Help
General
By checking your system data (see below), this wizard checks whether your system fully or partially meets the requirements for using My BOP. The following components are being tested:
- Operating system
- Browser
- JavaScript
Under User name you can enter a freely selectable string (up to 8 characters). The user name is used to differentiate several personal user accounts in My BOP if users register multiple times in order to keep different user accounts separate from each other. Since it is not yet certain at the time of the first registration whether additional user accounts will be requested later by the user, a user name must be assigned with each registration. The user name must be unique.
Personal details
Please enter your "correct" email address. This is very important for the smooth running of the registration process. If the email address is not entered correctly by mistake or if a fictitious email address is used, you will not receive the Activation ID required to complete the registration. In this case, you will not be able to complete the registration successfully and may need to redo it. In addition, notifications of new information in your personal mailbox in My BOP will also be sent to this email address. After successful registration, you can change your email address at any time in your private area within My BOP.
In order to be able to register successfully, you must specify an associated shared secret in addition to the BZSt number assigned by the Tax office. The shared secret will be checked for correctness after receipt of your registration application at BZSt. Currently, as a shared secret, you can provide the consumer secret or the BZSt secret. All secrets are assigned by BZSt.
When entering your personal data, you must also select and answer a security question from the questions provided. The security check will later be used to delete your personal access to My BOP or to revoke the Certificates of your software key. Only you and My BOP know which question and which answer will allow the deletion of your personal access.
Please note that selecting the password as a personal password to protect your ELSTER certificate will significantly affect the security of your ELSTER certificate and therefore the access to My BOP.
Especially with certificate files, the security of the certificate depends on the password selected, because it could be copied without being noticed (e.g. in case of phishing) so the assigned password alone represents the security anchor.
The password can be 6 to 128 characters long.
The password can be formed from a ... z, A ... Z, 0 to 9, you can also choose from the following special characters for your password:
Your password should contain at least letters as well as numbers. Further information on this topic can be found under "Passwords" of the Federal Office for Information Security.
Registration details in My BOP
It is not necessary to register if you already have an ELSTER electronic tax return certificate from My ELSTER. In this case, you can proceed directly to log in to My BOP.
After logging in to My BOP, you can see which forms you can use in My BOP with the ELSTER certificate from My ELSTER under "All forms" in "Forms and services".
Registration via My BOP requires possession of a BZSt number issued by the Federal Central Tax Office (BZSt) as well as something confidential or secret. This secret may be a centralized BZSt secret, an identification number (VAT refund), ZM registration ID or EUZI identification. Furthermore, in the case of notifications of actually exempted capital gains, the bank code of the notifying body or the pseudo-bank code assigned by the BZSt may be disclosed as a secret.
The use of each of the forms offered requires a registration with the competent specialist department of the BZSt, even if a registration has already been successfully completed in the context of another procedure / form. If a transmission takes place without prior registration, it will be automatically rejected. Therefore, please contact BZSt before sending it to the Email address onlineverfahren@steuerliches-info-center.de.
Submitters that want to use the ELMA5 interface of the BZSt for the transmission of mass data must first have registered at My BOP and have selected the login option with certificate file.
Login option certificate file
Your registration with certificate file is done in two steps for security reasons. Please follow the steps one after the other. After successful completion of all steps, the personal access (login) to My BOP and the use of the personalised services are available to you.
In the first step, you first enter your personal data. These include, for example, name, BZSt number and email address. Since your postal address is linked with your personal BZSt number at the tax office, for security reasons, this allows the tax office the possibility to determine that the data was really entered by you electronically and belong to you. To prove your identity to the tax office, you will receive activation data for your future access to My BOP separately by email and by post after you have entered your data. If unauthorised persons entered your personal information, they would not receive the complete information Activation data. This excludes that an unauthorised person can create an access in your name.
- Personal data and security check: Plausibility check
Enter your personal data in the fields provided. When you have entered your personal data in full, your entries will be formally checked for plausibility. Incorrect formats in your entries must be corrected. For example, it will be checked to see if your email address or BZSt number are in the correct format. Only if all entries are plausible will you be able to submit them for further processing by My BOP.
When entering your personal data, you must also select and answer a security question from the questions provided at the end. The security check later serves to block your personal access to My BOP. Only you and My BOP know what question and what answer allows the blocking of your personal access. Display personal data: Receipt acknowledgement
Since part of your Activation data is sent by email, it must be ensured that your email address is correct. If you have sent your personal data to My BOP, you will promptly receive an email to the email address you entered, the receipt of which must be confirmed electronically. Please follow the instructions in the email. You will then receive another email with your personal Activation ID and for security purposes you will receive separately by post a related personal Activation code. Then you can go to step 2: Activation and create certificate to continue the registration process.
