New Security Rules for the Cryptographic Key: What You Need to Know Before July 2026

The Ministry of Finance (MH), through the General Directorate of Taxation, has announced the implementation of new security parameters for the PIN used in cryptographic keys that sign electronic tax documents.

This change aims to strengthen the security of electronic invoicing processes and will have a direct impact on the generation of new cryptographic keys.

What happens to current cryptographic keys?

Existing cryptographic keys will remain valid until their expiration date, unless the taxpayer decides to revoke them earlier.
No immediate action is required for keys that have already been issued.

What are the new security requirements?

Under the new policy, the MH has established stricter requirements for the cryptographic key PIN, including:

• Minimum length of 14 characters (previously 4 digits).
• At least one uppercase letter.
• At least one lowercase letter.
• At least one number.
• At least one special character.

When will these changes become mandatory?

The new security policies will be mandatory for all cryptographic keys generated as of July 27, 2026.

Transition period

Until July 26, 2026, the Ministry of Finance will continue to allow the generation of cryptographic keys using the current 4-digit PIN.
All cryptographic keys generated under this policy will remain valid until expiration or revocation.

Will the process to obtain a cryptographic key change?

No. The procedure for generating cryptographic keys remains unchanged.
Keys will continue to be issued through the TRIBU-CR platform.

Is your invoicing system ready for these changes?

At LLB Solutions, we help you comply with the new MH security policies and ensure the continuity of your electronic invoicing processes.
Contact us and receive specialized advice.

info@llbsolutions.com |  Localización Costa Rica