Supplement to the letter of the Federal Tax Service of Russia for eccles from the regions. Ackles - what is it? secure electronic control tape: purpose and device Checking kkm for work with ecls

EKLZ-R - the development of NPO "Innovative Systems", is used as part of the control and cash registers(CCP) and is guaranteed to protect fiscal information.

The introduction of the SNFP EKLZ-R, as an effective device of a new generation, is due to the active development of trade and the related need to preserve information about the calculations carried out in full.

The EKLZ-R unit, installed on many of the cash registers of domestic and foreign production most often used in retail chains, provides high productivity when operating equipment in a constant intensive mode. The non-volatile device saves the final data for the required time, which makes it possible to record subsequently all cash and non-cash payments made in the process of accurately determining tax payments.

EKLZ-R effectively contributes to the implementation of the following production tasks:

  • accepts information about receipts or reports coming from cash registers (KKM) of various modifications;
  • generates a verification cryptographic check code;
  • transfers to the cash register the calculated cryptographic code identical to the parameters cash document for its subsequent printing during registration or as part of an electronic control tape;
  • ensures the archiving of information arrays, as well as the accumulation and safety of the final data based on the results of work per work shift;
  • produces reports.

Technological features of EKLZ-R

EKLZ-R from NPO "Innovative Systems" is developed taking into account algorithms that are not applicable to the Regulation of the Government of the Russian Federation No. 313, which not only facilitates the operation of cash register equipment, but also provides significant savings in distribution costs for trade organizations.

The use of the EKLZ-R unit does not contradict the provisions of the legislative acts of the Russian Federation, regulating use of KKM when carrying out any forms of payments, the procedure for their registration and operation.

A modern device that fully complies with the technical requirements for products of this kind is an exclusive development of the Scientific and Production Association "Innovative Systems". All the necessary documentation ensuring the legality of the use of EKLZ-R (certificate of conformity, passport of the fiscal information protection unit, test report) is available.

The most important condition for the stable functioning of the EKLZ is the possibility of its normal service support throughout the entire operational period. This procedure is governed by the current Regulation on the procedure for the sale, maintenance and service support of cash registers, in connection with which the right to install, replace and remove the device is granted to specialized centers Maintenance... TECs are vested by suppliers with the right to conduct technical support cash register devices. Such activities do not require licensing, which allows the Technical Service Centers for the maintenance of cash registers to acquire EKLZ-R for its installation or replacement on cash registers without obtaining a license from the FSB.

The software, adapted for a wide range of CCPs operated on the territory of the Russian Federation, is specially developed for this product and makes it possible to receive and store the accumulated archived data with a guarantee. A fundamental feature of EKLZ-R from NPO Innovation Systems is the ability to install and replace it in KKM from many leading manufacturers of KKT, most often used in Russian trading systems with a client stream of any saturation. These include devices AMS, AGAT, KASBI, MINIKA, MERCURY, OKA, PRIM, PTK, SPARK, FELIX, SHTRIH-M, ELVES, FPrint, WAB. As a result practical application of this intellectual product, the manufacturing company recorded an increase in the list of KKM compatible with EKLZ-R.

If you want to know the price at which you can buy EKLZ, please contact our sales department in any convenient way from the section. The cost of EKLZ varies depending on the wholesale or retail delivery.

There is an old decommissioned EKLZ on LPC2146FBD64 (LQFP64 package).
Communication with her is standard via UART mikruhu MAX3221 (3-V to 5.5-V Single-Channel RS-232 Line Driver / Receiver).

Everything is logical through MAX3221:
pin Rx to P0.0 / TXD0/ PWM1 19 leg controller
pin Tx to 0.1 / RXD0/ PWM3 / EINT0 21 controller feet

NXP LPC2xxx microcontrollers have a built-in bootloader that allows you to flash program memory (flash) through a serial port (UART)

Now how to flash:
logically, any controller should be sealed in an already soldered state (ISP) through some kind of external connectors. Because it's just stupidly more convenient to manufacture - do not solder the already flashed controller. Again, if you need to change the firmware urgently, what to do?

