Does each branch have a certificate and does any user who creates invoices use that certificate? Or does it mean that each device has a certificate?
Is it normal for each device to have a certificate?
Let’s say, for example, that I have 50 devices that create invoices in one branch, is this normal?
The issue, for me as a programmer, is it easy to play with in order to bypass something like that unless each company provides the number of users it has.
I can register my invoices on the system under the name of the user who created them, and when printing and sending, I will attribute them to one user because of the certificate issue. This is in the case that each user has a certificate
Hi,
Let me tell you in a simple way then it will be clear. Any machine need to connect to ZATCA to push transacations need a username and password right? If yes you need to register it with ZATCA then this machine will be able to communicate if you have 10 branches pc connecting to ZATCA you need 10 machines to register and you will get username and password and for each machine keys/certficates.
Now lets change the way to connect with ZATCA that all your branches will just push data to your head office server and only head office server will connect to ZATCA means only one username/password required right?
Hope now it will be simple to understand. thanks
True, I do not deny that this center in another country has more than 150 devices for generating invoices. However, each real device is actually linked to a fingerprint entry and a username and password for each device on the government website to complete transactions. Even if the matter was limited to the certificate only. The owners of these centers would not have incurred the cost of creating a user when hiring a new employee. The matter was limited to distributing the username and password to all employees and using the website to complete transactions. I know that the matter can be limited by the username logging in from more than one device, but it is one internal network. So I believe that it was necessary to distinguish the matter with a fingerprint device for each user. Therefore, I believe that in the certification process, I can pass it to more than one user within the branch to synchronize with the authority. Therefore, I believe that one certificate used for each branch is sufficient for the number of users within one branch
Q: Does each branch have a certificate and does any user who creates invoices use that certificate? Or does it mean that each device has a certificate?
Answer: It depends on your choice, taxpayers have absolute discretion to onboard any number of certificates depending on business needs. Only limitation is that a certificate once onboarded should not be transported to another device. You can onboard one or more certificate(s) per device / server as suits your current architecture.
Q: Is it normal for each device to have a certificate?
A: Yes, particularly for B2C invoices its normal for each device to have its own certificate as B2C invoices must be signed by certificate and QR must be generated before issuing invoice to consumer.
Q: Let’s say, for example, that I have 50 devices that create invoices in one branch, is this normal?
A: Yes, if one branch has 50 devices you can onboard 50 certificates. There is no limitation on number of certificates from ZATCA’s side.
Q: The issue, for me as a programmer, is it easy to play with in order to bypass something like that unless each company provides the number of users it has. I can register my invoices on the system under the name of the user who created them, and when printing and sending, I will attribute them to one user because of the certificate issue. This is in the case that each user has a certificate
A: You can generate invoice from one device (certificate) and send it to ZATCA using another certificate (lets say from a server). This is allowed as long as both certificates are under same VAT Registered Number.
Dear @Ankit_Tiwari Thank you
I have thought through your response to me. I will take it into consideration, God willing.
We are waiting for the actual experience and truth and we will see where things will lead us.
I am speaking from the perspective of Ijtihad, but I have not actually delved into the actual experience.