In the modern commercial environment, efficiency and timeliness are paramount in ensuring the success of many businesses. Furthermore, transactions may occur across great distances. For example, two parties to a contract may not actually be physically present at the same time and place as the terms are being negotiated or even when the contract is actually executed. Traditional means for negotiating and executing contracts include communicating over the telephone, communicating in writings sent between the parties using the mail or a facsimile machine, or even through third party negotiators such as attorneys or agents. Although technology has facilitated such activities, i.e. the facsimile machine increasing the speed at which contracts are formed versus sending writings through the mail, the recent explosion of the Internet and e-mail has resulted in the potential for even greater speed and efficiency in contract formation.
However, the Internet and e-mail are merely forms of communication. The basic elements of a contract, offer, acceptance and consideration, must still exist. Furthermore, Article 2 of the Uniform Commercial Code (UCC) still applies to the sale of goods. Moreover, the Electronic Signatures in Global and National Commerce Act (“E-SIGN”) and the Uniform Electronic Transactions Act (1999) (“UETA”) are recent examples of legislation that are aimed at standardizing laws regarding facilitating electronic contracts (“e-contracts”).
According to memo M-00-15 “Memorandum for the Heads of Departments and Agencies”, by the Office of Management and Budget Director “E-SIGN eliminates legal barriers to the use of electronic technology to form and sign contracts, collect and store documents, and send and receive notices and disclosures.” In addition, as discussed in comments to UETA, the main point of a signature is to apply a sound, symbol or process with an intent to do a legally significant act. Thus, UETA attempts to establish that an electronic signature and a manual signature are equivalent. Furthermore, an electronic signature should be connected to the record or document being signed.
Accordingly, in contracting over the Internet, for example, the issue of how to connect an electronic, or digital, signature with a document being signed, and thus, the issue of how to determine that a valid contract has been formed, is raised. Traditional contract law relating to the sale of goods requires a writing signed by the party to be bound to prove all contracts in excess of a certain dollar amount, usually $500. Oral contracts for more than $500 are generally not enforceable under the UCC Statute of Frauds, a version of which practically each state has enacted into law in some form or another, unless a party to be bound admits the existence of the contract.
As discussed above, UCC, UETA and E-SIGN provide ways around the physical signature requirement. Thus, with respect to electronic commerce (“e-commerce”), there are various ways to evidence intent to be bound. UCC section 1-201 provides that “signed” includes any symbol executed or adopted by a party with present intention to authenticate a writing, and “written” or “writing” includes printing, typewriting or any other manner of intentional reduction to a tangible form. Thus, since a digital signature, for example, is represented as electronic data, it can symbolize intent in connection with an electronic document to be bound by the terms contained therein.
Accordingly, the competitive nature of the marketplace has propelled many technological advances in the arena of e-commerce. An electronic communication (“EC”) is considered to be a communication in electronic form. ECs have become an integral part of transacting business today, especially with the growth of the Internet and e-commerce. Over recent years, digital signatures also have become an important part of e-commerce, with a digital signature being used both to identify a sender of an EC as well as to “authenticate” a message contained within the EC. Thus, the integration of digital signatures and ECs into modern commerce to facilitate e-contracts is a natural result of technological evolution.
However, computing systems developed for using digital signatures are typically designed to perform message and sender authentication. These systems can apply digital signatures without an overt act by the message originator. Thus, these systems lack the sense of originator intention, as they only support originator authentication.
The origination of a digital signature essentially comprises the encryption of a message (“M”) sent in an EC. In addition, the message may include a hash value of the message that is conveyed in the EC, wherein the hash algorithm used to generate the hash is, for example, SHA-1, or other similar algorithm known in the art. The message, which may or may not include a hash value, is encrypted by an electronic device using a private key (“PrK”) of a key pair used in public-private key cryptography (also known as asymmetric cryptography). The resulting ciphertext, which may be referred to as a message digest, constitutes the digital signature (“DS”), which typically is appended to the message to form the EC that is sent from a sender to a recipient. In generating the hash value, either the device applies a hashing algorithm—such as the SHA-1 algorithm—to the subject matter of the message to be sent, or the hashing algorithm is applied to the message external to the device and the resulting hash value then is communicated to the device for encrypting. Furthermore, while the encryption is performed by the device, the user of the device (i.e., the sender of the EC) is considered the “signer” of the digital signature. The sender may be a computing system that automatically responds with a digital signature to a query requesting the identity of the sender. This may be analogized to an airplane transponder responding to an air traffic control request for identification.
The recipient of the EC may know or be able to obtain both the hashing algorithm applied to the message as well as the public key (“PuK”) corresponding to the private key used to generate the digital signature. With this knowledge, the recipient applies the appropriate hashing algorithm to the message to generate a hash value and then decrypt the digital signature. If the hash value generated by the recipient equals the hash value of the decrypted digital signature, then the recipient is able to determine that the sender who signed the message actually possessed the private key corresponding to the public key held by the recipient. Accordingly, the recipient “authenticates” the sender. Additionally, the recipient is able to determine that the content of the message contained in the EC was not altered or modified because any change to the message would change the bash value. Accordingly, the recipient “authenticates” the message.
A digital certificate (also known as a “digital ID”) is a voucher by a third party (commonly referred to as a “Certificate Authority”) attesting to the identity of an owner of a public key. Essentially, digital certificates are the electronic counterparts to driver licenses, passports, membership cards, and other paper-based forms of identification. The digital certificate itself comprises an electronic message including a public key and the identity of the owner of the public key. A digital certificate also typically contains an expiration date for the public key, the name of the Certificate Authority, a serial number of the digital certificate, and a digital signature of the Certificate Authority. The most widely accepted format for digital certificates is defined by the CCITT X.509 international standard; thus, certificates can be read or written by any application complying with X.509. Based on a digital certificate included in an EC, a recipient is able to authenticate the digital certificate using a public key of the Certificate Authority and thereby confirm the identity of the owner set forth therein.
The system wherein a digital certificate is included in an EC comprises a “public key infrastructure” (PKI) commonly referred to as the “Certificate Authority Digital Signature” (CADS) system. Unfortunately, while the CADS system enables two parties who otherwise may not have a preexisting relationship with one another to communicate with each other with the confidence of knowing the other's identity, the CADS system has drawbacks. For example, a digital certificate typically is issued with an expiration date, and an expired digital certificate generally is not recognized in the industry. Furthermore, if a private key is lost or stolen, then the owner of the private key must notify the Certificate Authority to revoke the owner's digital certificate; however, a recipient of an EC with a digital certificate will only know of the revocation of the digital certificate if the recipient cross-references the serial number of the digital certificate against a certificate revocation list (CRL) published by the Certificate Authority. Another drawback to the CADS system is that the digital certificate itself is only as good as the particular authority that issues it, and it often may be necessary to obtain multiple digital certificates (i.e., from Certificate Authorities 306a, 306b to 306n as shown in FIG. 1 of the incorporated ABDS Applications) in order to create a sufficient “chain” or “network” of trust between the sender and recipient for a transaction or communication to be accepted and acted upon. Additionally, the entire CADS system rests upon the secrecy of the private key of the Certificate Authority issuing a digital certificate, which, if compromised, collapses the CADS system.
In the context of an EC regarding an account, such as the example of an online purchase order, another drawback of the CADS system is that the account information must be encrypted or otherwise protected if sent over an insecure communications medium, such as the Internet. In the example above, a hacker eavesdropping on the communication of the account information would possess sufficient information to make fraudulent charges to the account of the purchaser, especially as not all merchants require a digital signature and digital certificate to fill a purchase order. Moreover, financial institutions have yet to standardize a requirement that a digital certificate of a purchaser be submitted as a condition precedent to approving a payment request by a merchant. Instead, in determining whether a purchaser actually has the authority to effect payment to a merchant, a financial institution relies upon the personal account information provided by the merchant, and whether the account information has been reported lost or stolen.
Accordingly, a need exists for an improved system of communicating ECs that contain contract related documents using digital signatures and for authenticating the identity of a contracting party and that party's associated account information without the inherent inefficiencies, limitations and potential pitfalls of a CADS.
A need also exists for such a system that can link account information to an individual without the need for secret identification information, i.e. PIN or mother's maiden name, to be sent as part of the EC, thereby preventing hacking of such secret information.
Furthermore, although the identity of a party sending an electronic communication may be successfully verified as being the identity of a party with which another party has a pre-existing relationship, many employees of a merchant, for example, may have access to the merchant's private key. This creates the scenario where a low-level employee that knows the employer's private key may be able to bind the employer to a large transaction, even though the employee is not authorized to bind the company except for transaction of relatively small dollar amount. Thus, the low-level employee may have apparent authority to bind the employer vis-a-vis another party, but may not have actual authority to do so.
Moreover, even if the sender has the authority to bind the employer, the sender may be an employee who contracts with multiple parties at various times during the workday. If, for example, the employee is involved with entering into contracts with multiple parties during a certain time period during the workday, the employee, using a PC, may inadvertently assent to a contract without reviewing the terms of the contract. This would occur, for instance, if the employee was actively engaged in negotiating terms of a contract with another party where each is replying to the other with counteroffers. Then, due to not paying careful attention to the documents that are active on the employee's computer, an inadvertent keyboard stroke causes an offer or an acceptance to be sent in response to a message arriving from a totally different party. This is because a distinction exists between a computer system that is designed to authenticate an entity without the need for an overt action by the entity, and a computer system designed to demonstrate a person's or an entity's intent in connection with a particular document. Accordingly, a need exists for enabling a recipient of an electronic communication that comprises a contract document to determine whether the sender has the authority to be bound, and furthermore, whether the sender intends to be bound to the terms of the document.
Finally, a need exists to enable the recipient of an electronic communication containing a contract document to determine the level to which secret information that may have been used to digitally sign the EC is physically protected, such that the likelihood of a hacker obtaining the secret information and posing as a person or entity legitimately associated with the secret information is low or nonexistent.