Well, as I understand it, all controllers are sewn via UART, but you need to somehow switch to firmware mode. This is a stupid leg BOOT... Also, for the convenience of the firmware, you need to find a leg RESET.
The LPC2146FBD64 BOOT is P0.14 (/ EINT1 / SDA1) these are 41 controller legs!
RESET is the 57th leg of the controller!

So BOOT is pulled up through a 100K resistor to = 5V. It is logical that the firmware mode is not activated by default. But I did not find other conclusions (contacts) for feeding 0 to BOOT, except for a 1mm round patch. In principle, you can solder to it.

At the output of the EKLZ, however, there is access to the USB legs of the controller, and it also looks like I2C 2 contacts.

BOOT - Note: LOW on this pin while RESET is LOW forces on-chip boot loader to take over control of the part after reset.
It turns out like this:
RESET = 1
BOOT = 0
or in other words
BOOT = 0
powered on (turned on)
waiting ... (1 sec is possible)
release BOOT (then it will pull up to 3.3V through the resistor)
and that's it .... the controller went into firmware mode. Let's check it like this:
In a programme FlashMagic click for example Read Device Signature and we see the normal response:

They also write like this on the internet:

Before turning on the power, close the terminals P0.14 and Reset to ground. Apply power, wait until it reaches the nominal value. Set Reset to a high logic level, wait at least a few milliseconds and apply a high level to P0.14.


CRP is at level 2 or 3

Read Security issues:


Here is a table of CRP values:


Trying to erase Flash (Erase Flash)


And lo and behold - she writes that she was erased. But in reality it is not so. For further attempts to write something down there give nothing ( Failed to send data to the device). And the old firmware lives quietly and nothing is done with it.

Dug up on the internet that message CRP is at level 2 or 3 not so bad (the controller supposedly can still be flashed, i.e. it still means level 2).


It was soldered with thin flexible wires from the transformer windings to the nickels.

I opened the Keil project with LPC2146 and saw that it is possible to use the following programmer options:


I have STLink2 JTAG / SWD only. Therefore, we are waiting with Ali J-Link or ULINK2 (both for 800r.)

I tried in LPCXpress0 to find the possibility of at least flashing the LPC-2146 - I couldn't find anything.

ULINK2 and J-Link arrived.
But as a result, nothing works over JTAG and SWD. It looks like we have a controller locked by CRP3.
It turns out that NXP has such a feature - installed CRP3 and then work as it is and nothing can be done with it.

And it is a pity that the good is lost, it could be adapted for different projects.

Here I also dug up a scheme on the Internet from a kind person

On registration (re-registration) of cash register equipment .


