Aller au contenu principal
Menu
French Tax Compliance

POS Software Compliant with ISCA

Article 286, I, 3° bis of France's General Tax Code

digabloPos meets the French legal requirements for Tamper-proofing, Security, Retention, and Archiving of point-of-sale data. Every customer receives an individual certificate of compliance.

The 4 ISCA Pillars

Every pillar is built natively into digabloPos — no add-on modules, no extra fees.

I

Inaltérabilité (Tamper-proofing)

POS data cannot be altered or deleted once recorded.

  • Every transaction is sealed with a SHA-256 hash chained to the previous one
  • PostgreSQL triggers block any amount modification after payment
  • Refunds are logged as separate operations; the original transaction stays untouched
  • A global sequential transaction number guarantees continuity (no gaps possible)
S

Sécurisation (Security)

Data is protected against any unauthorized access or modification.

  • Role-based access control (owner, manager, cashier, server) with granular permissions
  • PIN-based authentication hashed with bcrypt for every employee
  • Immutable audit log: every sensitive action is traced (who, what, when)
  • Database-level security policies (Row Level Security)
C

Conservation (Retention)

Point-of-sale data is retained for the legally required period and can be produced on demand.

  • Z-reports generated automatically at every register close
  • Each Z-report is sealed with a hash chained to the previous one
  • Sales, refund, VAT, and payment-method totals are archived
  • Data kept for the full 6-year legal retention period
A

Archivage (Archiving)

Closed data is stored in a secure, timestamped, non-modifiable format.

  • Fiscal archives digitally signed with HMAC-SHA256
  • Export to JSON and CSV with verification hash
  • Archives are immutable: no modification possible after generation
  • Integrity verification available via API for any audit

Required Information on Receipts

Every receipt issued by digabloPos carries the information required by regulation.

Unique sequential transaction number (never resets)

Cryptographic signature (8 characters from the SHA-256 hash)

Itemized VAT amounts on every receipt

CSV-exportable Z-reports with ISCA hash

Legal basis

Article 286, I, 3° bis of the French General Tax Code: Any VAT-liable business that records customer payments via POS software must use software that meets tamper-proofing, security, retention, and archiving requirements.

Finance Act 2026 (Article 125, February 19, 2026): Restores the ability for POS software publishers to issue an individual certificate of compliance (self-certification), without being required to go through a certification body.

Penalties: Using non-compliant software is punishable by a €7,500 fine per software or POS system (Article 1770 duodecies of the CGI). Issuing a false certificate is a criminal offense.

ISCA Compliance Included, Free

Create your account in 2 minutes. Tax compliance is built in — no extra module, no hidden fees.