You have already carried out "Step 1: Personal data" and received a letter and an email with the Activation data of your personal access from the Tax office. In this step you activate your access with this data. The Activation data consist of one Activation ID(included in the email) and one Activation code(included in the letter). Only by means of both elements can your access be activated in a secure way. After completing this step, you will then have a certificate file protected by an individual password, which will be accepted by My BOP in the future, for example for login purposes.
Activation I - Activation data:
Please enter your Activation ID which you received by email and your 12 digit number Activation code which you received by post, to activate your personal access. In the next step you will be shown that your personal access will be activated automatically. Your personal data can be assigned to you without any doubt by the Tax office and are now included in My BOP. The Activation data only have to be entered once to activate your personal access to My BOP.- Activation II - Save personal key:
Personal security environment
By entering your personal data in My BOP you are unequivocally identified by the Tax office. In this step, a personal certificate file will be created on your computer and saved by you. If a file with the same name already exists, it will be overwritten. You can change path and file name. You must keep the file extension ".pfx". Access to the Private key contained in the file is protected by a password that you must set yourself. For security reasons, the input required is the 12-digit Activation code from the letter received from the Tax office.
Certification
After your identity has been checked in the first step of the registration process, you now need an ID to prove your identity beyond doubt in the future without great effort. This ID is generated in this registration step in the form of a certificate file and then authenticated in a separate process. When registering with a certificate file, the certificate is stored on the hard drive of your computer. The certificate file contains two key pairs, each consisting of a private and a public key. The Private key will not be changed once it has been created and will remain on the hard drive of your computer. The Public key generated in this step on the other hand, is only provisional and still has to be certified. The certification is carried out by My BOP Trust centre certifying the public keys. Once the certification of your public key has been completed, the certificates will be placed in your certificate file. Certification is a high security process that can take several minutes. After completion of the certification, your access to My BOP will be available to you.
You would like to use your personal access to My BOP. So that only you are able to use the personalised services, you must authenticate your access to the Portal with your certificate file, which you have acquired as part of your registration. For the Authentication enter the correct path and file name of the certificate file as well as the associated password. As soon as you click on the "Login" button, the registration will be carried out automatically. If you have acquired several personal accesses to My BOP, be sure to select the correct certificate file.
Login option ElsterSecure
The first step is to enter your personal details. These include your name, BZSt number, and e-mail address.
After you have entered your details, you will receive an e-mail to confirm your e-mail address and prove your identity to the tax authority. When you click on the link in the e-mail, the activation data required for completing the registration are created and sent to your address on file at the tax authority by post.
You will receive an activation ID via e-mail and an associated activation code
separately by post.
The activation code is sent by post to rule out that an unauthorized person can obtain access in your name or that of the organization you represent.
Once you have received both activation data, you can complete your registration via the link in the e-mail with the activation ID.
You have already completed step 1 of the registration and received an e-mail with the activation ID and a letter with the activation code. In this step, you will use this data to activate your access. During the setup, an access key is created with the device password you used (e.g. display lock, face ID, or fingerprint).
If you would prefer not to or cannot click on the link for step 2 in the e-mail containing the activation ID, you can use the following link to start step 2 of the registration process: Start Step 2 (ElsterSecure)
After you have entered the activation ID in your browser, you will be asked to complete the activation of your user account with ElsterSecure. To do this, follow the instructions and scan the QR code. You must then enter the activation code in the app. The browser now displays the notification that the activation is complete.
You will now always select login with ElsterSecure when you log in. You will be asked to scan a QR code in the browser using the app. If you use multiple profiles, you can then select the desired profile in the app. You are then logged in after you have confirmed your identity, e.g. by means of the display lock, face ID, fingerprint, or PIN.
Login option security stick
Your registration with security stick takes place in two steps. Please follow the steps one after the other. After successful registration, you will have access to My BOP and thus the use of the personalised services via the login.
