Belgian Peppol Service Providers Forum - content area

Contents

Hermes Access Point Whitelisting - Testplan

Preamble

Hermes (hrms) offers the possibility to Service Providers operating a Peppol Access Point (AP), to integrate hrms into their outbound invoicing services. This testplan lets the AP check the behavior of hrms in the different scenarios. APs can familiarize themselves with hrms, including instances when sent invoices fail hrms validations .

This testplan is designed to require minimal input, effort and time from the AP. The complete execution takes less than 1 hour. BOSA advises to agree on a joint schedule, but this is up to the AP to decide.

1. Description of the test session

The test consists of the following steps. (More details below in section 2)

1. Kick-off
   BOSA and AP meet and greet, agree on the setup and exchange the information required to execute the set of round and launch the tests.

2. Initial round
   This test set validates the behavior of hrms when the AP is not yet registered on the whitelist.

3. Main round
   This test set validates the behavior of hrms when the AP is registered on the whitelist and no email address is recorded.

4. Final round (optional)
   This test set validates the behavior of hrms when the AP is registered on the whitelist and a central email address is recorded.

5. Wrap up
   BOSA and AP share their findings, observations and conclusions. They sign off the results. This closes the session.

2. More details

There are only 2 details worth noting: (a) what information must be exchanged at kick-off and (b) what is the sequence of each test round.

(a) what information must be exhanged at kick-off?

• The AP must provide the following information to BOSA:

  • enterprise number of a sender for which the AP registered MLR Receiving Capabilities

  • email address (4.. Final round) : if the AP wishes to test the scenario where hrms returns negtive feedback by email to a centralized email address :

• BOSA will hand over the set of (9) invoices (xml’s) to be used through the different runs - tuned to the AP’s context. These 9 xmls cover the different cases that need to be checked. For info, please find  here a zip file containing the 9 sample reference xml invoices.
  [NB: if, exceptionally, the enterprise communicated by the AP is registered in the hrms senders list, BOSA will remove it for the sake of the test]

(b) what is the sequence of each test round?

Each round only takes 2 simple steps:

1. AP sends the 9 invoice and informs BOSA once the set is duly sent.

2. BOSA (a) tracks the outcome of each invoice sent (based on the ID of each invoice), (b) modifies the hrms configuration for the next round, and (c) gives the GO to the AP to move to next round.

Conclusion

The testplan is designed to require minimal input, effort and time from the AP.

This is the opportunity for the AP to get first hand, in only a few minutes, a glimpse of the workings of hrms.

BOSA invites all APs to take this opportunity.

CBE Identification scheme ID migration (9956>0208)

Status

• Introduction of schemeID 0208 completed :

  • initiated with Peppol BIS schematron summer 2020 release

  • completed at the initiation of the schemeID 9956 removal

• Removal of schemeID 9956 :

  • Deprecation

    • initiated with the BIS schematron spring 2021 release and

    • completed with the BIS schematron fall 2021 release

  • Removal : scheduled Sep 1, 2023

History

Background

• In an initial phase of the use of Peppol, the Belgian enterprise number has been assigned a Peppol schemeID in 2016 (9956).

• The introduction of the EN 16931 caused the need to replace schemeID 9956 by an ICD-compliant new schemeID. FPS Economy, owner of the enterprise number, proceeded with the due registration of the enterprise number. ICD 0208 was assigned in april 2020, and recorded in EAS in june 2020.

• Consequently the migration of 9956 to 0208 introduction was necessary. It was coordinated in the present section.

Timeline

Open

Additional Coordination notes

• Due to the remaining use of the old BIS (2.0) MLR (aka. "MLRv1") at end of the migration May 1, 2021 , schemeID 9956 removal could not be scheduled. Deprecation of old BIS MLR was not possible until BIS IMR was duly introduced in B2G invoicing. Use of BIS IMR to return B2G invoice responses was introduced in March 2022; use of old BIS MLR to return B2G invoice responses was interrupted in September 2022. -> schemeID 9956 removal discussions are reprogrammed on the SP forum.

• At forum Sep 15, 2020 it was decided that the minimal scenario will be complemented with regular monitoring by BOSA (see below : share periodic progression data). Progress on the 3 stages will be monitored on the basis of a questionnaire that will be sent out on a monthly basis. The 3 identified stages are :

  • Stage 1 : Stop registering new participants under scheme ID 9956.

  • Stage 2 : Finish migrating 100% of portfolio from scheme ID 9956 to scheme ID 0208.