Federal Tax Service of Russia Ivanovo region(hereinafter referred to as the Department) sends for the management of the work a letter of the Federal Tax Service of Russia dated 05.11.2013 No. AS-4-2 / [email protected]"On registration (re-registration) of cash register equipment" and, in addition to the letter dated 01.08.2013 No. 08-47-7 / [email protected] reports the following.
The Center for Information Protection and Special Communication of the FSB of Russia at the request of CJSC Atlas-Card, letters dated 20.09.2013 No. 149/3/2 / 2-1351, dated 26.09.2013 No. 149/3/2 / 2-1430 and dated 26.09. .2013 No. 149/3/2 / 2-1431 explained the grounds and procedure for using a secure electronic control tape (hereinafter - EKLZ-Z), as well as software and hardware for checking the values ​​of the cryptographic verification code (requests from CJSC “ Atlas-maps "and the answers of the FSB of Russia are attached).
In accordance with these clarifications, at present, the CCP uses a secure electronic control tape developed by CJSC "BEZANT" on the basis of the license of the FSB of Russia dated 09.07.2013, series LSZ No. 0009114 for the development, production and distribution of encryption (cryptographic) means, information systems and telecommunication systems protected using encryption (cryptographic) means, performance of work (provision of services) in the field of information encryption.
This EKLZ is produced by two organizations: JSC "TENSOR", on the basis of the license of the FSB of Russia dated 04/23/2009, series LZ No. 0016765 for the right to carry out activities for the development, production of encryption (cryptographic) means, protected with the use of encryption (cryptographic) means of information and telecommunication systems and CJSC Scientific Instruments on the basis of the license of the FSB of Russia for St. Petersburg and the Leningrad Region dated 09.23.2013, series LZ No. 0021106 for the right to carry out activities for the development, production of encryption (cryptographic) means protected using encryption (cryptographic) means of information and telecommunication systems (copies of licenses are attached).
EKLZ-Z has a certificate of conformity dated 15.07.2013 No. SF / 121-2183. issued by the FSB of Russia to ZAO BEZANT and OAO TENSOR. The safety of information (fiscal data) of EKLZ is ensured when using EKLZ, manufactured in accordance with the technical conditions EF3.058.007-01TU, meeting the technical requirements for control - cash registers in terms of EKLZ and preservation, in the iaiine of the cryptographic protection key (a copy of the certificate of conformity is attached).
Due to the fact that at present CJSC "Scientific Instruments" the certificate of conformity of the Federal Security Service of Russia for EKLZ own production does not have, EKLZ-Z is produced by this organization for technical specifications eF3.058.007-01TU on the basis of an appropriate agreement with CJSC "BEZANT".
Download software(including key information, on the basis of which, using a cryptographic algorithm for converting information, the value of the PDA is calculated) into the EKLZ-Z cryptoprocessor, produced by TENSOR OJSC and Scientific Instruments CJSC according to the technical conditions eF3.058.007-01TU, produced by Atlas CJSC -cards "on the basis of licenses of the FSB of Russia: from 05.04.2010, series LZ No. 0019446 for the right to carry out activities for the development, production of encryption (cryptographic) means, protected using encryption (cryptographic) means of information and telecommunication systems, dated 05.04.2010 series LZ No. 0019449 for the right to provide services in the field of information encryption (copies of licenses are attached).
Verification of the correctness of the formation of the PDA EKLZ-Z produced by OJSC "TENSOR" and CJSC "Scientific Instruments" according to the technical specifications eF3.058.007-01TU is carried out using the software and hardware tools of the "Software module for checking the values ​​of the PDA" of CJSC Atlas-Card (hereinafter - Software module for checking PDA values). This software module for checking the values ​​of the PDA has a certificate of conformity of the FSB of Russia dated December 22, 2010 No. СФ / 124-1571 (a copy of the certificate of conformity is attached).
Testing and examination of CCP (including when the CCP models are included in State Register KKT, as well as at the request of the tax authorities) with specially developed and used only in its composition means of cryptographic protection of fiscal data, including EKLZ, on the functioning of a KKT with built-in EKLZ for compliance " Technical requirements to KKM in terms of EKLZ ", the functioning of the EKLZ as part of the KKT for compliance with the" Specification of the EKLZ ", on the issue of the functioning of the KKT with the built-in EKLZ for compliance with the requirements for the KKT in terms of the incorrigibility of fiscal data, are carried out by the following organizations that have a certificate of accreditation of testing laboratories in the POSS RU Certification System .0001.030001, issued by the FSB of Russia: accreditation certificate of the testing laboratory of CJSC "BEZANT" dated 15.06.2012 No. AF-135; Accreditation certificate of the testing laboratory of Atlas-Kart CJSC dated 12.04.2011 No. AF-112 and LLC STC Alfa-Project dated 20.03.2009 No. AF-090). Copies of the accreditation certificates of CJSC "BEZANT" and CJSC "Atlas-kart" are attached.
FSB of Russia LLC "Scientific and Production Association" Information and Computing Systems ", which is the manufacturer of a removable storage device for fiscal memory" EKLZ KS ", issued a license dated 14.05.2013, series LSZ No. 0009015 to carry out activities for the development, production and distribution of encryption (cryptographic) means, information systems and telecommunication systems protected using encryption (cryptographic) means, performance of work (provision of services) in the field of information encryption.
However, as of 11/15/2013, certificates of conformity for this removable drive of fiscal memory "EKLZ KS" (hereinafter referred to as SNFP "EKLZ KS"), as well as for the software module for checking the PDA, formed by SNFP "EKLZ KS" LLC Scientific and Production Association "Information and Computing Systems" have not been received by the FSB of Russia.
Regarding the replaceable fiscal memory drive "EKLZ-NP-OZ" (hereinafter referred to as SNFP "EKLZ-NP-OZ", previously manufactured by CJSC Scientific Instruments and discontinued by this organization on April 27, 2012, the Office reports the following.
The EKLZ-NP-OZ device does not have a certificate of conformity from the FSB of Russia, that is, it is not certified for compliance with the requirements of GOST 28147-89 "Information processing systems. Cryptographic protection. Algorithm of cryptographic transformation ", the requirements of the FSB of Russia for the means of cryptographic protection of fiscal data of class K1 and in relation to this software and hardware, the certification body - the FSB of Russia, did not issue a conclusion on its use as part of the CCP to protect information registered in the EKLZ.
Based on the foregoing, the territorial tax authorities need to provide public service on registration (re-registration) of a cash register, which has in its composition SNFP "EKLZ KS" produced by LLC Scientific and Production Association "Information and Computing Systems", only if three conditions are met: hardware complex certificate of conformity of the FSB of Russia, availability of a certificate of conformity of the FSB of Russia for the software module for checking the PDA generated by the SNFP "EKLZ KS"; cards; LLC STC Alfa-Project).
Registration, (re-registration) of a CCP, which includes SNFP "EKLZ-NP-OZ" with a release date before 04/27/2012, is made only if there is an expert opinion regarding this CCP, issued in accordance with the established procedure by an authorized organization (CJSC "BEZANT"; CJSC "Atlas-kart; LLC" STC Alpha-Project ").
The provision of services for registration, (re-registration) of a cash register, which includes SNFP "EKLZ-K" manufactured by LLC Kores, manufactured in accordance with TU 4017-220-17665531-12, is carried out only after this organization has received the necessary permits from the FSB of Russia and a positive expert opinion regarding the KKT model, which includes the EKLZ-K block.
The Department instructs to bring this information to the attention of organizations - TEC.