Please note that to register with a security stick you need a security stick, which you must have at hand from step 2 of the registration. In the first step your personal data will be recorded. These include, for example, name, BZSt number and email address. But not your postal address. The Tax office determines this based on the BZSt number you entered and sends you by post an Activation code. In this way it should be excluded that someone could have the Activation code sent to any address and thereby obtain access to your data. Simultaneous to the letter with the Activation code My BOP sends you an email to the given email address. This email contains an Activation ID. Only when you are in possession of bot Activation data may your identity be proven beyond doubt. There is now nothing to stop you from completing the second step of your registration.
- Personal data and security check: Plausibility check
Enter your personal data in the fields provided. When you have entered your personal data in full, your entries will be formally checked for plausibility. Incorrect formats in your entries must be corrected. For example, it will be checked to see if your email address or BZSt number are in the correct format. Only if all entries are plausible will you be able to submit them for further processing by My BOP.
When entering your personal data, you must also select and answer a security question from the questions provided at the end. The security check will later be used to block your personal access to My BOP or to revoke certificates. Only you and My BOP know what question and what answer allows the blocking of your personal access. You can also find the function "Block account" in the public area of My BOP, so that you can delete your personal user account at any time without having access to the private area.
Display personal data: Acknowledgement of receipt. As part of the activation data is sent to you by email, it must be ensured that your email address is correct. If you have sent your personal data to My BOP, you will promptly receive an email to the email address you entered, the receipt of which must be confirmed electronically. Please follow the instructions in the email. You will then receive another email with your personal Activation ID and for security purposes you will receive separately by post a related personal Activation code. Then you can go to step 2: Activation and create certificate to continue the registration process.
To carry out the second step, for the activation of your access, you need the Activation data from step 1 and your security stick.
In contrast to the usual registration processes for internet Portals such as Amazon or eBay which require specifying a user name and the associated password, My BOP expects you to use a kind of ID card to register. This ID card is generated in this step in the form of a certificate file and is then authenticated in a separate process. When registering with a security stick, the certificate file will be stored on your security stick. The certificate file contains two key pairs, each consisting of a private and a public key. The Private key is not changed after its creation and remains on the security stick. The Private key generated in this step is on the other hand only provisional and still has to be certified. Certification takes place when the My BOP Trust centre certifies the public keys. Certification is a high security process that can take several minutes. After completion of the certification you are allowed access to My BOP.
Activation I - Activation data. To activate your personal account, please enter your activation ID, which you have received by email, and your 12 digit activation code, which you have received by post. In the next step, you will see that your account is automatically activated. Your electronically entered data is now included in My BOP and can be assigned to you by the Tax office without any doubt. You only have to enter the activation data once to activate your personal access to My BOP.
Activation II - Save personal key:
Personal security environment
By entering your personal data in My BOP you are unequivocally identified by the Tax office. In this step, your personal cryptographic means or more precisely your asymmetric key pairs are automatically generated on your security stick and stored on it. Access to the resulting private key contained on your security stick is protected by a password, which you define here yourself. Please insert your security stick for initialisation into the USB port of your computer. For security reasons, the input required is the 12 digit Activation code from the letter received from the Tax office.
You will receive electronic certificates from My BOP for the certification of the public keys, which unequivocally identify that the key belongs to you. The certification of the keys is a high security process that can take several minutes as the final certificates in the Trust centre must be requested by My BOP. After completion of the certification, your access to My BOP will be available to you.
You would like to use your personal access to My BOP. So that only you are able to use your personalised services, you must authenticate your access to the Portal with your security stick, which you have acquired for the registration. The Authentication takes place automatically when you insert your security stick into the USB port of your computer. Since the use of your security stick is protected by a personally chosen password, please enter the password for the release of the security stick and then click on "Login".
Login option with signature card
Your registration with signature card is performed in two steps. Please follow the steps one after the other. After successful completion of both steps, your personal access to My BOP and the use of the personalised services will be available via the login. Please note that you must have a valid signature card to complete the second registration step.
In the first step your personal data will be recorded. These include, for example, name, BZSt number and email address. But not your postal address. This Tax office determines this based on the BZSt number you entered and sends you by post an Activation code. This is to prevent anyone from getting the activation code sent to any address and thereby gaining access to your data.
Simultaneous to the letter with the activation code, My BOP will send you an email to the specified email address. This email contains an Activation ID. Only when you are in possession of both Activation data your identity may be proven beyond doubt. There is now nothing to stop you from completing the second step of your registration.
