Main Content

Introduction

1. To better protect the interest of users of certification services and enhance their confidence in electronic transactions, a Voluntary Certification Authority Recognition Scheme was established pursuant to the Electronic Transactions Ordinance ("ETO"). Under this scheme, a certification authority ("CA") may voluntarily apply to the Government Chief Information Officer ("GCIO") for recognition and once recognized the CA shall comply with the requirements of the ETO and the Code of Practice for Recognized Certification Authorities ("Code of Practice") with a view to enhancing public confidence in electronic transaction with the use of recognized digital certificates issued by recognized CAs. Recognition will only be granted to those CAs that have reached a standard acceptable to the GCIO and hence the trustworthiness of their systems and services are better ensured. The GCIO may revoke a CA’s recognition status if the CA fails to comply with the ETO and the Code of Practice.
   
2. The list of CAs recognized under the ETO is available at the disclosure record that the GCIO maintains for the recognized CAs.