This article explains the Compliance Certificate (CCSI) required to activate Phase 2 of E-Invoicing in Qoyod, and Qoyod’s role in managing it automatically.
What is the CCSI certificate
CCSI stands for Compliance Cryptographic Stamp Identifier. It is a digital certificate issued by ZATCA (Zakat, Tax and Customs Authority) for every organization subject to Phase 2, used to sign invoices electronically and prove that an invoice was issued from the organization’s certified system.
The role of CCSI in the invoice
The certificate is used in every invoice to generate:
- Cryptographic Stamp: proves the invoice was issued from the certified organization.
- Hash chain: links each invoice to the previous one, to prevent tampering.
- QR Code: contains the invoice data and signature.
How Qoyod manages the certificate
Qoyod manages the certificate automatically, with no need for the user to handle the technical details:
- Generates the certificate request through the Fatoora system.
- Stores the certificate securely inside Qoyod.
- Signs every invoice with the certificate at issuance.
- Renews the certificate when it expires.
What you need to do
- Make sure you are registered on the Fatoora platform with the organization account.
- Open the E-Invoicing settings in Qoyod.
- Follow the steps to generate the CCSI certificate via the Fatoora platform, using the data Qoyod provides.
- Complete the certificate verification in Qoyod.
Notes
- Registering the certificate on the Fatoora platform is a step the organization performs itself. Qoyod guides you through the process but does not register on your behalf.
- The certificate is tied to a specific system (Qoyod in this case). Switching systems requires issuing a new certificate.
