• forIndividuals
  • forBusiness
  • forCommunity
search
About usFact sheetsPrimary legislationWhat's new?
DictionaryTeachingContact usSite mapLinks
click to go home


Our Fact Sheets provide a detailed account of 29 areas of law as they apply to the Internet

Fact Sheets



IIA releases draft Cybercrime Code of Practice in July 2003

Shop online

Secure electronic transactions

1. Legal risk of using credit cards to purchase goods on the internet

Credit card details may be intercepted on the way to its destination and used by a third party or the business (website) might use credit card information improperly.

Security measures such as encryption help to ensure the safe handling of credit card information. See Secure Electronic Transactions Fact Sheet and the discussion below.

Many credit card companies offer what is known as "chargebacks" to internet shoppers. This allows a credit card holder who pays for goods or services to dispute some or all aspects of the transaction through the payment card issuer. Where disputes occur, chargebacks allow consumers to bypass legal proceedings by encouraging the resolution of disputes with traders. See Trade Practices and Consumer Protection.

2. Key Elements of a Secure Electronic Transaction

The key elements of a secure electronic transaction (and e-commerce) are:

Authentication: verifying the identity of trading partners; (discussed below)

Validation: creating secure, time-stamped and archived digital records of online transactions; (discussed in Digital Signatures and Encryption of Data); and

Payment: discussed in Digital Signatures, Encryption of Data and Electronic Payments System.

3. Authentication (1)

The reliable identification of parties and the electronic communications attributed to them is a basic pre-requisite for secure electronic transactions. Electronic transactions may carry substantial legal and financial liabilities if one party is not who they purport to be or a communication is incorrectly or fraudulently attributed to a party.

Digital signatures utilising public key infrastructure (PKI) are the dominant security measures in place for signing and authenticating electronic communications.

A transaction using PKI consists of the following:

(a) a subscriber (S) for a digital certificate in which the identity of S will be linked to a public key associated with a private key controlled by S;

(b) a certification authority (CA) which issues the digital certificate to the subscriber and the relying party (below) and a registration authority (RA) which carries out the subscriber identification process; and

(c) a relying party (RP) who receives a digitally signed electronic communication and acts in reliance on the digital certificate by using the public key stated in the certificate and linked to the identity of S, to verify that the communication was signed using the corresponding private key to validate the communication originated from S.

The following discussion analyses legal risk using the above example and assumes there is only one CA and the CA performs the functions of the RA.

4. Potential legal issues in an electronic transaction using PKI

(a) The private key of S is compromised leading to an unauthorised creation of the digital signature of S and incorrect attribution of that signature to S.

(b) The CA fails to suspend or revoke a compromised private key when requested.

(c) The private key of CA is compromised leading to the creation of forged digital certificates.

(d) CA issues a digital certificate that wrongly links the identity of one person with a public key allocated to another.

(e) The security of stored information is breached.

(f) Digital certificates are incorrectly generated or allocated.

(g) Access to the certificate repository of the CA or Certificate Revocation List (CRL) is not readily available.

(h) A digital certificate is wrongfully suspended or revoked.

(i) Duplicate private key generation by the CA.

5. Allocation of legal risk between parties in an electronic transaction using PKI

(a) Subscriber(S) v Certification Authority(CA)

S will generally be in a contractual relationship with the CA. The CA will generally seek to exclude or limit its liability to S for the negligent acts or omissions of the CA.

If the contract is less than $40,000 or the services supplied by the CA are of a kind ordinarily acquired for personal, domestic or household use or consumption, the trade practices legislation will imply certain non-excludable warranties by the CA into the contract. These warranties will limit the ability of the CA to exclude or limit its liability to S for negligence.

To the extent the CA cannot or does not exclude all liability, S may incur loss as a result of the negligent act or omission of CA and may pursue CA in an action for breach of contract and negligence.

If the contractual allocation of risk in the contract is unfairly one-sided, the contract may be subject to challenge for unconscionable conduct under trade practices legislation. It is likely CA would owe a duty of care to S because S is a person the CA knew would be likely to suffer economic loss as a consequence of negligence on the part of the CA. S would owe a duty of care to CA for the same reason. Liability in negligence will almost always be regulated by the contract between them subject to trade practices legislation.

(b) Subscriber(S) v Relying Party(RP)

In general S is not bound by a message unless it was digitally signed by S or a person acting with the authority of S. RP may have an action against S in negligence if RP can establish that S owed RP a duty of care to take reasonable care with the private key of S and S was careless with its private key. In Australia, the application of the law of negligence (concerning pure economic loss to S and RP) is uncertain. The application of agency law in the case of an undisclosed agent X who signed a message using the private key of S is also uncertain.

In the absence of a prior contract between S and RP governing the allocation between them of the risk of unauthorised messages, S is legally responsible for the message if a court is persuaded on the balance of probabilities the message was digitally signed by S or by a person acting with the authority of S.(2)

Digital signature technology can prove to a very high degree of probability that a private key corresponding to a public key was used to sign a message but it cannot prove who used the private key to sign the message. That is left to inference. The inference is weaker if the holder of the private key has to keep it on a non-trusted computing platform such as a standard home or office personal computer. Better evidence of the identity of the signer may be provided by other electronic authentication methods such as biometric identifiers (use of the private key which is held on and does not leave a smart card that is a trusted computing platform).

