Electronic Transactions System
Given the noticeable trend towards relying on electronic transactions in our daily lives, ranging from the smallest dealings to larger ones, we decided to highlight some of the provisions of the electronic transactions system that significantly impact these interactions for consideration. Particularly since the electronic transactions system was issued by Royal Decree No. (M/18) on 08/03/1428H (“the System”), which means that its provisions have been in effect for years and apply to daily electronic transactions, no matter how minor.
Before we delve into the details of the system’s provisions, it is essential first to define what an electronic transaction is according to the system:
Any exchange, communication, contracting, or any other action that is conducted entirely or partially by electronic means. Each system has a purpose for its issuance, and the goals of the electronic transactions system include:
- Establishing a regulatory and legal framework for electronic transactions.
- Enhancing trust in electronic transactions and the safety of their use.
- Facilitating the use of these transactions and overcoming obstacles to their use.
- Preventing misuse and deception.
The Saudi Electronic Transactions System
Importance of the Electronic Transactions System
The electronic transactions system is considered a cornerstone in the digital transformation of the Kingdom of Saudi Arabia, enabling businesses and government institutions to achieve more effective and secure interactions. The system enhances digital trust among consumers and institutions by ensuring the safety and confidentiality of transactions.
Goals of the Electronic Transactions System
The system aims to achieve several strategic objectives, including:
- Enhancing Digital Security: Fortifying data and transactions against cyber-attacks and fraud.
- Increasing Transparency: Providing broader access to government and business information in an easy and accessible manner.
- Improving Efficiency: Speeding up transaction procedures and reducing associated costs, which leads to an overall increase in productivity.
Features of the System
The features of the system include:
- Quick Completion and Security: Accelerating processes while ensuring high security for electronic transactions.
- Cost Reduction: Digital document transmission reduces the need for paper and physical storage, thereby lowering administrative costs.
- Ease of Access: Enabling access to electronic services around the clock from anywhere, enhancing efficiency and convenience for users.
Impact of the System on Various Sectors
The system has significant effects on several key sectors, as detailed in the following table:
| Sector | Expected Impact |
|---|---|
| Financial | Facilitating banking and financial transactions, and enhancing digital security. |
| Health | Improving the management of medical records and access to online health services. |
| Education | Providing a flexible and accessible educational environment through e-learning platforms. |
| Government | Enhancing the efficiency of government services and offering them electronically, making them more accessible to citizens. |
All these elements combined reflect the significant importance of the electronic transactions system in supporting and accelerating the digital transformation in the Kingdom, and in providing more efficient and effective services to both citizens and institutions alike.
Also, read about the impact of the improved Nitaqat program on businesses in Saudi Arabia in our detailed article available on the website of Eyad Reda Law Firm.
Details of the Electronic Transactions System
Scope of Application of the System
The scope of application of the electronic transactions system includes all commercial, administrative, and personal activities conducted via electronic means, including financial transactions and electronic contracts. The system applies to all electronic transactions whether within the public or private sector, making it comprehensive and integrated to ensure security and efficiency in digital transactions.
Key Components of the System
The basic components of the electronic transactions system include:
- Legislation and Regulations: Specific legislations regulate the use and signing of electronic documents and e-commerce.
- Technological Infrastructure: Advanced and secure digital platforms support the efficient storage and transfer of data.
- Cybersecurity Systems: Advanced security protocols protect data and transactions from breaches and cyber threats.
Exemptions from the System Application
The main exemptions from the application of the system include:
- Judicial and Notarial Transactions: Transactions such as inheritance, wills, and personal status matters that require official documentation or eyewitnesses.
- Sensitive National Security Information: Data considered sensitive and requiring high levels of confidentiality and security cannot be processed electronically.
Authorities Responsible for Implementing the System
The authorities responsible for implementing the electronic transactions system include:
- Ministry of Commerce and Investment: Monitors compliance with laws related to electronic commercial transactions.
- Communications and Information Technology Commission: Provides technological support and maintains digital infrastructure.
- Security Agencies: Ensure cybersecurity and data protection.
Amendments to the System
Amendments to the system are made based on a periodic assessment of challenges and opportunities in the digital field:
- Updating Laws and Regulations: To keep up with technological developments and international standards.
- Improving Infrastructure: Enhancing networks and cybersecurity to achieve greater efficiency and better protection.
- Expanding Scope of Inclusion: Introducing new sectors under the system to enhance digital transition.
Also, read about the personal data protection system in Saudi Arabia and its importance for individuals and companies, in our comprehensive analysis available on the website of Eyad Reda Law Office.
The System of Transactions and Digital Trust
Goals of the Digital Transactions and Trust System Project
The project aims to establish a robust digital framework addressing several key objectives:
- Securing Digital Transactions: Ensuring all digital transactions are conducted securely to prevent fraud and breaches, thus protecting both providers and consumers.
- Enhancing Efficiency: By streamlining processes and eliminating redundant procedures, the system seeks to reduce transaction times and lower costs for both businesses and the public sector.
- Encouraging Innovation: The system is designed to encourage the adoption of advanced technologies by providing a safe environment that fosters technological innovation.
- Legal Protection: Strengthening the legal framework to support electronic transactions, ensuring that digital contracts and signatures are legally binding and enforceable.
Key Components of the Digital Transactions and Trust System Project
This project relies on several fundamental components that ensure its effectiveness and reliability:
- Advanced Security Infrastructure: Utilizing cutting-edge encryption technologies and cybersecurity measures to protect data integrity and confidentiality.
- Digital Authentication Systems: Implementing robust systems for digital certification and authentication that verify the identities of all parties involved in electronic transactions.
- Regulatory Frameworks: Developing comprehensive regulations that govern digital transactions, regularly updated to keep pace with technological advancements.
- Monitoring and Compliance Units: Dedicated units responsible for monitoring the system’s performance and ensuring compliance with technical and legal standards.
Electronic and Digital Signatures
Electronic Signature
One of the most important elements of electronic transactions is the electronic signature. The system’s text clarifies in this regard that “If a handwritten signature is required on a document, contract, or similar, the electronic signature made according to this system is considered to fulfill this requirement, and the electronic signature is deemed equivalent to the handwritten signature, with the same legal effects.” The conditions for an electronic signature include:
- It must be linked to a valid and active digital certification.
- The integrity of the signature owner’s identity data, which must match the digital certification.
- It must be free from technical defects and have the minimum required technical and administrative infrastructure related to the signing procedures.
- The signature owner must comply with all the conditions set forth in the digital certification procedures.
- It must include at least the following technical elements:
- The issuing authority of the digital certification.
- The type of signature, its scope of operation, and its serial number.
- The date of the signature and its validity period.
- The type of encryption algorithm used and the public encryption key.
- The scope of use of the signature and the limits of its legal responsibility, as well as terms for protecting the confidentiality of information.
- The identity data of the signature owner, including their full name and address.
Digital Certification
Since the digital certificate is one of the conditions for the electronic signature, it is worth noting that the National Center for Digital Certification (“Certification Center”) is responsible for overseeing tasks related to the issuance of digital certificates and managing its infrastructure; accrediting certificates issued by foreign entities outside the Kingdom; issuing digital certificates for certification service providers; publishing and updating the list of licensed certification service providers; coordinating with the Communications and Information Technology Authority (“the Authority”) regarding the licensing of entities wishing to provide digital certification services; providing technical support to the Authority in its supervision of licensed certification service providers; and notifying the Authority of any violations related to the licensing of certification service providers.
A digital certificate is an electronic document issued by the Certification Center to affirm that the person named therein is the true owner of the public key shown and the associated private key. There are two types of keys, public and private, that accompany each electronic certificate—one used for encryption or electronic signing, and the other for decryption or verifying the electronic signature. Types of digital certificates include:
- Identity Verification Certificate
- Electronic Signature Certificate
- Data Encryption Certificate
Additionally, the Digital Government Authority offers services to government entities, including the following government authentication certificates:
- Secure Email Certificate: Increases the safety and reliability of email.
- Name Certificate: Increases safety and reliability in electronic transactions that primarily rely on the person’s name.
- Secure Site Certificate: Provides a secure and encrypted connection between the browser and the website.
- Device Certificate: Designed for storage devices or servers and features authentication and encryption
Since the digital certification can only be issued by a licensed service provider, licenses have been granted to two companies, (Bu’d Telecommunications) and (Solutions, a subsidiary of Saudi Telecommunications Company).
The Legal Force of Electronic Transactions
The system stipulates that electronic transactions, records, and signatures have binding legal force, and their validity or enforceability cannot be denied or execution prevented merely because they are conducted wholly or partially electronically, provided they are conducted according to the conditions specified in this system. The enforceability of electronic transactions and their execution is linked to the availability of their details. It is also worth noting that consent and acceptance can be expressed through electronic dealings, and electronic transactions or signatures are accepted as evidence in legal proofs and can also be considered as presumptive evidence.
Is the Electronic Signature Legally Recognized?
Yes, the electronic signature is legally recognized in Saudi Arabia according to the regulations of the electronic transactions system. Electronic signatures are used to authenticate a wide range of documents and digital contracts, offering levels of security and trust similar to traditional signatures. The system ensures that electronic signatures have the same legal force as handwritten signatures, provided they meet the specified standards for verification and security.
What is the Difference Between a Digital Signature and an Electronic Signature?
Both digital and electronic signatures are used to authenticate digital documents, but there are key differences:
- A digital signature is encrypted data created and verified using public and private encryption methods, ensuring that the signature is unique to each user and transaction. Digital signatures are primarily used to ensure data integrity and confirm the signer’s identity.
- An electronic signature can be any form of electronic expression that shows agreement to the content signed, such as a scanned image of a handwritten signature, or even a simple entry of a username and password.
The Importance of Electronic Signatures and Their Types
Electronic signatures are significantly important in the modern business environment for several reasons:
- Efficiency: They speed up business processes by reducing the time needed for signing and approving documents.
- Cost: They reduce costs associated with printing, shipping, and storage.
- Security: They provide high levels of security when properly implemented, making them difficult to forge.
Types of Electronic Signatures Include:
- Simple Signatures: Such as a name written in an email or text message.
- Advanced Signatures: Signature data is linked to documents in a way that enables the identification of the signer and detection of any subsequent changes.
- Qualified Signatures: Considered the most secure and require the exclusive use of certified devices and software.
Legality and Legal Conditions for Electronic Signatures
Is the Electronic Signature Legal in Saudi Arabia?
Yes, the electronic signature is legal and recognized in Saudi Arabia according to the Saudi Electronic Transactions System established in 2007. This system provides the legal basis for the use of electronic signatures and grants them the same force and effectiveness as handwritten signatures, provided they comply with the specified security and verification standards.
What are the Conditions for an Electronic Signature?
To ensure the legality of an electronic signature, the following conditions must be met:
- Integrity: The signature must remain intact and unaltered from the moment of signing.
- Protection Against Forgery: Techniques such as encryption and digital verification keys must be used to protect signatures from forgery or unauthorized use.
- Preserved Evidence: Records of the signature and related transactions must be documented and securely preserved to provide auditable proof in case of legal disputes.
What Happens When an Electronic Signature is Presented in Any Legal or Regulatory Procedure?
When an electronic signature is presented as part of a legal or regulatory procedure:
- Recognition of Validity: The electronic signature is recognized as legal evidence in courts and judicial proceedings, as long as it adheres to the specified standards.
- Audit and Review: Courts and relevant authorities can use digital records and verification tools to review the validity and authenticity of the signature.
- Disputes: In case of disputes, electronic records can be used to determine whether the signature was altered after execution or if it was forged.
Therefore, the electronic signature provides an effective mechanism for authentication in legal and commercial transactions, enhancing trust and security in the digital environment. The use of advanced technologies contributes to the efficiency and effectiveness of electronic transactions, benefiting the national economy and market participants.