The AEAT 24-hour PIN system has been developed based on the “Disposition 18763 of the BOE no. 287 of 2011 - BOE-A-2011-18763“. Specifically in point one, section 3.c developed in Annex III of the provision. We make an excerpt from these sections:
“First.
ANNEX III
Signature system with access code in a previous registration as a user
I.Description of the system
The system is based on the registration by the citizen in a register of users, for which he will fill in a form provided for this purpose by the Tax Agency. Once registered, the Agency will provide the citizen with a code and an access code. The user can manage this key at any time. Through the code and the access key, the citizen will be able to access electronically, through the channels that are available at any moment, to the procedures and certain actions for which this system has been enabled, that will not be able to imply access or consultation of personal data beyond those of the procedure and identification of the interested party to whom the said procedure or action is referred.
The validity of the system may be temporarily limited depending on the deadlines associated with the procedures or actions for which its use has been determined.
The use of the system described by the citizen will imply consent for its use as an electronic signature system.
When the action taken by the citizen involves the submission of electronic documents using any of the signature systems provided for in this Resolution, the Tax Agency will automatically generate an acknowledgment of receipt or presentation receipt, in the terms indicated in the Resolution of 28 of December 2009, of the Presidency of the State Tax Administration Agency, which creates the electronic headquarters and regulates the electronic records of the State Tax Administration Agency.
II. Operating guarantees
In accordance with the principles of security and proportionality, the system described in the previous section adequately guarantees its operation in accordance with the criteria of integrity, confidentiality, authenticity and non-repudiation provided for in Law 11/2007 and development regulations. Confidentiality, authenticity and non-repudiation are they guarantee by means of the exclusive knowledge on the part of the citizen and the Tax Agency of the code and the key of access to said registry, and in his case, of the data provided by the citizen in the form of registration in the registry.
When the action taken by the citizen involves the submission of electronic documents using any of the signature systems contemplated in this Resolution, the integrity of the information submitted will be guaranteed by its immediate incorporation into the information system of the Tax Agency, and in particular, the Catalog of electronic documents, in accordance with the provisions of the Resolution of February 4, 2011, of the Presidency of the Tax Agency, on the use of a secure verification code. The integrity and preservation of the electronic documents stored in the Catalog and its mandatory associated metadata will be guaranteed through technical measures to ensure their unalterability. The acknowledgment of receipt issued by the Tax Agency and signed with its own secure verification code or CSV will be the document with probative value of the submission made. The integrity of the electronic documents authenticated by CSV may be verified through direct and free access to the Tax Agency's electronic office, as long as the destruction of said documents is not agreed in accordance with the applicable regulations or by court decision.
The security of the system is reinforced by the limitation as to the procedures or actions for which it can be used, not being possible to use outside this scope, nor allowing access or consultation of personal data beyond those of the procedure. and identification of the interested party to whom the said procedure or action is referred. The system will not allow access or electronic signature by means of incorrect, invalid or invalid data, access codes that are not in force at the time of use. ”
