If employees use the electronic signature information of enterprises to enter into contracts with others privately. In this case, as long as the other party doesn't know that the employee has no relevant rights, the contract is still valid and the enterprise should bear relevant civil liabilities.
Risks mainly include the following three links.
1, the authentication stage was fraudulently used.
In this case, the electronic seal is in the form of Zhang San, but it was actually applied by Li Si. The reason may be that Li Si obtained Zhang San's ID card by illegal means and used it to deceive banks and communication operators, thus handling bank cards and mobile phone sim cards, and then completing identity authentication. Then use the electronic seal obtained by the above illegal means.
2. The signature verification stage is fraudulently used.
In this case, Zhang San applied for an electronic seal, but it was actually used by Li Si. The reason may be that Li Si obtained Zhang San's mobile phone through illegal means and knew Zhang San's mobile phone password. Therefore, using Zhang San's mobile phone to log in to the platform and signing with an electronic seal can also obtain the verification code simultaneously.
3. The certification body is not credible.
This is a very extreme situation. In this case, the certification body and its staff may forge the electronic seal by themselves or in collusion with others, and the information in the "signature attribute" will be unreliable.