryptographic algorithms

The algorithm is state-of-the-art and works like this: During the registration of the user, a random number is generated on the PC and sent in encrypted form to the ELSTER website.

This key is then only known to the PC and the ELSTER website. This way, only the two can communicate with each other. However, this is a disadvantage if the user wants to log in from another PC that ELSTER does not recognize.

Authentication

The authentication is used so that a user can identify himself to a specific program or application.

Name and password or email address and password are usually used for this. ELSTER uses the certificate file, a security stick or a signature card for authentication.

The electronic signature – means of authentication

ELSTER uses an electronic signature for user identification. This must not be confused with a real “signature”. It is created using individual PINS and saved on sticks or signature cards.

Until 2017, the definition for electronic signatures was defined in § 2 SigG. However, the law was repealed and replaced by Section 12 of the Trust Services Act (VDG) .

The certificate file for the ELSTER form – three variants, three prices

The certificate is created by ELSTER when you log in. The user can choose between the basic version with a high security level, which is saved as a file on the PC free of charge . This is completely sufficient for private users.

There is also the ELSTER Special Certificate on USB stick with an increased security level. However, this is no longer free and costs around 50 euros . However, the certificate is automatically renewed.

Then there is ELSTERPlus with an even higher security level and extended functions. This certificate comes on a signature card and costs around 150 euros . This level is particularly recommended for large companies.

ELSTER for companies

So far, the focus has mainly been on private individuals, but employers and entrepreneurs can also use ELSTER . The various options are explained by ELSTER on the information pages under the keyword “User groups.

Companies can use ELSTER for advance VAT registration, for the application for a permanent extension of the deadline, for registering the special advance payment, for the trade tax return , the sales tax return and the income tax return.

For this, a software available on the market that has an ELSTER interface is required.

The advance VAT return with ELSTER

The advance VAT return can be selected on the ELSTER form page and is only available for companies. Once clicked, the calendar year is already available for selection in the mask. If you work with other software products, you can upload an XML file from this provider here.

Income surplus calculation

For users who do not need double bookkeeping ( small business owners ), the creation of the income surplus calculation is also available in the forms.

Until 2016, an informal profit determination could still be sent to the tax office. However, the EÜR has been used since 2017. You can first create this with an EÜR template and then send it electronically to the tax office via authentication!

If you only have business expenses, you don’t need to use the system. Tax-privileged corporations only have to use the EÜR if their income is higher than 35,000 euros.

How ELSTER works – summary

After registration, the user can select the desired tax return form from the existing list of forms and then fill it out directly with ElsterOnline.

For this purpose, pre-filled tax returns are available, which the tax office already receives from the data. These can be adopted. Receipts only need to be sent to the tax office on request.

After filling in, the data can be sent to the data center with a simple click. Registration is required for an authenticated transmission, the taxpayer receives a form for this.

If the transmission is not authenticated, the documents must then be printed out, signed and sent by post to the tax office. In the case of the advance VAT return, a transfer protocol is printed out as proof of electronic submission after the transfer has been completed. This log is intended for the taxpayer’s records.

The tax assessment comes from the tax office in paper form, but can also be picked up as an electronic file if the corresponding settings have been saved in the program. ELSTER will then help you to compare the notification with the originally submitted forms.

ELSTER 3