- Personal data and security check: Plausibility check
Enter your personal data in the fields provided. After successful registration, you can log in using the login on your homepage with your "Step 2: Activation and first login” selected signature card. If you have completed the input of your personal data and wish to proceed, your entries will be formally checked for plausibility. You must correct incorrect formats in your entries. You will be notified accordingly. For example, it will be checked to see if your email address or BZSt number are in the correct format. Only if all entries are plausible they can be sent by your computer for further processing by My BOP.
When entering your personal data, at the end you must also select a security check from the questions provided and answer personally. The security check later serves to block your access to My BOP. Only you and My BOP know which question and which personal answer allows the blocking. The function "Block account" is available on the homepage
Display personal data: Receipt acknowledgement
Since part of your Activation data is sent by email, it must be ensured that your email address is correct. If you have sent your personal data to My BOP, you will promptly receive an email to the email address you entered, the receipt of which must be confirmed electronically. Please follow the instructions in the email. You will then receive another email with your personal Activation ID and for security reasons separately by post the corresponding, personal Activation code. Then you can continue to "Step 2: Activation and first login” of the registration process.
You have already carried out "Step 1: Personal data" and received a letter and an email with the Activation data personal access from the Tax office. In addition, you must have a My BOP accepted signature card or have specially obtained one. In a first step, you activate your access with your activation data. The activation data consist of an Activation ID(contained in the email) and an activation code (contained in the letter). Only by means of both elements can your access be activated in a secure way. In the second step, after entering your personal password, My BOP automatically checks the validity of the information contained on your signature card in the relevant Certificates by means of the Trust centres of your card issuer. This is done by My BOP reading the certificates of your signature card. In the future, your signature card will enable you to use the services of My BOP that have been personalised for you in a trusting and secure manner from your computer. Unauthorised persons can not gain access because they would need your signature card and password.
Activation I -Activation data:
Please enter your Activation ID that you have received by email and your 12 digit Activation code that you received by post to activate your personal account. In the next step you will see that your personal access is automatically activated. Your electronically entered, personal data is now included in My BOP and can be assigned to you by the Tax office without any doubt. The activation data entered by you are only used once to establish your personal access to My BOP.Activation II - Reading the Certificate of the signature card:
These are included in My BOP through your electronically entered personal data and are unequivocally identified by the Tax office. In this step, the relevant certificates of your signature card are now automatically read by the My BOP Trust centre, are checked for validity via the Trust centre of your card issuer and in case of a positive check, are saved in a Directory service by My BOP. The relevant certificates are usually analogous to the certificate file and the security stick with two certificates, whereby one is used for Authentication and the other for Encoding.Authentication:
Please insert your signature card into your card reader and enter the personal password of your signature card. For security reasons, the input required is the 12 digit Activation code from the letter received from the Tax office. An activation confirmation is displayed. This will authenticate you to use your personal access and associated personalised services in this step. Your signature card will serve for your future Authentication and Encoding between your computer and My BOP. You can now log in directly via the login. You will find the login in the public area on the right in the grey area.
You would like to use your personal access to My BOP. So that only you are able to use your personalised services, you must authenticate your access to the Portal with your signature card with which you have registered as part of your registration. The Authentication is automated when you insert your signature card into the card reader on your computer. Since the use of your signature card is protected by a personally chosen password, please enter the password for the release of the signature card and then click on the "Login" button.
Renew access to a user account
If you are no longer able to log in to your user account (e.g. you have forgotten your password or lost your certificate file), you can renew access to your user account.
New activation data will be sent to you after you apply to have your access restored, and you will ultimately receive new log-in details, as when you first registered. To ensure the security of your data, you will be sent an activation ID by e-mail and, an activation code separately by normal mail. Please note that it may take a few days to deliver the activation code.
Please note that the access renewal can only be performed in the portal of your initial user account registration.
You have the option of blocking your current certificate during the process to renew your access. Blocking the certificate deactivates access to your user account. After the process to restore your access has been completed, you can input the activation data to receive a new certificate, which enables you to log in again. The blocked certificate remains blocked and cannot be reactivated.
If you have forgotten your password, you can request a new one in the course of the process for renewing access. As when you first register, new activation data will be sent to you and you will receive a new password at the end. To ensure the security of your data, you will be sent an activation ID by e-mail and, an activation code separately by normal mail. Please note that it may take a few days to deliver the activation code.
You can change your login option (certificate file, security stick, signature card) during the process to renew access. Please note here that only the "certificate file" log-in option can be used for sending mass data (ELMA5). Please note, moreover, that it is not possible to change to a signature card if you provided a foreign BZSt number or a Family Benefits Department BZSt number when you registered.