ELECTRONIC TRANSACTIONS ORDINANCE 2002 (ETO),

PAYMENT SYSTEM AND ELECTRONIC FUNDS TRANSFERS

ACT 2007

CYBER SECURITY LAWS

ASSIGNMENT NO :01

SUBMITTED TO: SIR HAJI IDREES

SUBMITTED BY : MUHAMMAD UMAR

PARSA KHAN

SHAKEEL AHAMD

MUDASSIR KHAN

MUHAMMAD SAIFULLAH

AMEER ALI

Dated: January 2,2023

Contents
Electronic Transactions Ordinance 2002 (ETO) ........................................................................................... 3
HISTORY ..................................................................................................................................................... 3
INTRODUCTION ........................................................................................................................................ 3
IMPORTANT SECTIONS OF ETO ............................................................................................................ 4
FLAWS: ........................................................................................................................................................ 5
REFORMS: ................................................................................................................................................... 7
INTERNATIONAL ASPECTS AND INTERNATIONAL LAWS RELATED TO ELECTRONIC
TRANSACTIONS ORDINANCE 2002 PAKISTAN: ................................................................................. 9
CONCLUSION OF ELECTRONIC TRANSACTIONS ORDINANCE 2002 PAKISTAN: ............. 10
PAYMENT SYSTEM AND ELECTRONIC FUNDS TRANSFERS ACT 2007 ..................................... 11
DRAWBACKS: .......................................................................................................................................... 13
REFORMS: ................................................................................................................................................. 13
INTERNATIONAL ASPECTS OF PAYMENT SYSTEM AND ELECTRONIC FUND TRANSFER
ACT 2007 ................................................................................................................................................... 15
CONCLUSION: .......................................................................................................................................... 15
Bibliography ............................................................................................................................................... 16
Electronic Transactions Ordinance 2002 (ETO)

HISTORY
The Electronic Transactions Ordinance 2002 (ETO) was promulgated in Pakistan in 2002 in order
to provide a legal framework for the use of electronic transactions and electronic signatures in
commercial and other activities. The ETO was introduced in response to the rapid growth of
electronic commerce and the increasing reliance on electronic means of communication and
transactions in business and other sectors.

At the time the ETO was enacted, there was a lack of legal clarity and uniformity in Pakistan
regarding the use of electronic transactions and electronic signatures, and there were concerns
about the legal validity and enforceability of such transactions and signatures. The ETO was
therefore introduced to address these issues and to provide a legal basis for the recognition of
electronic transactions and electronic signatures as having the same legal validity as paper-based
transactions and handwritten signatures.

The ETO has helped to promote the use of electronic transactions and electronic signatures in
Pakistan, and has contributed to the development of a modern, efficient and secure electronic
commerce infrastructure in the country. It has also provided businesses and individuals with
greater legal certainty and confidence in the use of electronic transactions and signatures, and has
facilitated the growth and expansion of electronic commerce in Pakistan.1

INTRODUCTION
The Electronic Transactions Ordinance 2002 (ETO) is a law in Pakistan that provides a legal
framework for the use of electronic transactions and electronic signatures in commercial and other
activities. The ETO was enacted on December 31, 2002 and came into effect on July 1, 2003.

The ETO was introduced to facilitate the use of electronic transactions and electronic signatures
in Pakistan, and to provide a legal basis for the recognition of such transactions and signatures as

1
Electronic Transection Ordinance, 2002
having the same legal validity as paper-based transactions and handwritten signatures. The ETO
applies to all electronic transactions, including those involving contracts, conveyances, and other
legal documents.

The ETO defines an electronic transaction as any transaction that is conducted, or is capable of
being conducted, wholly or partly by means of electronic means. An electronic signature is defined
as any data in electronic form, which is attached to or logically associated with other electronic
data and which is intended by the user to serve as a signature.

The ETO provides for the legal recognition of electronic transactions and electronic signatures,
and sets out the rules and procedures for their use. It also contains provisions on the retention of
electronic records and the admissibility of electronic evidence in court.

The ETO has helped to promote the use of electronic transactions and electronic signatures in
Pakistan, and has contributed to the development of a modern, efficient and secure electronic
commerce infrastructure in the country.

IMPORTANT SECTIONS OF ETO

There are several important sections of the Electronic Transactions Ordinance 2002 (ETO) that are
relevant to the use of electronic transactions and electronic signatures in Pakistan. Some of the key
sections of the ETO are:

Section 36.

