43 Tex. Admin. Code § 206.131

Current through Reg. 49, No. 45; November 8, 2024
Section 206.131 - Digital Certificates
(a) General. This section prescribes the requirements that govern the issuance, use, and revocation of digital certificates issued by the Texas Department of Motor Vehicles (department) for electronic commerce in eligible department programs. The provisions of 1 TAC Chapter 203, Subchapter B govern this section in the event of a conflict between that subchapter and a provision of this section.
(b) Definitions. The following words and terms, when used in this section, shall have the following meanings, unless the context clearly indicates otherwise.
(1) Business entity--An entity recognized by law through which business is conducted with the department, including a sole proprietorship, partnership, limited liability company, corporation, joint venture, educational institution, governmental agency, or non-profit organization.
(2) Certificate holder--An individual to whom a digital certificate is issued.
(3) Digital certificate--A certificate, as defined by 1 TAC § 203.1, issued by the department for purposes of electronic commerce.
(4) Digital signature--Has the same meaning assigned by 1 TAC § 203.1.
(5) Division director--The chief administrative officer of a division of the department.
(c) Program authorization. A division director may authorize the use of digital signatures for a particular program based on whether the applicable industries or organizations are using such technology, the frequency of document submission, and the appropriateness for the program. The solicitation documentation for eligible programs will include the information that digital signatures may be used.
(d) Application and issuance of digital certificate.
(1) A request for a digital certificate shall be in writing and shall be signed by the individual authorized by the business entity to request a digital certificate.
(2) The department may request information necessary to verify the identity of the individual requestor or the identity of the individual to whom the certificate is to be issued. To verify identity under this paragraph a person shall present:
(A) an unexpired Texas driver's license or unexpired personal identification certificate with a photograph;
(B) an unexpired license to carry a handgun issued by the Texas Department of Public Safety under Government Code, Chapter 411, Subchapter H;
(C) an unexpired United States passport;
(D) a United States citizenship (naturalization) certificate with identifiable photograph;
(E) an unexpired United States Customs and Border Protection document that:
(i) was issued for a period of at least one year;
(ii) is valid for not less than six months from the date it is presented to the department with a completed application; and
(iii) contains verifiable data and an identifiable photograph;
(F) an unexpired United States military identification card for active duty, reserve, or retired personnel with an identifiable photograph; or
(G) a foreign passport with a valid or expired visa issued by the United States Department of State with an unexpired United States Customs and Border Protection Form I-94:
(i) that was issued for a period of at least one year, is marked valid for a fixed duration, and is valid for not less than six months from the date it is presented to the department with a completed application; or
(ii) that is marked valid for the duration of the person's stay and is accompanied by appropriate documentation.
(3) The department may take actions necessary to confirm that the individual who signed the request is authorized to act on behalf of the business entity, including requiring the individual requestor or the person authorizing the request to personally appear at the department location responsible for the issuing of the certificate.
(4) The department shall issue a digital certificate only to an individual. Information identifying the business entity that authorized the issuance of the certificate may be embedded in the digital certificate.
(e) Refusal to issue a digital certificate. The department shall not issue a digital certificate if the identity of the individual to whom the certificate is to be issued, or the identity of the individual requesting the certificate on behalf of a business entity, cannot be established. The department will not issue a digital certificate if the business entity on whose behalf the request is allegedly being made does not authorize its issuance.
(f) Responsibilities of certificate holder. A certificate holder shall:
(1) maintain the security of the digital certificate;
(2) use the certificate solely for the purpose for which it was issued; and
(3) renew the certificate in a timely manner, if continued use is intended.
(g) Responsibilities of business entity. A business entity is responsible for:
(1) determining what individual may request a certificate for the business entity;
(2) determining to what individual a certificate is to be issued; and
(3) requesting within a reasonable time the revocation of the business entity's digital certificate if the security of the certificate has been compromised or if the business entity is changing its certificate holder.
(h) Revocation of certificate. The department shall revoke a digital certificate:
(1) upon receipt of a written request for revocation of the business entity's digital certificate, signed by an individual authorized to act on behalf of the business entity for which it was issued;
(2) for suspension or debarment of the individual or business entity; or
(3) if the department has reason to believe that continued use of the digital certificate would present a security risk.
(i) Use of digital certificate.
(1) A digital certificate issued by the department shall only be used for the purpose of digitally signing electronic documents filed with the department. Use of a digital certificate is binding on the individual to whom the certificate was issued and the represented business entity, as if the document were signed manually.
(2) The department may use the digital certificate to identify the certificate holder when granting or verifying access to secure computer systems used for electronic commerce.
(j) Forms. The department may prescribe forms to request, modify, or revoke a digital certificate.

43 Tex. Admin. Code § 206.131

The provisions of this §206.131 adopted to be effective February 4, 2010, 35 TexReg 654; Amended by Texas Register, Volume 40, Number 25, June 19, 2015, TexReg 4002, eff. 6/25/2015; Amended by Texas Register, Volume 42, Number 25, June 23, 2017, TexReg 3272, eff. 7/2/2017; Amended by Texas Register, Volume 49, Number 17, April 26, 2024, TexReg 2702, eff. 6/1/2024