Electronic Money and Relevant Legal and Regulatory Issues(电子货币及相关法律、监管问题)(2000)

作者：杨春宝律师　来自：法律桥　时间：2004-12-19 20:40:20 点击：

III. Legal issues on issuing and using e-money

1. Security

Security issues are a major source of concern for everyone both inside and outside the banking industry. E-money increases security risks, potentially exposing hitherto isolated systems to open and risky environments. All retail payment systems themselves are vulnerable in some way, e-money products raise some more issues such as authentication and non-repudiation, integrity and privacy.

Security breaches could occur at the level of the consumer, the merchant or the issuer, and could involve attempts to steal consumer or merchant devices, to create fraudulent devices or messages that are accepted as genuine, to alter data stored on or contained in messages transmitted between devices, or to alter the software functions of a product. Security attacks would most likely be for financial gain, but could also aim to disrupt the system. Security breaches essentially fall into three categories: breaches with serious criminal intent (e.g. fraud, theft of commercially sensitive or financial information), breaches by ‘casual hackers?(e.g. defacement of web sites or ‘denial of service?- causing web sites to crash), and flaws in systems design and/or set up leading to security breaches (e.g. genuine users seeing / being able to transact on other users?accounts). All of these threats have potentially serious financial, legal and reputational implications.

Therefore, it is crucial important to assess whether the institution's proposed system is sound and the service provided through the Internet will have adequate security. Surely there no absolute security exists in either the electronic or physical world of banking. However, the level of security should be "fit for purpose". The fundamental objectives that security arrangements of e-money products should try to achieve are to:

a. restrict access to the system to those users who are authorised;
b. authenticate the identity and authority of the parties concerned to ensure the enforceability of transactions conducted through the internet;
c. maintain the secrecy of information while it is in passage over the communications network;
d. ensure that the data has not been modified either accidentally or fraudulently while in passage over the network; and
e. prevent unauthorised access to the bank's central computer system and database.

There are specific security features available to protect e-money products, which are perceived to lie in the use of encryption, electronic signatures and, in some cases, in certificates issued by third parties, known as Trusted Third Parties (TTPs). A key safeguard for card-based schemes is to make the microchip embedded in the card tamper-resistant. A critical safeguard for both card-based and software-based schemes is the encryption technology used to authenticate e-money devices and messages and to protect data on the devices from unauthorised alteration. Maximum limits on the amount that can be held on e-money devices and on the transaction value can play an important role in containing losses in the event of a security breach.

The use of all kinds of security tools can provide security that is comparable to that offered in physical transactions. However, as with a physical transaction, the effectiveness of such measures is largely dependent on their proper implementation and the establishment of a set of comprehensive policies and procedures that are rigorously enforced. Continuing developments in security technology are required to maintain the effectiveness of security measures on an ongoing basis as new threats to existing systems arise over time. Banks should accordingly be responsible for ensuring that they keep up with such developments on a continuing basis. Unless they do this, their existing security measures may quickly become obsolete. If security breaches arise from this, it would not only expose the banks to risk of loss, but also more generally undermine the confidence of their customers. All the evidence suggests that security is very much at the forefront of customers' minds in deciding whether to use this new medium.

2. Privacy

As mentioned above, sound practice requires the ability to track and verify that the proper exchanges occur which ensuring that only authenticated parties and payment mechanisms are involved in the exchange, and that they exchange only those items for which they are authorized. However, consumers may fear that their financial, credit and spending information derived from e-money transactions or products could be used without their knowledge or permission. And these fears will be widespread and strongly held when e-banking and the use of e-money becomes more widespread. With the growth of e-money, the spread of crime is likely to accompany the vastly increased storage and transmission of customer financial information. Therefore, many parties want the option of anonymous financial transactions. However, it is difficult to be widely accepted due to security concerns and money laundering. Even so, to achieve widespread confidence, all participants in the system such as banks, other issuers, consumers and merchants, must have certain basic information about the rules governing the use of e-money products. The consumer must be guaranteed that any information exchanged will be transmitted only to properly authenticated parties and only to the extent to which they are authorized to receive the information.

3. Legal risks

Other than the above-said security and privacy concerns, there are also some legal risks surrounding e-money. Legal risk arises from violation of laws, regulations or prescribed practices, such as money laundering, customer disclosures, privacy protection, etc. Legal risk may also arise when the legal rights and obligations of parties are not well established. The contractual and legal relationships between consumers, retailers, issuers and operators might be complex. Schemes differ as to when payment is final and also as to whether the consumer or the merchant bears the credit, settlement and other risks until settlement has occurred. A major concern is whether the rights and obligations of all the parties involved are certain and transparent. For example, issues could arise regarding liability in the event of fraud, counterfeiting, accident or the default of one or more of the participants.
[首页] [上一页] [下一页] [末页]

【本文作者：杨春宝律师，来自：法律桥，引用及转载应注明作者和出处。如需聘请律师，请立即致电杨春宝高级律师：1390 182 6830】

关注法律桥微信公众平台	杨春宝高级律师电子名片

◆ 请注意文明用语，请勿人身攻击。
◆ 请尊重网上道德，遵守中华人民共和国各项相关法律法规。
◆ 您应当对因您的行为而直接或间接导致的民事或刑事法律责任负责。
◆ 请勿在此提出法律咨询，法律咨询请去法律桥论坛。
◆ 本站有权在网站内转载或引用您的评论。
◆ 网站管理员有权删除违反上述提示的评论。
◆ 参与本评论即表明您已经阅读并接受上述条款。

本站声明：

本站所载之法律论文、法律评论、案例、法律咨询等，除非另有注明，著作权人均为站长杨春宝高级律师本人�；队渌玖唇樱�，未经站长书面许可，不得擅自摘编、转载。引用及经许可转载时均应注明出处"法律桥"，并链接本站。本站网址：http://20250405044300-pnjqj-zyhad.mfqms.cn/。

本站所有内容（包括法律咨询）仅供参考，不构成法律意见，站长不对资料的完整性和时效性负责。您在处理具体法律事务时，请洽询有资质的律师。本站将努力为广大网友提供更好的服务，但不对本站提供的任何免费服务作出正式的承诺。本站所载投稿文章，其言论不代表本站观点，如需使用，请与原作者联系，版权归原作者所有。

首席主持律师：上海杨春宝高级律师

上海最早的70后高级律师。入选国际知名法律媒体China Business Law Journal“100位中国业务优秀律师”，荣获Finance Monthly“2017中国TMT律师大奖"，并入围Finance Monthly“2016中国公司法律师大奖”，系Asia Pacific Legal 500和Asia Law Profiles多年推荐律师，中国贸促会/中国国际商会调解中心调解员，具有上市公司独立董事任职资格、系上海国有企业改制法律顾问团成员，具有丰富的投资、并购法律服务经验。[详细介绍>>>]

聘请律师热线：13901826830(咨询勿扰)
业务委托邮箱：LawBridge#163.com