KSeF 2.0 in practice – new possibilities for attachments, payments and certificate management

After nearly a year of intensive consultations with entrepreneurs, accountants, and IT experts, and following the publication of the final documentation, the Ministry of Finance unveils KSeF 2.0 with an improved FA(3) logical structure. This is not a minor tweak — as of February 1, 2026, FA(3) will replace the current FA(2) without any transition period, introducing, among other things, flexible payment terms, the ability to attach files directly to the invoice, new VAT group identifiers, as well as improved IBAN handling and expanded description fields.

For businesses, this means the end of “guessing” payment dates and the tedious management of email-based documents — instead, KSeF 2.0 will offer clear rules, modern authentication, and local encryption in all operating modes. It’s time to update systems and train teams, because in just six months FA(3) will become the mandatory standard in Polish e-invoicing.

FA(3)

The FA(3) logical structure will replace the currently used FA(2) logical structure. In the new structure, the Ministry will, among other things, allow the attachment of files, provide new options for defining payment types and VAT specification, improve the handling of bank accounts (IBAN), expand descriptive fields, and limit the requirement to include the contractor’s address. The FA(3) structure will also feature an expanded field related to the taxpayer type — here, new VAT group identifiers will be introduced.

Authentication

The authentication model based on the JWT token separates authentication as an independent process. This allows the creation of multiple sessions and the management of tokens (including token refresh and revocation).

Both connection session modes with KSeF (batch and interactive) will be mandatorily encrypted locally using an AES key in an asymmetric encryption model — not only in batch sessions as was the case previously.

API 2.0

Standardization of API 2.0 naming conventions and data structures in messages exchanged between taxpayers’ systems and KSeF.

Certificates

The new module for managing KSeF authentication certificates will allow entities to request certificates containing only selected attributes of the authentication signature, download them in digital form or as a list of metadata of issued certificates, and check the applicable limit on the number of certificates.

Permissions

Changes to permissions and a new interface will make it possible to grant access rights specifically to selected entities in such a way that, for example, an employee of an accounting office will not have access to the invoices of a taxpayer who is not within their scope of responsibilities. Moreover, the new method of assigning permissions will enable EU-based entities to handle self-billing on behalf of Polish taxpayers.

Summary

The implementation of KSeF 2.0 is a milestone in the digitalization of tax settlements. Entrepreneurs can expect greater flexibility in attaching files, defining payment types, and handling various forms of self-billing. It is worth familiarizing yourself with the KSeF 2.0 documentation today and preparing your systems for integration with the new version of the platform to fully leverage its capabilities and meet upcoming requirements.