  • Stage 3 : Exclusive use of Scheme ID 0208 for all existing and new participants.

• At Jul 14, 2020 forum there was no clear preference for any migration support discipline. Consequently the only official migration scenario is the minimal one, where each SP is solely responsible of meeting the schedule and the possible negative impact of missing milestone B. BE PA will nevertheless reassess options and at least gather and share periodic progression data.

Decommissioning old BIS Billing (2.0) - incl. old BIS decommissioning enforcement on smp.belgium.be

• Since Jun 28, 2020 smp.belgium.be throws a BELMA-306 error code upon attempt to register a non-BIS (3.0) document type prior to registering the equivalent BIS.

• The Belgian Government took measures to phase out all non-BIS (3.0) traffic reaching it. old BIS (2.0) BILLING receiving capability of Government entities was removed (a) from the test environment on Oct 1, 2020 and (b) from production on Mar 31, 2021 .

NB: Although this is not supposed to happen, technically speaking, smp.belgium.be does not reject new registration based on old BIS (2.0), provided that BIS (3.0) equivalent receiving capability is already registered, no explicit cleanup of old BIS-based receiving capabilities has been executed yet on smp.belgium.be . Until the removal of the related identifier is decided, it is the responsibility of each service provider to duly assist their end users in properly de-registering deprecated receiving capabilities.

Hsmp migration token collection interface

Abstract

• As a result of the Hermes initiative, all active Belgian enterprises are registered on Peppol. 98% of them are registered on HermeSMP and ready for migration onto another solution ( + smp). No Belgian enterprise can be registered “from scratch” anymore. In order to speed up the migration of Belgian enterprises out of Hermes (hrms) towards a suitable e-invoicing tool, BOSA decided to (1) initiate migration for all hrms participants and (2) let HermeSMP (hsmp) expose a (secure) Migration Token Collection Interface (mtci).

• The interface specifications were submitted to a review round to the Belgian SP/AP forum members in June 2020. The first stable version of the specs were posted below on Jul 3, 2020 . The interface is ready for tests as of Sep 14, 2020 The testing window closed on Oct 16, 2020 . No specific bug were reported during the testing window. Consequently, BOSA has initiated the acceptance and go-live phase of hsmp mtci.

• The specs and other useful documentation are maintained below.

Specifications

1. Swagger: compliant with the applicable standards, this API is subject to one single and comprehensive, machine- and human-readable specification file: hsmp_migration_key.yaml
   NB: human-readable rendering can be made more convenient by using specific editors, such as https://editor.swagger.io/

2. Test Plan: compliant with applicable standards, the following resource is made available to enable any (future or current) API-user to perform local tests during its development cyccle: HSMP_migration_key.postman_collection.json (Postman)

NB: above specifications include all possible cases/scenarios, including exceptions/errors. Additionally, during the API development cycle the list of response codes was gradually elaborated and discussed using the table 1 below. This information is still available for tracking purposes only.

Online User-Testing data - practical aspects

The API is available in a test environment to support online user-tests at the end of the user development cycle. This section explains how online tests are organized.

how does it work

1. We prepared 20 datasets. Each tester gets his own dataset so he can perform his own test without risk of clash with any other tester.

2. Upon request to BOSA, each tester will get an own test dataset assigned.

3. Test data will be recycled daily.

4. Below you find a matching of the test data with the scenarios to be tested.

matching test data - test scenario:

(a) Preamble:
- each dataset is subdivided in types of participants,
- each participant of a given type is suitable for a given test scenario.
- bullet (b) below lists the types , and bullet (c) below lists the matching of the types with the datasets

(b) Types of participants:
Type 1: Participants registered in HSMP but not registered in SMK. These are not valid KBO enterprises and therefore cannot be used to migrate to Belgium SMP. (Can be used for load testing, black listing...)
Type 2: Participants flagged as migrated in HSMP but not registered in SMK.
Type 3: Participants flagged as deleted in HSMP but not registered in SMK.
Type 4: Invalid participants.
Type 5: Participants registered in HSMP and in SMK. These are valid KBO enterprises and therefore can be used to migrate to Belgium SMP.

(c) Matching with test cases (cf Postman documentation)

Additional information:

1. https://documenter.getpostman.com/view/11381713/T17FCUqp?version=latest

2. Blacklisting:

   1. This service allows a maximum of 1000 collections per day. The system will blacklist any user exceeding this level. The affected user will have to contact BOSA (service owner) to request reactivation.

   2. As an alternative, the user planning to exceed 1000 collections a day, can contact BOSA to schedule the operation. He will then be temporarily authorized to exceed the limit mentioned above.

