KSeF is finally complete. The Ministry launched the last missing element

As of yesterday, November 1, 2025, entrepreneurs gained access to the new Certificates and Authorizations Module (MCU) in the National e-Invoice System (KSeF).

“The certificates and authorizations you apply for in the now available Certificates and Authorizations Module will be used to use KSeF 2.0 from February 1, 2026. Do not make them available to unauthorized persons. Treat certificates as particularly sensitive data,” informs the Ministry of Finance in a post on the X platform.

KSeF certificates

Yesterday’s implementation is an important step in preparations for the full launch of mandatory e-invoicing, which will come into force in February 2026. Thanks to the MCU, users will be able to easily manage their certificates and authorizations, which will improve the use of KSeF and increase the security of invoicing processes.

– The implementation of certificates is the last piece of the puzzle before the mandatory KSeF. Without them, it will not be possible to confirm the issuer’s identity. It is also a digital key that opens the door to the entire system – explains Piotr Juszczyk, Chief Tax Advisor at inFakt.

What is the MCU?

The expert explains that the Module of Certificates and Authorizations (MCU) is a system used to issue KSeF certificates – electronic “seals” that identify an entity in the process of issuing structured invoices. Thanks to the certificate, the entrepreneur or a person authorized by him can authenticate in KSeF, and thus safely issue, sign and send e-invoices to the system of the Ministry of Finance.

– Certificates will become one of the key tools in the new model of access to KSeF, an alternative to tokens and qualified signatures. They will enable quick and safe confirmation of user identity, and their data will be automatically included in QR codes visible on invoices – explains Piotr Juszczyk.

How to obtain a KSeF certificate?

– Obtaining the certificate will be possible online, after logging in via login.gov.pl or using a qualified electronic signature – explains Juszczyk.

It reminds that from February 1, 2026, certificates will also appear in the KSeF Taxpayer Application, which means that during the first three months, from November 2025 to the end of January 2026, they will be formally issued, but they will not be fully usable in KSeF yet.

– However, it is worth ensuring that they are obtained in advance to avoid problems in the first weeks of the system being in force – advises a tax expert.

KSeF certificate in the invoice and QR code

Certificates will not only be an authentication tool, but also an element of the invoice itself.

– In online mode, the certificate ID will be saved in the QR code leading to the invoice in KSeF. However, in offline mode, when an invoice is issued outside the system but transferred to the buyer in an agreed manner, two QR codes will appear on the invoice visualization: one leading to the content of the invoice and the other used to verify the issuer’s identity using the KSeF certificate. This solution will increase the security and certainty of trading, because the buyer will be able to immediately verify whether the invoice actually comes from the authorized entity, explains Juszczyk.

The KSeF certificate will be “dormant” for now

Although certificates will be practically dormant until the end of January 2026, entrepreneurs can already:

• check the correctness of data and authorizations of persons who will use KSeF,

• test the certificate generation process in the MCU,

• prepare the integration of accounting software with a new authentication method.

Thanks to this, from February 1, 2026, when the certificates become active in the KSeF Taxpayer Application, entrepreneurs will be able to start using the system without any disruptions.

KSeF certificate – a new security standard in e-invoicing

The KSeF certificate has a limited validity period and is assigned to a specific entity (individual or organization). The Ministry of Finance also announces the possibility of expiring and re-issuing them, which is to ensure full control over the security of access to invoice data. The certificates will be valid for 2 years, which means they will need to be renewed.

– For entrepreneurs, accounting offices and software suppliers, this is the next stage of KSeF implementation, in which not only issuing an invoice becomes crucial, but also managing rights and identity in the digital environment – ​​notes Juszczyk.