As your Compliance-as-a-Service partner, we would like to inform you about an important topic in Austria: the certification for the ACOS-ID 2.1 chip will not be extended.
The Federal Ministry of Finance has been informed that the French certification body will not extend the certification for the ACOS-ID 2.1 chip due to a security vulnerability ("EUCLeak"), which means that the cards will no longer comply with the legal requirements for cash registers from June 7, 2025. These cards were distributed by A-Trust GmbH.
The EUCLeak security gap refers to a recently discovered vulnerability in a cryptographic process used in certain smartcards within the EU.
A-Trust GmbH is a leading Austrian trust service provider specializing in smart card solutions, secure digital identities and electronic signatures. The company issues signature cards for both official and business applications and guarantees the highest security standards.
In order to continue to meet the legal requirements for cash registers, cards must be replaced before June 7, 2025. After this date, these cards may no longer be used within the scope of the RKSV.
Cards of the CardOS 5.3 type are expected to remain valid until the end of 2027.
EFR compatibility ACOS ID 4.1:
We are continuously developing our EFR versions. As soon as the new ACOS-ID 4.1 card generation is available, we will inform you about the support provided by our middleware.
We ask you to inform and support your taxable end customers accordingly.
If you would like to find out more about the RKSV, please visit our website. We have compiled all further information for you there.
.jpg)