3. Schedule and progress: see table 2 below.

Version history

This section will track the publication of updates of the documentation.

1. Initial draft published Jun 3, 2020 for review purpose.

2. First stable version published Jul 3, 2020 along with initiation of development work.

3. Sep 11, 2020 ready for acceptance testing. Resources HSMP_migration_key.postman_collection.json, hsmp_migration_key.yaml and https://documenter.getpostman.com/view/11381713/T17FCUqp?version=latest updated. Overview error codes added. planning updated.

4. Sep 22, 2020 (1°) Testing phase schedule adapted. (2°) Test datasets descriptions posted and practical details info updated (in line with our discussions on Sep 15, 2020 and the availability of one dataset per tester).

5. Oct 23, 2020 publication of test results and move to acceptance / go-live phase.

Table 1 - Responses

Table 2 -Schedule and progress

Table 3 - Summary of testing phase results

Abstract: All SPs ave been given the opportunity to test hsmp mtci. at Oct 19, 2020 , 6 datasets were distributed. Positive test results were received from 4 testers. No negative feedback was received.

Hermes agreement framework

Hermes helps leveraging B2G e-invoicing adoption on B2B e-invoicing adoption in Belgium. It makes it possible to Belgian Peppol invoice senders, to reach all their Belgian customers on Peppol. For juridical reasons, its use requires a specific agreement between the sender and the Belgian government (represented by BOSA), in addition to the Peppol agreements. Service providers are invited to support this and integrate Hermes in their service offering. Access to Hermes is free of charge for the Service Provider. BOSA designed agreements that fulfill these purposes. The Belgian SP/AP forum members reviewed the initial agreements (minimal viable product) in June 2020, and the updated agreement (improved version) in Q3 2022. In this latest version, the agreement as such provides the terms and conditions that specifically apply to the integrator, while other terms and conditions are listed in annexes listed at the end of the agreement. It is the case of (a) generic terms and conditions, (b) terms and conditions that apply to the sender, in his quality of user of Hermes, and the receiver in his quality of end-user (ultimate beneficiary) of Hermes, and (c) technical, functional and security guidelines.

The Hermes integrator agreement template can be found at the following address:

French : Hermes - Convention Intégrateur (belgium.be)

Dutch: Hermes - Integrateur Overeenkomst (belgium.be)

Answers to questions posted by SPs during 8th edition of the forum (23/06/2020)

Hermes – possible confusion with some Peppol principles – clarification (published 15/06/2020)

Context

With Hermes, BOSA SD implements the mandate formulated by the Minister of Digital Agenda in his policy note 2018, in respect of the solution described in the tender “BOSA 2018/M1087”, also approved by the Minister.

The policy goal is to help the suppliers to get a faster payback for their initial efforts to comply with Government requirement to use Peppol. The proposed solution is to (a) publish Peppol BIS Billing receiving capabilities for all Belgian enterprises (except the ones already publishing such capabilities), and (b) build a system that converts Peppol BIS invoices into equivalent PDF and forwards these by email to the receiver. This brings all Belgian enterprises within the reach of the Peppol senders - and their service providers.

In addition to the pay-back effect for the senders, the use of Hermes offers 4 strategic advantages:

1. It reduces the friction between the senders and the receivers. By converting Peppol BIS into PDF, Hermes gives more freedom to each party in the management of his e-invoicing transformation. For senders, it removes the need to maintain multiple channels (at least for domestic traffic).

2. It provides a communication channel to Belgian enterprises: in addition to the invoice, the email sent by Hermes also provides information to the enterprises about the available solutions on the market, thereby speeding up the adoption. Moreover, the enterprises receive the information along with the invoices. This is the moment where they are supposed to be most sensibilized.

3. It generates a significant growth of the volume of invoices that can be processed automatically. This will turn into a better/broader sharing of the costs of technology and boost the development of new tools. Consequently, it will help the IT sector to grow, and the Belgian enterprises to find suitable solutions at affordable prices.

4. It will also benefit to B2G adoption:

   • Directive 2014/55 obliges the public sector to receive e-Invoices, but it doesn’t oblige the private sector to send them.

   • This creates a risk that the public sector does not receive sufficient invoices to compensate the investments made to meet the obligation.

   • Hermes provides an additional motivation to the senders, and thus reduces the risk described above.

Hermes is only a temporary solution. In the Peppol terminology, all Hermes receivers are ready to migrate from day one. As soon as such receiver finds a suitable and affordable tool to automate the inbound invoice processing, he/she migrates onto it. Once a sufficient adoption of interoperable e-invoicing is achieved, Hermes will retire. The sooner the better.

