The digitalization of public administration has led to the fact that business interaction with supervisory authorities has moved online. SEP portal (Electronic Document Management Systems) has become a key entry point for legal entities wishing to legally interact with the Federal Customs Service, Federal Tax Service and other departments. Without the use of this tool, the full-fledged activities of importers and exporters in modern conditions is practically impossible, since all declarations and notifications are submitted exclusively in electronic form.

The implementation of the system required entrepreneurs to master new skills in working with cryptographic protection and digital signatures. Many companies encounter difficulties during the initial setup of the workplace of an employee responsible for foreign trade activities. Errors at the stage of configuring browsers or installing certificates can lead to long downtime and delays in delivery of goods, which entails financial losses.

In this article we will analyze in detail the technical and legal aspects of working with the portal. You will learn how to correctly register a legal entity, what requirements apply to software, and how to avoid common mistakes during authorization. Proper system setup is the foundation for the smooth operation of your logistics department.

What is the BOT system and why does business need it?

Electronic declaration system (EDS), often called simply SEP, is a software package that ensures the exchange of data between participants in foreign trade activities and customs authorities. This is not just a site for filling out forms, but a secure gateway that guarantees the legal significance of the transmitted documents. Using the portal allows you to reduce the time it takes to release goods and minimize the human factor when processing data.

The main function of the system is to receive and process electronic declarations for goods (EDT). A legal entity generates a package of documents, signs it with an enhanced qualified electronic signature (ECES) and sends it to customs. Verification statuses, requests for additional documents and final decisions also come through this communication channel.

It is important to understand that working with the portal requires strict adherence to regulations. Legal force documents are assigned precisely at the moment of successful transmission through the electronic transmission system and recording the time of sending. Any paper copies that do not go through the system are considered secondary and may only be requested by the inspector for verification in exceptional cases.

  • 📦 Possibility of submitting declarations 24/7 without reference to the working hours of the customs post.
  • 🔒 Guaranteed protection of trade secrets through the use of GOST encryption protocols.
  • ⚡ Automatic check of completed fields for logical errors before sending.

⚠️ Attention: Working with the SEP portal is only possible using cryptographic information protection tools (CIPF) certified by the FSB of Russia. The use of uncertified analogues will result in refusal to accept documents.

Technical requirements and workplace preparation

Before proceeding with registration, you need to make sure that the foreign trade specialist’s computer meets strict technical requirements. Unlike conventional web services, EPS requires the installation of specialized software for working with electronic signatures. Without this step, the browser will not be able to “see” your passkey.

First of all, you need to install drivers for the token (Rutoken, JaCarta or eToken) on which the certificate is stored. Then a crypto provider is installed on the computer, most often this CryptoPro CSP version 5.0 or higher. It is this component that is responsible for generating a digital signature and encrypting the communication channel.

Particular attention should be paid to browser settings. The system works optimally with Chromium-based browsers (Yandex.Browser, Google Chrome, Microsoft Edge), but requires the installation of a special plugin - CryptoPro Extension. Also in the browser settings you need to add the portal address to the list of trusted sites and allow the execution of active scripts.

For correct operation, manual adjustment of the registry or configuration files is often required. For example, you may need to set paths to DLLs or change Java security settings if you are using an older scanner client. All components used must have valid licenses.

💡

Before installing token drivers, be sure to close all browsers and antivirus software. This will prevent conflicts between library versions and ensure correct registration of devices in the system.

Registration in the system is a multi-step process that requires care when entering details. An error in even one TIN or PPC character can lead to documents being sent to the wrong place or the system giving an authorization error. Initial setup usually takes from 30 minutes to 2 hours, depending on the preparation of the documents.

To get started, you need to go to the official customs website or the specialized SES portal. In the registration section, select the type of participant - “Legal entity”. The system will request data from the certificate of registration and tax registration. These data must completely coincide with the extract from the Unified State Register of Legal Entities.

The key point is to link the electronic signature to the account. You must download the certificate's public key and verify ownership of the private key by signing a test message. After the data is checked by moderators (or automatically, depending on the region), the company receives access to your personal account.

During the registration process, a foreign trade participant questionnaire is filled out, which indicates activity codes and intended product groups. This helps the system automatically route declarations to the right inspectors. Also at this stage, access rights for company employees are configured.

☑️ Check before registration

Done: 0 / 1

Authorization and login to your personal account

Login to the system is carried out exclusively using an electronic signature. Standard logins and passwords used in regular services are not used here or serve only as an additional layer of protection. When you try to log in, the system automatically asks you to select a certificate from the list of those available on your computer.

If several certificates are displayed in the list, you must select the one issued in the name of the director or authorized representative of the company whose details were specified during registration. After selecting a certificate, you will need to enter PIN code from the token. If you enter the wrong PIN code three times, the token may be blocked.

A common problem is the message “Certificate not found” or “Invalid date on the computer.” In the first case, it is worth checking whether the token is inserted into the USB port and whether the indicator on it is lit. In the second, check the system time: a discrepancy of more than 5 minutes can lead to an error checking the validity of the certificate.

For the convenience of working in large companies, it is recommended to set up automatic login or use a single authorization center (USIA), if such integration is available in your region. This allows employees to log in without constantly entering a PIN throughout their shift while maintaining a high level of security.

  • 🔑 Make sure that the digital signature certificate has not expired.
  • 📅 Check the accuracy of the system time and time zone on your PC.
  • 🌐 Make sure that your antivirus does not block the cryptography plugin.
What to do if the token is not detected?

If the computer does not see the token, try moving it to another USB port, preferably directly to the motherboard, and not through a USB hub. If this does not help, check the Device Manager (section “USB Devices” or “Smart Card Readers”). If the device appears with a yellow exclamation mark, you need to reinstall the drivers. In rare cases, it is necessary to update the firmware of the token itself through the manufacturer's utility.

Selecting a cryptographic information protection tool (CIPF) is a critically important step. Stability of operation and compatibility with various government portals depend on this. There are several main players on the market, each of which has its own specific implementation of encryption algorithms.

The most common solution is CryptoPro CSP. This is the de facto standard for working with Russian government services. The product is highly stable, but is commercial and requires the purchase of a license for each seat. There is also a free trial version, but it has time limits.

An alternative is VipNet CSP, which is often used in the corporate sector and security-related structures. It offers its own protection mechanisms and requires the installation of its own set of drivers. Compatibility between VipNet and CryptoPro on one computer can be difficult, so it is recommended to use dedicated machines for each CIPF.

Rutoken, JaCarta, eToken

Rutoken, JaCarta

Rutoken, JaCarta

Average

High

Low

Parameter CryptoPro CSP VipNet CSP Contour.Diag
Cost Paid license Paid license Free (basic)
Compatibility with PDS Full Partial Diagnostics
Token support
Difficulty setting up

There are also free utilities such as Contour.Diag or CryptoPro DRE, which are not full-fledged CIPF, but allow you to diagnose the state of the system, check the integrity of certificates and test the operation of tokens. Their presence on the computer of a foreign trade specialist is highly desirable for prompt resolution of problems.

💡

For stable operation of the SEP portal, in 95% of cases a licensed version of CryptoPro CSP is required. Attempting to use pirated versions will result in unstable performance and potential legal risks.

Typical errors and methods for eliminating them

During the operation of PDS, users often encounter technical failures. The most common error is “The page cannot be found” or the connection has timed out. This is often not due to a malfunction of the portal, but to problems on the provider’s side or the settings of the corporate firewall, which can block protected ports.

Another common problem is a signature format error. It occurs when the system has an outdated version of the crypto provider that does not support new hashing algorithms (for example, the transition to GOST 2012). In this case, you need to update the software to the latest version from the official website of the developer.

Authorization errors “Incorrect login or password” in the context of EPS usually mean a problem with certificates. It is possible that a lot of old certificates have accumulated in the Windows registry, and the system is selecting the wrong one. Clearing your personal certificate store of expired entries often resolves the issue.

If the error “Incorrect document structure” occurs when sending a declaration, you should check the relevance of the forms. Customs legislation is changing and XML file formats are being updated. Using old templates in accounting programs can lead to document rejection.

  • 🔄 Clear your browser cache and cookies if you have problems displaying pages.
  • 📜 Check the certificate trust chain in the Windows store.
  • 🛡️ Add the portal address to your antivirus and firewall exceptions.
📊 What problem do you face most often?
Token connection error: Problems installing drivers: Signature format error: Connection timeout:

Working with the EPS portal involves the transfer of confidential commercial information. The legal entity bears full responsibility for the safety of the electronic signature keys. Losing a token or sharing a PIN code with third parties is equivalent to handing over a company seal and can have serious consequences.

If the key is compromised (lost token, suspected hacking), you must immediately submit an application to the certification center to revoke the certificate. Only after this a new key is issued. All actions performed using the lost key until it was blocked are considered to be performed by the owner.

The law requires that archives of sent and received documents be kept for a specified period (usually at least 5 years). The SEP portal provides the ability to upload history, but it is recommended to duplicate important documents on local media or in the company’s secure cloud storage.

⚠️ Attention: Never leave a token with an inserted digital signature in the USB port of your computer unattended, even if you are gone for a couple of minutes. This is a direct violation of information security rules.

FAQ: Frequently asked questions

Is it possible to work with the SEP portal from a home computer?

Yes, technically this is possible if all the necessary components are installed on your home PC: token drivers, crypto provider and browser configured. However, from a security point of view, this is not recommended if the computer is used by other family members or is not protected by corporate antivirus.

What should I do if the certificate has expired while filing my return?

A declaration signed with an expired certificate will be automatically rejected by the system. It is necessary in advance, at least 2 weeks before the end of the period, to submit documents to the certification center for re-issuance of the key. The process may take several days.

Do I need to register each employee separately?

No, registration is for a legal entity. However, to differentiate access rights and personalize responsibilities, it is recommended that each employee working with the system be issued a separate electronic signature (additional) or set up internal logins within the corporate profile, if the portal functionality allows this.

How to check whether the declaration has reached customs?

In the personal account of the SEP portal there is a section “History of sent documents” or “Declaration statuses”. A chain of statuses is displayed there: “Sent”, “Accepted”, “Registered” or “Rejected”. Notifications are also sent to the email specified during registration.