Application - in electronic form

Deputy Head,
state advisor civil service
Russian Federation 1st class A.V. Sokolov

What is EKLZ - secure electronic control tape?

Protected electronic control tape (or EKLZ) is an integral and, according to today's legislation, an integral part of cash register equipment. Mandatory application EKLZ as part of KKT is fixed Methodical guidelines regulating the procedure for the use of electronic control tapes protected in cash register machines since October 1, 2003.

The tax authorities do not have the right to take to the state. registration of cash registers not equipped with EKLZ. These decisions are binding on organizations and individual entrepreneurs use EKLZ as part of KKM without fail.

Questions, What is EKLZ? and what to do with it? often occur in start-up entrepreneurs who for the first time are faced with the need to use cash register equipment (CCP). Protected electronic control tape(EKLZ) - an improved, electronic analogue of fiscal memory, used in the cash register for accounting and storing information on cash transactions, as well as the provision of the necessary reports on these transactions for tax purposes during tax audits. EKLZ, in contrast to fiscal memory, is a completely energetically autonomous device that is part of the cash register and records absolutely every cash transaction. Recording and storage of information is carried out on electronic media that are inaccessible to external influences and therefore EKLZ is a guarantee of the reliability of information about the proceeds received, which means that it deprives the owner of the KKM with the EKLZ installed on it, the possibility of hiding income and minimizing taxes. It is not possible to interfere with the EKLZ operation scheme, which contributes to the completeness of the calculation and payment of taxes.

