B Com Exam  >  B Com Notes  >  E-Commerce  >  Authentication of Electronic Records - Legal Aspects of E-Commerce

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com PDF Download

Authentication of Electronic Records: All users of the internet whether he/she is an originator or addressee is constantly worried about the security, privacy and trustworthiness of the electronic record.  The main interest of the addressee is the authenticity of electronic records.

Before developing any commercial relationship over internet, any person would be particular about:

1. Who sent the message?

2. Who would receive the message?

3. When message was sent?

4. When message was received?

 

1.  Data security: Data security is the shield of data against unintentional or deliberate damage, disclosure or modification. Data reliability occurs when data does not vary from its source records and has not by mistake or meanly altered or destroyed.
 

Authentication: It is a way to discover the reliability of particular data and with reference to message, it comprises of determining its source and that it has not been altered or substituted in transit.

The message truthfulness, reliability and non-repudiation, which are three essentials of a record to form legal basis of a claim, can be achieved by the different encryption methods. This includes electronic signature.

The second chapter of the IT Act is entitled 'DIGITAL AND ELECTRONIC SIGNATURE'. According to this chapter, authentication of electronic records can be determined by digital signature using asymmetric crypto system and hash function.

Whereas, Section 3A mentions that, authentication of records can be ascertained by using any electronic signature or electronic authentication technique, which is considered reliable and mentioned in the second schedule. However, no such technique is mentioned in the second schedule.

According to section 2(f) of the IT Act 2000, Asymmetric crypto system means a pair of keys comprising of a private key to create digital signature and a public key to verify digital signature.

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com

Figure 2: Signing a message using a symmetric signature

2.  Private Key A private key has one and only one public key and correspondingly a public key has only one and one private key. As the name suggests, the private key remains with the subscriber and he/she is required to take steps to prevent its disclosure (section 42). Public key is listed in the Digital Signature certificate. The certifying authority issues these certificates (section 35) and is repository of all such certificates.

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com

Figure 3: Signing a message with an asymmetric signature

4.3 Difference between Public and Private Keys: 

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com


 4. Hash and Hash Function : Hash is an algorithm mapping or translation of one sequence into another. Hashing transforms an electronic record into a unique shorter fixed-length value called the hash results. The Hash result is an index or a fingerprint of the original text. The receiver of electronic record can check its integrity by finding out the hash result of the record and compare it with the hash result sent along with the record. If they are the same then record was not changed but if they are not the same then it means that the record got corrupted. Apart from the generation of key pairs, another fundamental process known as the hash function is used in both creating and verifying a digital signature. A hash function is a mathematical process based on algorithm which creates a digital representation or compressed form of the message, often referred to as a ‘message digest’ or ‘fingerprint’ of the message in the form of a ‘hash value’ or ‘hash result’ of a standard length which is usually much smaller than the message, but nevertheless substantially unique to it.

It is seen that encrypting a document with a public key system requires a lot of time. To speed up the procedure, it is possible to apply the private key, not to the whole message but only on its message digest (or hash code). The message digest is a short of an excerpt of the original text, known as ‘digital fingerprint’. This excerpt is much shorter than the original message and it is the result of the application of hash function.

As hash function is public and therefore no private key is required. It takes the message as input and gives back always the same string, which will always have the same dimension. This function maps the data to fix sized hash values in such a way that it would match this particular hash value. The idea is based on the fact that the message digest represents concisely the ‘original data from which it was computed. It could be considered as a digital fingerprint of the ‘larger data string’. Thus we see that the security of the hash function is very significant to the integrity of the digital signature. To use the hash functions for digital authentication they must have certain properties to make them secure enough for cryptographic usage. It must be mentioned that a data string can be found that hashes to a given value and that two distinct data strings hash to the same values.

The document Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com is a part of the B Com Course E-Commerce.
All you need of B Com at this link: B Com
100 videos|55 docs|19 tests

FAQs on Authentication of Electronic Records - Legal Aspects of E-Commerce - E-Commerce - B Com

1. What is the legal significance of authenticating electronic records in e-commerce?
Ans. Authenticating electronic records in e-commerce is legally significant as it ensures the integrity and reliability of the records. It provides proof of the origin, content, and timestamp of the electronic records, which is crucial in legal disputes and regulatory compliance. By authenticating electronic records, businesses can demonstrate the authenticity and non-alteration of the records, thereby enhancing trust and legal validity in e-commerce transactions.
2. How can electronic records be authenticated in e-commerce?
Ans. Electronic records in e-commerce can be authenticated through various methods such as digital signatures, encryption, and timestamps. Digital signatures use cryptographic techniques to verify the identity of the sender and ensure the integrity of the record. Encryption protects the privacy and confidentiality of the electronic records, preventing unauthorized access or tampering. Timestamps provide a reliable way to establish the time at which the record was created or modified, adding an additional layer of authentication.
3. What are the legal implications of using electronic signatures in e-commerce?
Ans. The use of electronic signatures in e-commerce has legal implications as it enables the parties involved to express their consent and authenticate electronic records. Many countries have enacted laws and regulations to recognize the legal validity of electronic signatures, such as the Electronic Signatures in Global and National Commerce Act (ESIGN) in the United States. By complying with these laws, businesses can ensure the enforceability of electronic contracts and agreements, reducing the need for paper-based documentation.
4. Are there any legal requirements for the authentication of electronic records in e-commerce?
Ans. Yes, there are legal requirements for the authentication of electronic records in e-commerce. These requirements vary from country to country and may include the need for secure electronic signatures, compliance with specific technical standards, and adherence to privacy and data protection laws. It is essential for businesses to understand and comply with these legal requirements to maintain the legal validity and admissibility of electronic records in e-commerce transactions.
5. What are the benefits of authenticating electronic records in e-commerce?
Ans. Authenticating electronic records in e-commerce offers several benefits. Firstly, it enhances the trust and reliability of e-commerce transactions by providing proof of the authenticity and integrity of the records. This, in turn, reduces the risk of fraud and dispute resolution costs. Secondly, it improves efficiency by eliminating the need for physical paperwork and enabling faster processing and verification of electronic records. Lastly, it promotes the growth of e-commerce by ensuring legal validity and enforceability, thereby encouraging businesses and consumers to engage in electronic transactions.
100 videos|55 docs|19 tests
Download as PDF
Explore Courses for B Com exam
Signup for Free!
Signup to see your scores go up within 7 days! Learn & Practice with 1000+ FREE Notes, Videos & Tests.
10M+ students study on EduRev
Related Searches

video lectures

,

Summary

,

ppt

,

Objective type Questions

,

study material

,

Exam

,

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com

,

Semester Notes

,

mock tests for examination

,

shortcuts and tricks

,

Important questions

,

past year papers

,

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com

,

Sample Paper

,

Authentication of Electronic Records - Legal Aspects of E-Commerce | E-Commerce - B Com

,

practice quizzes

,

Previous Year Questions with Solutions

,

Viva Questions

,

Free

,

Extra Questions

,

pdf

,

MCQs

;