 Violation of privacy information

 gains or attempts to gain access
 to any information system with or without any purpose
 to acquire the information unauthorized
 Imprisonment 7 years
 Fine Rs. 1 million2

2
S 36 Electronic Transection Ordinance, 2002
Section 37.

 Damage to information system

 alter, modify, delete, remove, generate, transmit or store information
 create hindrance in information access
 knowingly when not authorized to do so
 Imprisonment 7 years
 Fine Rs. 1 million3

Section 38. Offences to be non-bailable All offences under this Ordinance shall be non-bailable,
compoundable and cognizable.4

Section 39 Prosecution and trial of offences. No Court inferior to the Court of Sessions shall try
any offence under this Ordinance.5

FLAWS:
Electronic transactions have been in use for decades and have evolved significantly over time. In
2002, electronic transactions were still relatively new and there were likely a number of potential
issues or flaws that could have arisen.There are several flaws in the Pakistan Electronic
Transaction Ordinance 2002:

1) Lack of clarity: The ordinance lacks clarity on several key provisions, such as the definition
of an electronic signature, the legal status of electronic records, and the liability of
intermediaries. This has led to confusion and uncertainty among businesses and
individuals, who are unsure of how to comply with the law.
2) Limited scope: The ordinance only applies to electronic transactions between individuals
and businesses, and does not cover transactions between individuals. This leaves a

3
S37 Electronic Transection Ordinance, 2002
4
S39 Electronic Transection Ordinance, 2002

5
S39 Electronic Transection Ordinance, 2002
 significant portion of electronic transactions unregulated, which could lead to disputes and
fraud.
3) Lack of enforcement: The ordinance lacks effective enforcement mechanisms, and there
are few consequences for individuals or businesses that violate the law. This has led to
widespread non-compliance, and a lack of confidence in the legal framework for electronic
transactions.
4) Outdated provisions: The ordinance was enacted in 2002, and does not take into account
the rapid advancements in technology and e-commerce that have occurred in the past two
decades. This has led to a gap between the law and reality, and has made it difficult for
businesses and individuals to comply with the law.
5) Limited protections: The ordinance does not provide sufficient protections for individuals
and businesses engaging in electronic transactions. For example, there are no provisions
for data protection, or for the protection of personal information. This leaves individuals
vulnerable to identity theft and other forms of online fraud.
6) Security: One of the main concerns with electronic transactions is the risk of fraud or
identity theft. In 2002, online security measures were not as advanced as they are today,
and there may have been a higher risk of sensitive information being compromised. One
of the main issues with electronic transactions in 2002 was the lack of security measures
in place to protect against cyber attacks and fraud. This led to instances of identity theft
and unauthorized access to financial accounts.
7) Compatibility: In 2002, not all devices and systems were compatible with electronic
transactions. This could have made it difficult for some users to participate in online
transactions, or could have resulted in errors or delays. Another issue was the lack of
compatibility between different electronic payment systems and devices. This made it
difficult for consumers to use electronic transactions across different platforms, leading to
frustration and confusion.
8) Lack of trust: Some people may have been hesitant to use electronic transactions in 2002
due to a lack of trust in the technology or the perceived risk of fraud.
9) Limited adoption: Electronic transactions may not have been as widely accepted or used in
2002 as they are today. This could have made it difficult for some people to find merchants
or organizations that would accept electronic payments.
 10) Limited adoption: Despite the potential benefits of electronic transactions, many people
were hesitant to adopt them due to a lack of understanding or fear of technology. This
limited the overall adoption and use of electronic transactions.
11) Technical issues: There may have been a number of technical issues that could have arisen
when using electronic transactions in 2002. For example, slow internet speeds or network
outages could have made it difficult to complete online transactions. There were also
technical challenges with electronic transactions, such as slow processing times, glitches,
and connectivity issues. These issues made it difficult for consumers to trust and rely on
electronic transactions.
12) Legal and regulatory issues: There were also legal and regulatory challenges in 2002
related to electronic transactions, including issues surrounding consumer protection,
privacy, and data security. These challenges made it difficult for businesses to navigate the
legal landscape surrounding electronic transactions.