Purpose of this paper

To use Hermes, Peppol senders must meet three conditions: (1°) be a Belgian enterprise, (2°) accept the conditions of use of Hermes and (3°) communicate the email address of their client. The degree of alignment of some of these conditions with the Peppol principles, seems to cause confusion to some stakeholders. The purpose of the present paper is to clarify how these conditions relate to the Peppol specifications.

Be a Belgian enterprise

BOSA SD is a Belgian Federal public service. It can only provide service to Belgian enterprises. Consequently Hermes can only handle invoices sent by Belgian enterprises. If Hermes would also handle invoices sent by foreign enterprises, it would clearly fall outside the scope of action of BOSA. BOSA cannot afford to take this risk.

This condition does not seem to be the subject of a discussion, hence it does not require any additional clarification.

Accept conditions of use

Description

Hermes is an intermediate component between the sender and the receiver. It cannot operate without a clear mandate from one of the two parties. Obviously it is not feasible to receive such a mandate from every Belgian enterprise. Therefore it must be mandated by the sender.

Clarification

In the first place, this formality is not related to Peppol. No entity, private nor public, can act as an intermediate without having an agreement with at least one of the parties. It is also needed to clearly delineate the boundaries of the service, such as the domestic coverage (previous condition). Therefore, in the current design of Hermes, this aspect is handled outside of any Peppol-related consideration, before even considering Peppol. Peppol comes into play in many other aspects of Hermes, but not in this one.

More specifically, Hermes must not be confused with a receiving Access Point (C3). It is situated in the business layer (C1 – C4). In C1, Hermes offers a solution to the sender to capitalize on their existing interoperable outbound invoicing systems. In C4, it is a gateway that takes care of the last mile, after the Peppol transmission. It is based on a non-ambiguous identification of the suppliers and customers coming from the authoritative source of Belgian enterprises. Such a construction indeed is difficult to map in the Peppol model. The Hermes reasoning supersedes the Peppol reasoning, it does not contradict it.

Email address

Description

By design, all invoices sent to Hermes must be converted to human readable format and forwarded by email to the final destination. Therefore the correct email address of the receiver is required. As this email address can depend on many factors (even for the same receiver), the supplier (sender of the invoice) must provide the correct address. The only other way to handle this need would be to store a suitable email address for every Belgian company in the Hermes configuration data. During design, this option was judged excessively complex and disproportionate.

Clarification

Requiring extra information on top of the BIS is not uncommon. Most if not all invoices exchanged over Peppol contain information that is not mandatory but nevertheless indispensable in the specific business scenario of the invoice. For instance, the Flemish government requires a Purchase Order number. The need for an email address is considered to be proportional to the scenario addressed by Hermes.

Conclusion

On the basis of the political mandate, the legal checks and the clarifications above, BOSA is confident that the Hermes construction cannot reasonably be judged to be in contradiction with the Peppol principles. On the contrary, deep down the fundamental principles of Peppol we can find the core principle of inclusiveness. Hermes increases alignment of Peppol with this core principle.

Additionally, BOSA explores possibilities to improve the alignment between Peppol and Hermes. The most likely option would be to define a national use case. This is the subject of an upcoming effort and is driven by additional factors and constraints.

Hermes documents review round 202006 - closed

Abstract

• This section shares information with the Belgian Service providers about Hermes in the context of a draft review round.

• Timewise, this round

  • started with a presentation during the 7th Belgian AP forum on May 26, 2020 .

  • closes on Jun 18, 2020 .

• Review participants are invited to provide their comments by email to peppol@bosa.fgov.be.

• Following documents are in the scope of this review round:

  1. the conditions of use for senders and its technico-functional annex,

  2. the integrators agreement,

  3. the migration token collection interface specification.

Documents

(hsmp) migration token collection interface - Test Plan

Introduction

Currently only the Table of Contents of the text plan is available. However ,once it is reviewed, the Test plan will be elaborated and packaged as a Postman Project that suits for the testing of the interface. The graphical representation of the high-level description is also provided. notice however that an inconsistency was found when comparing the TOC and the viusal - the error 3 seems to overlap hsmp801. This is under investigation

High-Level Description / “table of contents”

Visual

Open

(hsmp) migration token collection interface - Additional info

Proposed schedule

Currently, no need for such an additional piece of documentation is identified. During the specifications review round, review participants are invited to describe the additional documentation they would need, if any.