The principle of operation of EKLZ is as follows. When conducting a cash operation, the cash register generates a check, then transfers its data to the EKLZ, which in turn, based on the check parameters data, generates and issues a verification cryptographic code to the cash register, a kind of digital signature... The cash register prints the check with a cryptographic signature confirming that the check belongs to this cash register. EKLZ simultaneously archives data that make up a continuous control tape and ensure the accuracy and completeness of information about all, without exception, cash transactions carried out on this KKM. In addition, EKLZ in the process of work records and accumulates changeable results. The cryptographic signature received by the cash register from EKLZ and printed on the check, if necessary, serves as a confirmation of the check's belonging to the officially registered cash register. This question turns out very important in accounting, in situations where there are doubts about the authenticity of checks issued by the cash register of the partner organization. Checks from unregistered cash register accepted by accounting, can cause significant troubles during tax audits. In such situations, the only way out for the organization is to apply to the tax authority with an application for the examination of checks, which is made by the tax authorities based on the identification of the PDA, that is, the EKLZ cryptographic code of a particular cash register.

EKLZ performs the following main functions:

  • Reception of cash document data (check, report) from KKT;
  • Generation of a cryptographic verification code (PDA) of a check (report) based on the data received;
  • Transfer to the cash register of the PDA number and the calculated PDA value corresponding to the data of the cash document for printing of this document in the process of registration;
  • Archiving and storing the data that make up the control tape;
  • Accumulation of shiftable totals in the process of work;
  • Formation of data of the shift total when closing the shift, entering and storing it in the non-volatile memory of the EKLZ;
  • Generation of reports on requests generated by the CCP during the operation of the EKLZ, or generated by the computer during the control of the EKLZ separately from the CKT, including after the archive is closed in the EKLZ, during the storage of the EKLZ.

So, EKLZ is a necessary element of a cash register, functioning on the principle of a computer's electronic memory, performing archival and fiscal functions. It is a stand-alone and replaceable device. Subject to annual replacement and registration with the tax authority.

Replacement of EKLZ is carried out in the following cases:

  • when filling EKLZ (more than 90% - scheduled replacement)
  • upon expiration of the established service life (13 months - scheduled replacement)
  • when re-registering cash register
  • in case of EKLZ malfunction (warranty replacement)

Scheduled or warranty replacement of EKLZ is made in the following cases:

1. Scheduled replacement of EKLZ is carried out in the case when the KKM issues a message about filling the electronic memory of the EKLZ unit by more than 90 percent. In such a situation, the organization or individual entrepreneur who owns the KKM sends a technical of KKM services(CTO) the relevant information about the fact of filling the memory of the EKLZ and the Letter of Guarantee application, which confirms his consent to the replacement of the EKLZ and the activation of the new EKLZ unit.

2. Scheduled replacement of EKLZ is also carried out when the 12-month period from the moment of activation of the EKLZ unit ends, which legally limits the period of its operation. In this case, the owner of the KKM, in advance, no later than one month before the expiration of this period, notifies the TEC with a similar Guarantee letter-application for the installation and activation of a new EKLZ.

3. Warranty replacement of the EKLZ is performed by the TEC in the event of a failure or malfunction in the operation of the EKLZ unit during the established period of operation.

Warranty service is carried out only if:

  • the cause of the EKLZ malfunction was not the dishonesty of the service personnel
  • the rules of operation of EKLZ as part of KKM were not violated
  • unauthorized opening of the EKLZ unit and attempts to repair it was not allowed
  • EKLZ malfunction was detected during the warranty period
  • EKLZ memory resource is not exhausted
  • EKLZ activation parameters were unmistakable

4. Unscheduled replacement of EKLZ is carried out due to re-registration of KKM to another organization or private entrepreneur.

Replacement of EKLZ is carried out exclusively by the technical service center (TSO) of cash registers. Self-replacement of EKLZ is excluded.

