| (a) General. This section prescribes the requirements
that govern the issuance, use, and revocation of digital certificates
issued by the Texas Department of Motor Vehicles (department) for
electronic commerce in eligible department programs. The provisions
of 1 TAC Chapter 203, Subchapter B govern this section in the event
of a conflict between that subchapter and a provision of this section.
(b) Definitions. The following words and terms, when
used in this section, shall have the following meanings, unless the
context clearly indicates otherwise.
(1) Business entity--An entity recognized by law through
which business is conducted with the department, including a sole
proprietorship, partnership, limited liability company, corporation,
joint venture, educational institution, governmental agency, or non-profit
organization.
(2) Certificate holder--An individual to whom a digital
certificate is issued.
(3) Digital certificate--A certificate, as defined
by 1 TAC §203.1, issued by the department for purposes of electronic
commerce.
(4) Digital signature--Has the same meaning assigned
by 1 TAC §203.1.
(5) Division director--The chief administrative officer
of a division of the department.
(c) Program authorization. A division director may
authorize the use of digital signatures for a particular program based
on whether the applicable industries or organizations are using such
technology, the frequency of document submission, and the appropriateness
for the program. The solicitation documentation for eligible programs
will include the information that digital signatures may be used.
(d) Application and issuance of digital certificate.
(1) A request for a digital certificate shall be in
writing and shall be signed by the individual authorized by the business
entity to request a digital certificate.
(2) The department may request information necessary
to verify the identity of the individual requestor or the identity
of the individual to whom the certificate is to be issued. To verify
identity under this paragraph a person shall present:
(A) an unexpired Texas driver's license or identification
certificate with a photograph;
(B) an unexpired concealed handgun license or license
to carry a handgun issued by the Texas Department of Public Safety
under Government Code, Chapter 411, Subchapter H;
(C) an unexpired United States passport;
(D) a United States citizenship (naturalization) certificate
with identifiable photograph;
(E) an unexpired United States Bureau of Citizenship
and Immigration Services document that:
(i) was issued for a period of at least one year;
(ii) is valid for not less than six months from the
date it is presented to the department with a completed application;
and
(iii) contains verifiable data and an identifiable
photograph;
(F) an unexpired United States military identification
card for active duty, reserve, or retired personnel with an identifiable
photograph; or
(G) a foreign passport with a valid or expired visa
issued by the United States Department of State with an unexpired
United States Bureau of Citizenship and Immigration Services Form
I-94:
(i) that was issued for a period of at least one year,
is marked valid for a fixed duration, and is valid for not less than
six months from the date it is presented to the department with a
completed application; or
(ii) that is marked valid for the duration of the person's
stay and is accompanied by appropriate documentation.
(3) The department may take actions necessary to confirm
that the individual who signed the request is authorized to act on
behalf of the business entity, including requiring the individual
requestor or the person authorizing the request to personally appear
at the department location responsible for the issuing of the certificate.
(4) The department shall issue a digital certificate
only to an individual. Information identifying the business entity
that authorized the issuance of the certificate may be embedded in
the digital certificate.
(e) Refusal to issue a digital certificate. The department
shall not issue a digital certificate if the identity of the individual
to whom the certificate is to be issued, or the identity of the individual
requesting the certificate on behalf of a business entity, cannot
be established. The department will not issue a digital certificate
if the business entity on whose behalf the request is allegedly being
made does not authorize its issuance.
(f) Responsibilities of certificate holder. A certificate
holder shall:
(1) maintain the security of the digital certificate;
(2) use the certificate solely for the purpose for
which it was issued; and
(3) renew the certificate in a timely manner, if continued
use is intended.
(g) Responsibilities of business entity. A business
entity is responsible for:
(1) determining what individual may request a certificate
for the business entity;
(2) determining to what individual a certificate is
to be issued; and
(3) requesting within a reasonable time the revocation
of the business entity's certificate if the security of the certificate
has been compromised or if the business entity is changing its certificate
holder.
(h) Revocation of certificate. The department shall
revoke a digital certificate:
(1) upon receipt of a written request for revocation
of the business entity's certificate, signed by an individual authorized
to act on behalf of the business entity for which it was issued;
(2) for suspension or debarment of the individual or
business entity; or
(3) if the department has reason to believe that continued
use of the digital certificate would present a security risk.
(i) Use of digital certificate.
(1) A digital signature issued by the department shall
only be used for the purpose of digitally signing electronic documents
filed with the department. A digital signature is binding on the individual
to whom the certificate was issued and the represented business entity,
as if the document were signed manually.
(2) The department may use the digital certificate
to identify the certificate holder when granting or verifying access
to secure computer systems used for electronic commerce.
(j) Forms. The department may prescribe forms to request,
modify, or revoke a digital certificate.
|
| Source Note: The provisions of this §206.131 adopted to be effective February 4, 2010, 35 TexReg 654; amended to be effective June 25, 2015, 40 TexReg 4000; amended to be effective July 2, 2017, 42 TexReg 3272 |