Where S discovers the security of the private key and digital certificate have been compromised and informs the CA before RP receives the message sent by X, the following issues may arise:

* RP does not check the CRL maintained by the CA: assuming there is a duty to check the CRL or RP has been adequately notified of the risks in not doing so, S is unlikely to be liable to RP. RP has caused its own loss by its own negligence. Even if the negligence of S has caused the private key and certificate to be compromised, S will have a defence of contributory negligence.

* RP checks the CRL but the CA has not posted the revocation within a reasonable time of the advice by S: if the failure of CA to post the revocation results from a negligent act or omission on the part of CA, RP may have an action against the CA in negligence causing pure economic loss. However, RP is a member of a potentially indeterminate class and may not be able to establish that CA owed it a duty of care.

(c) Certification Authority (CA) v Relying Party (RP)

Australian negligence law is uncertain whether or not a CA will owe a duty of care to an RP who is unknown to the CA (either because the RP does not consult the certificate repository or CRL helf by CA, or does so anonymously). In this case the RP is a member of a large and diffuse class incapable of determination and no duty will be owed. If a RP does become known to a CA because of such consultation, there is a stronger argument that the CA owes RP a duty of care. It is unclear whether RPs are under any general legal duty to S or CA to check the certificate repository.

On receipt of an electronic communication, an RP will need to access the certificate repository. It is unclear whether RPs are under any general legal duty to S or the CA to check the certificate repository of CA or CRL. If the RP does check the repository. CA may to attempt to create an online contract with the RP. A prudent CA would seek to ensure such a contract excludes or limits all CA liability to the extent possible.

It is uncertain whether such an attempt will create a binding online contract where the means of incorporating terms are not sufficiently brought to the notice of RP. It is also uncertain whether RP provides sufficient consideration to form a contract. Trade practices legislation may apply to online contracts which are one-sided in favour of the CA.

6. Managing legal risk

The parties to an electronic transaction using PKI may manage legal risk as follows:

(a) Employ high quality technical solutions, business processes, key and certificate management protocols and the use of standards and auditing.

(b) Insert non-contractual disclaimers on a website or in a certificate that the user relies on information at their own risk. Non-contractual disclaimers can be effective to limit liability (subject to trade practices legislation) provided they are sufficiently drawn to the attention of the person to whom liability is sought to be limited.

Contracts provide a stronger bases for limiting or allocating liability because there is usually no question of adequacy of notice. Contractual provisions are designed to protect weaker parties (usually consumers and small business) from over-reaching or unfair liability allocation in contracts.

(c) Clearly allocate legal risk for unauthorised electronic communications between the parties in the terms and conditions of the online contract. This is not a viable solution in an open system where interactions occur between strangers without a prior contract.

Where a prior contract does allocate liability these provisions will be subject to trade practices legislation protecting consumers and small business. See Trade Practices and Consumer Protection.

(d) Consider purchasing insurance products for Subscribers, Relying Parties or Certification Authorities. There is a developing market in insurance products for parties to a PKI which covers claims against the CA for economic loss by those relying on digital certificates issued by CAs. Similar cover is available for RAs.

(e) Introduce per transaction reliance limits and periodic reliance limit caps for PKI certificates.

(f) Recognise the insecure computing platforms of most end users and implement technical solutions to improve end user security. Most end users (S and RP) use standard personal computers which are non-trusted computing platforms. Until more secure solutions (such as smart cards) are widely distributed in the market, this situation has the following implications:

* Key Storage and Signing Mechanism: Subscribers who have to use personal computers to store their private keys can, at best, protect their keys by password access to the PC. A security chain is only as strong as its weakest link and, on a regular PC, the security of 1024 bit RSA encryption is diminished to an 8 character password often with no firewall protection. Liability allocation rules need to take account of this practical reality for most end users and the consequent vulnerability of keys to theft by colleagues or other third parties or to trojan horse programs.

* Certificate Management: Relying parties using a regular PC can have fake certificates planted in their browserÌs repository by a trojan without their knowledge. If the RPÌs authentication software does not check the status of a certificate online at a CA but in the certificate repository of their Internet browser the RP can be tricked into relying on an untrustworthy certificate.

(g) Authentication of remote parties will occur across borders and legal liability issues will arise between parties in different jurisdictions. Australian solutions to liability management issues (whether common law or legislation) are not necessarily applicable or operative in other jurisdictions.

See Overseas Transactions.

The issue of cross-border recognition of certificates and certification authorities is made worse where one jurisdiction enacts a peculiar licensing regime for CAs or gives special legal privileges to the certificates of CAs.

Generally private law mechanisms for liability allocation (eg contract, insurance) will be transportable among the large number of countries which hold to the principle of party autonomy. These countries will start from the position of holding parties to their contracts, although their domestic systems of laws may contain different rules for excusing performance or overriding harsh or unconscionable terms in these contracts. Contractual allocation of risk is likely to receive wider recognition and enforcement across these countries.

Other relevant Articles on this site:
Encryption of data
Digital signatures
Overseas transactions
Electronic payment systems
Trade practices and consumer protection

Other relevant Fact Sheets:
Electronic Payment Systems
Electronic Transactions Act
Keeping Electronic Records
Secure Electronic Transactions

End Notes
(1) See Legal Liability and e-transactions at http://www.noie.gov.au.

(2) Electronic Transactions Act 1999 (Cth).

"In 5 years most PCs will be given away. It will be the perfect way to serve ads in a targeted fashion." Iconoclast Market Researcher
forIndividuals/