ABSTRAK
Kesahan identiti merupakan kaedah yang berkesan untuk memastikan identiti pihak-pihak bertransaksi adalah sah dan sebenar seperti dikemukakan dalam perdagangan elektronik. Di Malaysia, Akta Tandatangan Digital 1997 dan Akta Perdagangan Elektronik 2006 merupakan undang-undang siber yang mengiktiraf penggunaan tandatangan digital dan tandatangan elektronik. Walau bagaimanapun, Akta Tandatangan Digital 1997 dan Akta Perdagangan Elektronik 2006 perlu dikaji semula kerana terdapat masalah kekaburan dari segi pemakaiannya. Antara isu-isu perundangan ialah sama ada identiti pelanggan dan penjual adalah sah dan sebenar seperti dikemukakan dan sama ada kontrak terbentuk dan sah timbul kepercayaan salah sangka terhadap identiti suatu pihak. Selain itu, terdapat juga isu berkenaan pemakaian sistem kripto tidak simetri yang terlalu spesifik dan kesukaran membuktikan identiti pesalah dan pengecualian liabiliti apabila kunci persendirian hilang atau disalahgunakan. Oleh itu, artikel ini akan mengenal pasti konsep dan kaedah-kaedah kesahan identiti, menganalisis isu-isu perundangan dan memberi cadangan untuk memantapkan pemakaian Akta Tandatangan Digital 1997 dan Akta Perdagangan Elektronik 2006. Pengumpulan data dilakukan dengan merujuk sumber primer dan menggunakan kaedah kualitatif . Hasil perbincangan menunjukkan bahawa perakuan yang dipasang dalam rangkaian laman sesawang dan kunci persendirian dapat mengesahkan identiti suatu pihak; sistem kripto tidak simetri adalah elemen penting bagi menjana tandatangan digital yang unik; perjanjian yang dimasuki disebabkan frod atau khilaf unilateral tidak akan mempunyai kesan undang-undang dan pelanggan bertanggungjawab untuk menjaga kunci persendirian dan kesan perundangan tandatangan tandatangan tidak boleh dinafikan jika terdapat tiada niat jahat untuk mengelak daripada tanggungan ganti rugi. Penulis mencadangkan untuk menyatukan Akta Tandatangan Digital 1997 dengan Akta Perdagangan Elektronik 2006; meratifikasikan konvensyen ECC dan; pihak-pihak bebas memilih teknologi dan akta lebih bersifat berteknologi neutral; mengkaji semula peruntukan berkenaan pembentukan kontrak elektronik dan meningkatkan kesedaran awam.
Kata kunci: kesahan identiti; perdagangan elektronik; Akta Tandatangan Digital 1997; Akta Perdagangan Elektronik 2006; Akta Transaksi Elektronik 2010.
ABSTRACT
Authentication of identity is an effective method to ensure the identity of the transacting parties is valid and true as represented in electronic commerce. In Malaysia, Digital Signature Act 1997 and Electronic Commerce Act 2006 are the cybers laws which recognize the digital signature and electronic signature. However, Digital Signature Act 1997 and Electronic Commerce Act 2006 need to be reviewed because there are several ambiguities. Among the legal issues are whether the identity of the buyer and the seller is valid and true as represented, and whether the contract is created and valid if there is a mistaken identity. There is another issue on asymmetric cryptosystem which is too specific and the difficulty to prove the identity of the wrongdoers and the exemption from liability when the private keys are missing or being misused. Therefore, this paper will identify the concept and method of authentication of identity, analyze the legal issues and provide several suggestions to improve the application of the Act. Data collection is done by referring to primary data and qualitative method. The findings show that the certificate on the website and the digital signature can authenticate the identity of the parties; asymmetric cryptosystem is important to generate unique digital signature; the contract will not have legal effect if entered upon fraud or unilateral mistake. and the subscribers are responsible to take care of their private keys and the legal effect of the signature shall not be denied if maliciously intended to avoid any claim for damages. The author suggests to combine the Digital Signature Act 1997 with the Electronic Commerce Act 2006; widen the scope of the Digital Signature Act 1997, ratify ECC and MLETR; give freedom to the parties to choose the technology and to make the Act more technologically neutral; review provisions regarding electronic contract and to increase public awareness.
Keywords: authentication of identity; electronic commerce; Digital Signature Act 1997; Electronic Commerce Act 2006; Electronic Transactions Act 2010.

RUJUKAN

Akta Kontrak 1950 (Akta 136).

Akta Perdagangan Elektronik 2006 (Akta 658).

Akta Tandatangan Digital 1997 (Akta 562).

Akta Tandatangan Digital Utah 1995.

Abu Bakar Munir. 1999. Cyber Law Policies and Challenges. Kuala Lumpur. Butterworths Asia.

Anwarul Yaqin.2007. Legal Research and Writing. Malaysia: Lexis Nexis, Malaysia.

APEC Telecommunications and Information Working Group. 2002. Electronic Authentication: Issues Relating to its Selection and Use. Singapore: 1-207.Cai Baoyu. 2020. Application of computer networksecurity technology in e-commerce [J]. Computer products and circulation. (05): 18.

Chris Reed & John Angel. 2011. Computer Law 7th Edn. New York: Oxford University Press.

Eliza MIK. 2012. Mistaken identity, identity theft and problems of remote authentication in e-commerce. Computer Law and Security Review. 28 (4): 396-402.

Faye Fangfei Wang. 2010. Law of Electronic Commercial Transactions, Contemporary Issues in the EU, US and China. United Kingdom: Routledge.

Hartini Saripan. 2009. The role of the ‘law of the horse’ in the governance of electronic signatures: lessons from Malaysia. Malayan Law Journal.

Rafidah Mat Ruzki. 2020. Jualan dalam talian meningkat 28.9 peratus pada April. Berita Harian, 18 Oktober 2020.

Roger Clarke. 1996. Module 4- message security, cryptography, identification and authentication. http://www.rogerclarke.com/BEG9673/module4.html [1 November 1996].

Sakina Shaik Ahmad Yusoff & Azimon Abdul Aziz. 2003. Mengenali Undang-undang Kontrak Malaysia. Petaling Jaya: Internasional Law Book Services.

Shiyu Wang. 2021. Study on the Application of Computer Security Technology in E-commerce. Journal of Physics: Conference Series. 1915. 042044. doi:10.1088/1742-6596/1915/4/042044.

Sreela Sasi. 2004. Biometric authentication for e-commerce transaction. International Workshop on Imaging Systems and Techniques. Italy: Stresa 113-116.

Susanna Frederick Rischer. 2001. Saving rosencrantz guildenstern in a virtual world? A comparative look at recent global electrnonic signature legislation 229-242.

Suruhanjaya Komunikasi dan Multimedia. 2022. Certifications. https://www.mcmc.gov.my/en/com mons/print?printpath=/Legal/Registers/DSARegisters&classname=CMS.MenuItem [25 February 2022].

Zhang, M., Lin, L. & Chen, Z. 2021. Lightweight security scheme for data management in E-commerce platform using dynamic data management using blockchain model. Cluster Comput. Springer. https://doi.org/10.1007/s10586-021-03373-6.