The planned replacement of EKLZ is carried out in accordance with the established procedure:

- The letter of guarantee-application of the owner of the cash register in the TEC serves as the basis for issuing an invoice for the replacement and activation of a new EKLZ

- the owner of the cash register pays the invoice and receives from the TEC Required documents for submission to the inspection of the Ministry of Taxes and Levies of Russia (registration card of the cash register, technical conclusion on the reason for replacing the EKLZ unit, the cashier's journal - the operator, the act of the form No. KM-2, certified by the TEC and drawn up in triplicate)

- a specialist of the tax authority, after studying the above documents, endorses the act of form No. KM-2, which is permission to replace the EKLZ and activate the new EKLZ. At the same time, the journal of the cashier-operator and the registration card of the cash register remain in the inspectorate

- TEC, after carrying out a sequential procedure for replacing the EKLZ, forms a package of necessary documentation in order to submit to the tax authority:

a) a note is made in the technical passport of the cash register about the date of replacement and activation of the new EKLZ. The date of replacement and the registration number of the EKLZ are certified by the signature of the TEC specialist who carried out the replacement, and by the seal of the TEC

b) in the additional insert to the Passport of the version, the date of activation of the EKLZ is recorded and its registration number is indicated. Certified by the seal of the TEC and the signature of the executing specialist

c) a specialist of the technical service center who carried out the procedure for commissioning a new EKLZ draws up an Act of putting into operation of an EKLZ in the form of Appendix A to those. EKLZ passport, certified by his signature and seal of the TSC

d) a record of the performed replacement and activation procedure is entered into the KM-8 Journal and a tear-off part of a self-adhesive seal control coupon with an identification number corresponding to the number on the seal is glued

e) an act is drawn up according to the form No. KM-2.

The owner of the cash register submits the above documentation to the tax authority and, after checking the correctness of the execution of these documents, receives back with them from the tax authority a registration card of the cash register with a mark about the activated EKLZ and the journal of the cashier-operator with account about the replacement of EKLZ.

EKLZ, which have exhausted their resource or removed and replaced at the end of their service life, are subject to mandatory storage in an organization or a private entrepreneur for 5 years.

AFTER REPLACING THE EKLZ UNIT, THE OWNER IS OBLIGED TO WITHIN 5 WORKING DAYS PROVIDE INFORMATION ABOUT CHANGE OF EKLZ UNIT TO THE TAX AUTHORITY!

Attention! This page and projects are no longer supported! Of course, I will answer all your letters, but not promptly.

Program for checking and testing EKLZ and FP
"Dump Constructor"

You can download the program.

Version history of the "Dump-Constructor" program.

FAQ: F.A.Q.


Registration of the program is free! But, you need to prove that you are a representative of TEC KKM.
Perhaps your organization has a website, perhaps you communicate on forums?
Maybe you know which of the guards on the www.kkm.info forum, who could vouch for you?
If not, then send at least the registration data of your organization.

P.S .: don't get me wrong, but I don't want the program to fall into the wrong hands :))

No registration required!

 discussion of the program on the forum:
Trade union of service engineers KKT

My coordinates

E-mail1:

Description of FP formats

You can view descriptions of FP formats.

External DLL developers

Description of the DLL source text format for "Fiskalnik" and "Dump Constructor".

Blank-template (on the example of one of the cash register machines).

DLL for Elwes-Micro-F with FP v2.5
for the program "Fiskalnik" and "Dump-constructor"

Latest version 0.0.0.1

DLL for FP Mercury-180F
for the program "Fiskalnik" and "Dump-constructor"

Latest version 0.0.2.7

Phased array driver test,
modified for the convenience of fiscalization, testing, replacement of EKLZ.

Latest version 2.0.0.10
For operation, a FR driver of version 4.8 or higher is required
Possibilities:
EKLZ replacement tab - the ability to carry out all operations necessary when replacing an EKLZ and removing a tax. reports. The ability to spy on the NI password (not on all FRs).
added the ability to remove quarterly reports from FP and EKLZ.
added the ability to remove reports from FP and from EKLZ by year.
fiscalization tab - all operations on fiscalization, re-registration, test sale, etc.
tab Technical reset, date, time - button "auto date-time from PC"
Print tab - testing the cutter and printing
Bookmark Serial number, license programming and license calculation. After installing a clean FP, enter the head in the field. KKM number and press the car license number.
added the ability to automatically remove quarterly reports from FP and EKLZ.
added the ability to remove monthly reports from FP and EKLZ.

 

It might be helpful to read: