KBLI 2020 · 5-digit class

62023Provision of Electronic Certificates and Services Using Electronic Certificates Activities

Aktivitas Penyediaan Sertifikat Elektronik dan Layanan yang Menggunakan Sertifikat Elektronik

Last updated · Sourced from OSS Indonesia

This group includes activities related to the provision of electronic certification and services that use electronic certificates, such as electronic signatures, electronic seals, electronic timestamps, registered electronic delivery services, website authentication, and preservation of electronic signatures and/or electronic seals.

For foreign investors

Key facts for KBLI 62023

The essentials a foreign investor needs to know before reading the rest of this page.

  • 100% foreign ownership permitted via PT PMA. KBLI 62023 is not on Indonesia's closed, conditional, SME-reserved or partnership-required schedules under Pres. Reg. 10/2021.

  • Needs Kominfo approval on top of OSS KBLI 62023 requires sector approval from Kominfo, so the BKPM default (IDR 2.5 billion paid-up) is just the starting point — actual capital and licensing terms depend on the licence category and are set by the regulator. We confirm the exact figures before incorporation.

  • Medium-high-risk activity — requires NIB + Standard Certificate (Verified) to operate commercially. NIB alone enables only the preparation stage; a Standard Certificate must be obtained before invoicing or production starts.

  • Statutory licensing turnaround: 21 days once we submit the application — on top of the 2–3 weeks for PT PMA incorporation. We coordinate the full sequence end-to-end.

  • Issuing authority for PMA: Minister/Head of Agency — this KBLI is routed centrally rather than to provincial / regency level.

  • PSE registration with Kominfo: mandatory for any digital service offered to Indonesian users. Personal data processors must comply with UU 27/2022 (PDP Law).

  • Ongoing reporting: quarterly LKPM (Investment Activity Report) to BKPM plus 14 sector-specific obligations. We file these on your behalf as part of monthly compliance — you stay out of the OSS portal entirely.

At a glance
For Large-scale (PMA) operation
Foreign investment
100% foreign ownership allowed
No restrictions under Indonesia's BUPM regulation
Risk level
Medium-High
NIB + verified cert.
Primary license
NIB + Standard Certificate (Verified)
NIB enables preparation only — additional permit needed to operate
Setup timeline
21 Days
Statutory turnaround at OSS
Issuing authority
Minister / Agency Head
Default issuing authority
Min. paid-up capital
IDR 2.5 B + sector
Kominfo approval required on top of OSS — actual capital depends on the licence
Figures shown are for the Large business scale (Usaha Besar) — the scale at which foreign-owned PT PMA must register. Setup time and license type are what Emerhub will handle on your behalf; the regulatory matrix below is for transparency.
§ 01

Foreign investment rules

Indonesia's BUPM (Investment Business Fields) regulation places this code into one of five tracks. The track determines whether a foreign investor (PMA) can operate in this activity at all, and under what conditions.

Status · open

Fully open to foreign investment

KBLI 62023 is not on Indonesia's closed, conditional, SME-reserved or partnership-required schedules. A foreign investor may incorporate a PT PMA with up to 100% foreign ownership and operate in this activity directly.

This KBLI is not listed in any restricted, closed, SME-reserved or partnership-required schedule under Pres. Reg. 10/2021 (as amended). A 100% foreign-owned PT PMA may operate in this activity, subject to the licensing requirements shown below. BKPM's default minimum capital is IDR 2.5 billion paid-up with IDR 10 billion+ total investment commitment per KBLI realised over time, but sector regulators (OJK, ESDM, BPOM, Kominfo, etc.) can set higher minimums for specific activities — we confirm the actual figure before incorporation.
Investment momentum

IT services & software sector — Q3 2025

BKPM-reported foreign investment context for the broader sector this KBLI sits in. Data is aggregated at the major-sector level — BKPM does not publish per-5-digit-KBLI breakdowns publicly.

PMA realized
IDR 4.8t≈ USD 0.30b
+41.2% YoY
Top investing countries
Singapore47%
United States18%
Japan12%

KEK Nongsa Digital Park is the headline play — Singapore-bound software development arms set up here for proximity. Most KBLI 62xxx codes are open to 100% PMA. PSE registration with Kominfo is mandatory.

Source: BKPM (2026-04-29). Updated quarterly.

View original on data.bkpm.go.id →
§ 02

How we handle your KBLI 62023 setup

Emerhub is a corporate-services provider in Indonesia. We do the legal and regulatory legwork for foreign investors so you can focus on the business itself. Here's what the engagement looks like.

  1. 1

    Confirm the optimal structure for your business

    2–3 business days

    We confirm KBLI 62023 is the right primary code for your business, advise on secondary codes you may also need, and finalize the holding structure with you before any filing.

    What we need from you
    • Founders' passport copies and proof of residence
    • Intended share split and board composition
  2. 2

    Incorporate your PT PMA

    7–10 business days

    We draft the Articles of Association before a notary, register the entity with the Ministry of Law & Human Rights (Kemenkumham), and obtain the company's tax ID (NPWP). Under BKPM Reg. 5/2025, paid-up capital is IDR 2.5 billion (~USD 160K) — the cash actually deposited at incorporation. The IDR 10 billion+ figure many sources still cite is the total investment commitment per KBLI, realised over time via your LKPM reports.

    What we need from you
    • Powers of attorney (we prepare; you sign and notarize)
    • Director / commissioner appointment letters
    • Initial capital deposit confirmation
  3. 3

    We obtain your NIB

    1–2 business days

    We file the OSS application with KBLI 62023 as your primary business activity, complete the risk-based assessment, and collect the NIB (Business Identification Number) for you — typically within hours of submission. You don't need to touch the OSS portal.

    What we need from you
    • Office address (virtual office acceptable for many KBLIs; we can arrange one)
  4. 4

    Secure your Standard Certificate (Verified)

    21+ business days

    NIB is issued for the preparation stage. To begin commercial operations, the operator must obtain a Sertifikat Standar that has been verified by the competent ministry. The verification step typically requires a site or document inspection. Operating with NIB alone is not legally compliant. We prepare the application bundle, liaise with the competent ministry, and chase issuance through to the certificate. Statutory turnaround: 21 business days — real-world timing typically runs longer when site inspections or additional clarifications are requested.

    What we need from you
    • Technical documentation specific to your operation
    • Appointment of a Penanggung Jawab Teknis (PJT — technical responsible person)
  5. 5

    Hand-off to ongoing compliance

    Ongoing

    Post-launch we run your monthly tax filings, quarterly LKPM (Investment Activity Reports), annual general meeting (RUPS), and any sector-specific reporting. You get a single point of contact and a monthly compliance digest — no Indonesian-language paperwork on your desk.

Get an exact quote and timeline for KBLI 62023, scoped to your specific business plan.
Request a quote
§ 03

What is KBLI 62023?

A plain-English explanation of this classification and the businesses it covers.

KBLI 62023 (Aktivitas Penyediaan Sertifikat Elektronik dan Layanan yang Menggunakan Sertifikat Elektronik) is the 5-digit Indonesian Standard Industrial Classification code for provision of electronic certificates and services using electronic certificates activities. It sits within Financial and Insurance Activities under the subgroup Computer Consultation and Computer Facility Management Activities (major group 62) in the official KBLI 2020 taxonomy maintained by Statistics Indonesia (BPS).

This group includes activities related to the provision of electronic certification and services that use electronic certificates, such as electronic signatures, electronic seals, electronic timestamps, registered electronic delivery services, website authentication, and preservation of electronic signatures and/or electronic seals.

Who needs KBLI 62023?

Any Indonesian or foreign-owned entity that intends to operate in provision of electronic certificates and services using electronic certificates activities as a primary or secondary business activity must select this code on its NIB (Business Identification Number). The selected code determines the licensing instruments required, the issuing authority, and the ongoing compliance obligations.

Why does the code matter?

Indonesia's OSS Risk-Based Approach uses the KBLI code to determine three things: (1) whether foreign investment is permitted and at what cap, (2) the risk-based licensing instruments required, and (3) the authority that issues each instrument. Choosing the wrong code can delay or invalidate your license.

§ 04

IT services & software-specific guidance

Sector context that applies to KBLI 62023 beyond the generic OSS process. Verify with the relevant ministry before committing capital.

Lead regulator
Ministry of Communication & Informatics (Kominfo) / BSSN
  • ·Most IT/software activities are open to 100% PMA with no sector-specific cap.
  • ·PSE (Electronic System Provider) registration with Kominfo is mandatory for any digital service offered to Indonesian users.
  • ·Personal data processors must comply with the Personal Data Protection Law (UU 27/2022).
§ 05

Under the upcoming KBLI 2025

Indonesia's BPS published the new KBLI 2025 taxonomy in early 2025. OSS, BKPM and the operating ministries have not yet adopted it — KBLI 2020 remains the active standard for business registration. This is what's coming for this specific code.

Reorganised in KBLI 2025

KBLI 62023 does not carry the same number forward into KBLI 2025 — the activity has been reclassified, but the precise mapping isn't recorded in our database yet.

  • ·For current operations, KBLI 62023 remains valid — OSS still uses KBLI 2020 for all business registrations.
  • ·The KBLI 2025 successor codes are listed in the official BPS transition document below; check for the activity-specific mapping when planning future structures.
  • ·Once OSS announces the KBLI 2025 cutover, existing entities will need to update their primary KBLI to the relevant successor — typically straightforward.

When OSS adopts KBLI 2025, we'll migrate your existing entity to the appropriate successor code as part of ongoing compliance — no action needed on your end now.

Talk to a specialist
§ 02

Risk level by business scale

Indonesia's OSS Risk-Based Approach assigns a separate risk level for each of the four business scales. The licensing instruments required (NIB, Standard Certificate, Operating License) are determined by the risk level. Foreign-owned entities (PT PMA) must register at the Large scale, so the rightmost column applies to most foreign investors.

01

Micro

Usaha Mikro
≤ IDR 2 B turnover
Not available
OSS does not define a licensing matrix at this scale — businesses cannot register under this KBLI as Usaha at this size.
02

Small

Usaha Kecil
IDR 2 – 15 B
Not available
OSS does not define a licensing matrix at this scale — businesses cannot register under this KBLI as Usaha at this size.
03

Medium

Usaha Menengah
IDR 15 – 50 B
Not available
OSS does not define a licensing matrix at this scale — businesses cannot register under this KBLI as Usaha at this size.
04

Large

PMA scale
Usaha Besar
IDR > 50 B
Medium-High risk
NIB + ministry-verified Standard Certificate before invoicing.
What does each risk level require to operate?
Low. NIB alone is sufficient for both preparation and commercial operation. Issued instantly via OSS.
Medium-Low. NIB enables preparation only. Commercial operation requires a self-declared Sertifikat Standar (Standard Certificate). Operating with NIB alone is not legally compliant.
Medium-High. NIB enables preparation only. Commercial operation requires a Sertifikat Standar verified by the competent ministry — typically with a site or document inspection.
High. NIB enables preparation only. Commercial operation requires a full Operating License (Izin) issued by the competent ministry after substantive review.
Beyond OSS, sector-specific permits commonly apply on top — e.g. SBU for construction, BPOM for food/cosmetics/medicines, OJK for financial services, IUP for mining, PSE for digital services. See the industry-specific guidance below for what applies to this KBLI.
§ 05

Licensing requirements in detail

Specific permits, application requirements and ongoing obligations vary by business scale and the sub-activity within this KBLI. We file these on your behalf — this section is for transparency on what we'll be handling. Switch between scales below; by default we show Large (the PMA scale).

What's required to operate
NIB
Preparation only — additional permit needed below
Standard Certificate (Verified)
Important: NIB is issued for the preparation stage. To begin commercial operations, the operator must obtain a Sertifikat Standar that has been verified by the competent ministry. The verification step typically requires a site or document inspection. Operating with NIB alone is not legally compliant.
Processing time
21Days
Statutory turnaround

Application requirements

23

Documents and capabilities you must demonstrate at registration

  • 01Not to be a parent to other Electronic Certification Organizers (PSrE) and not to be under another PSrE.
  • 02Has conducted a self-assessment based on the standards for facilities and equipment issued by the Ministry.
  • 03Attach a letter of application in accordance with the format as stated in Appendix I of the Ministerial Regulation on the Implementation of Electronic Certification, which is an integral part of this Ministerial Regulation.
  • 04Meet the interoperability of PSrE Indonesia which refers to the interoperability standards of non-Agency PSrE issued by the Ministry.
  • 05Have proof of certification and report results from the assessment of the information security management system certification in accordance with applicable laws and regulations.
  • 06Have a policy document that contains a guarantee of compensation experienced by individuals, businesses, or agencies due to the failure of Electronic Certification Service Organization, whether due to intent and/or negligence in complying with its obligations as a PSrE.
  • 07Have financial capability in the form of assets of at least Rp30,000,000,000.00 (thirty billion rupiah) and submit proof of financial capability in the form of a copy of the financial statements audited by an independent auditor.
  • 08Having at least 11 (eleven) trusted personnel in the operation of facilities and equipment.
  • 09Have a Certification Practice Statement (PSrE) that refers to the Master Electronic Certificate Policy (PSrE).
  • 10Have procedures and methods to manage and operate facilities and equipment.
  • 11Submit a PSrE proposal in accordance with the format as outlined in Appendix II, which is an integral part of the Ministerial Regulation on the Implementation of Electronic Certification.
  • 12Submit a copy of the integrity proof and track record of the board of directors and board of commissioners of PSrE Indonesia.
  • 13Submit a copy of the PSrE Indonesia track record not in a state of litigation or bankruptcy, evidenced by a certificate from the district court where the legal entity is domiciled.
  • 14Have the facilities and equipment required for the implementation of electronic certification within the jurisdiction of Indonesia as follows: a. A system to manage the registration information of Electronic Certificate Owners b. A system to create and manage data for the creation of Electronic Signatures and Electronic Signature Verification Data c. A system to issue and manage Electronic Certificates granted to Electronic Certificate Owners d. A system to timestamp electronic data e. A protection system to ensure the security of facilities and equipment in the implementation of Electronic Certification f. A verification system for the Electronic Certificates of Electronic Certificate Owners (validation authority) which includes: i. Online Certificate Status Protocol (OCSP) ii. Certificate Revocation List (CRL) iii. Have or have full control over the facilities and equipment needed to provide certified services conducted within the jurisdiction of Indonesia, including:
  • 15Tanda Tangan Elektronik
  • 16Segel Elektronik
  • 17Penanda Waktu Elektronik
  • 18Layanan Pengiriman Elektronik Tercatat
  • 19Website Authentication and/or
  • 20Preservation of Electronic Signatures and/or Electronic Seals
  • 21Have the following documents: a. Business plan b. Business sustainability plan c. Disaster recovery plan d. Report on electronic system testing (stress test and load test) and information security analysis (penetration test),
  • 22Obtain a Passing Certificate of Feasibility Assessment from the Certification Body for Electronic Certification, which assessment refers to: a. Standards issued by the Ministry of Communication and Information Technology, including: i. Standards for PSrE facilities and equipment ii. Interoperability standards iii. Identity verification standards iv. Electronic Certificate Policy (Certificate Policy) for PSrE b. Guidelines issued by the Ministry of Communication and Information Technology c. Other standards mentioned in the Ministerial Regulation on the Implementation of Electronic Certification d. International best practices used by PSrE Indonesia in its services
  • 23Implement a business management system that refers to the guidelines issued by Kominfo, including: a. Standards for Facilities and Equipment of Electronic Certification Organizers, which require certification of Information Security Management Systems b. Operational Guidelines for Electronic Certification Organizers c. Electronic Certificate Policy of the Main Electronic Certification Organizer, which regulates guarantees of compensation, business plans, business continuity plans, disaster recovery plans, and other guidelines that refer to international best practices.

Ongoing obligations

15

Compliance and reporting duties throughout operation

  • 01Melaksanakan audit terhadap otoritas pendaftarannya (registration authority)
  • 02Validate the Electronic Certificate.
  • 03Provide education to prospective owners and/or owners of Electronic Certificates regarding the use and security of Electronic Certificates.
  • 04Notify the Subscriber Agreement and the privacy policy of the Electronic Certification Provider to prospective owners and/or Owners of the Electronic Certificate.
  • 05Memberitahukan Pernyataan Penyelenggaraan Sertifikasi Elektronik (Certification Practice Statement) Penyelenggaraan Sertifikasi Elektroniknya kepada pihak lain yang menggunakan jasa PSrE Indonesia
  • 06Create a list of active and revoked Electronic Certificates by managing the verification system of Electronic Certificate Owners (validation authority).
  • 07Maintain archival documents systematically and responsibly in both written (paper-based) and/or electronic (electronic-based) forms.
  • 08Check the accuracy of the identity of the prospective owner and/or the owner of the Electronic Certificate.
  • 09Requesting the Minister's approval in the event of changes to the PSrE Indonesia services that differ from the provisions in the Electronic Certificate Policy of the Main PSrE.
  • 10Renewing the PSrE Certificate that is about to expire.
  • 11Mempublikasikan Pernyataan Penyelenggaraan Sertifikasi Elektronik (Certification Practice Statement) Penyelenggaraan Sertifikasi Elektroniknya di situs resmi layanannya
  • 12Manage and secure the system that stores the identity of the Electronic Certificate Owner.
  • 13Guaranteeing losses due to the failure of Electronic Certification Services, intentional acts, and/or negligence to individuals, businesses, or agencies due to their failure to comply with obligations as PSrE in accordance with legal regulations.
  • 14Submit a report on Digital Identity Provision activities to the Minister at least once (1) a year or at any time upon request.
  • 15Registered as an Electronic System Organizer at the Ministry.

Issuing authority

The authority that issues the license depends on your situation.

AuthorityApplies when
Minister/Head of AgencyAll
Minister/Head of AgencyForeign Investment
Emerhub advisor
Speak to Emerhub

Get your KBLI 62023 setup handled end-to-end.

Emerhub is a corporate-services provider in Indonesia. We handle PT PMA incorporation, licensing, tax registration and monthly compliance — so you focus on operating the business.
Get a quote for KBLI 62023