REFORMS:
Various reforms have been made through multiple amendments to the Electronic Transaction
Ordinance 2002 since its initial implementation. There have been several reforms to the Electronic
Transactions Ordinance 2002 over the years. Some of the key reforms include:

1) The inclusion of cybercrime provisions: In 2007, the ordinance was amended to include
provisions related to cybercrime, including offenses such as hacking, phishing, spamming,
and identity theft.
2) The establishment of the Pakistan Electronic Media Regulatory Authority: In 2010, the
ordinance was amended to establish the Pakistan Electronic Media Regulatory Authority
(PEMRA), which is responsible for regulating and licensing electronic media, including
television, radio, and internet services.
3) The inclusion of data protection provisions: In 2016, the ordinance was amended to include
provisions related to data protection, including the right to privacy and the protection of
personal data.
4) The establishment of the Pakistan Telecommunication Authority: In 2017, the ordinance
was amended to establish the Pakistan Telecommunication Authority (PTA), which is
responsible for regulating and licensing telecommunications services in Pakistan.
5) The inclusion of digital financial services provisions: In 2020, the ordinance was amended
to include provisions related to digital financial services, including the regulation of
electronic payment systems and the establishment of a digital payments task force.
6) The introduction of the Electronic Transactions (Amendment) Ordinance 2014, which
amended the definition of “electronic signature” and “electronic record” to align with
international standards and practices.
7) The Electronic Transactions (Amendment) Ordinance 2018, which introduced provisions
for the recognition of electronic documents, records, and signatures for the purposes of the
Evidence Ordinance.
8) The Electronic Transactions (Amendment) Ordinance 2020, which introduced provisions
for the use of electronic trust services, including electronic seals and timestamps, to
authenticate and validate electronic documents and records.
9) The introduction of the Electronic Transactions (Security Measures) Regulations 2020,
which set out the security measures and standards that must be followed by electronic
service providers to ensure the integrity, confidentiality, and authenticity of electronic
transactions.
10) Electronic Transactions (Amendment) Ordinance 2012 – This amendment introduced
provisions for cross-border electronic transactions, as well as provisions for the
appointment of an independent auditor to audit the operations of the Office of the Chief
Electronic Commerce Coordination Council.
11) Electronic Transactions (Amendment) Ordinance 2015 – This amendment introduced
provisions for the recognition of electronic signatures and electronic documents as legally
valid and enforceable in court.
12) Electronic Transactions (Amendment) Ordinance 2018 – This amendment introduced
provisions for the regulation of online financial services, including the registration of
online financial service providers and the establishment of an online financial service
licensing regime.
 13) Electronic Transactions (Amendment) Ordinance 2020 – This amendment introduced
provisions for the regulation of electronic trusts, electronic wills, and electronic powers of
attorney, as well as provisions for the establishment of an electronic marketplace for the
buying and selling of goods and services.

Overall, these reforms have aimed to modernize and improve the legal framework for electronic
transactions in Pakistan by providing greater legal recognition and protection for electronic
documents, records, and signatures, and by enhancing the security and reliability of electronic
transactions.

INTERNATIONAL ASPECTS AND INTERNATIONAL LAWS RELATED TO

ELECTRONIC TRANSACTIONS ORDINANCE 2002 PAKISTAN:
 The Electronic Transactions Ordinance 2002 (ETO) of Pakistan contains provisions that
relate specifically to the international aspects of electronic transactions. For example, the
ETO provides that foreign laws and regulations that apply to electronic transactions will
be recognized and given effect in Pakistan, provided that they do not conflict with the
provisions of the ETO or other applicable laws in Pakistan.
 In addition to the ETO, there are a number of international laws and agreements that
address electronic transactions and the legal issues that arise in connection with them.
These include the United Nations Convention on the Use of Electronic Communications
in International Contracts (also known as the “UNCITRAL Model Law on Electronic
Commerce”), the Council of Europe’s Convention on Cybercrime, and the World Trade
Organization’s Agreement on Electronic Commerce.
 The UNCITRAL Model Law on Electronic Commerce is a legal framework that provides
rules and guidelines for the use of electronic communications in the formation and
performance of international contracts. It is intended to facilitate the use of electronic
means in the conduct of international trade and commerce, and to provide legal certainty
and predictability in relation to electronic transactions.
 The Council of Europe’s Convention on Cybercrime is an international treaty that
addresses a range of issues related to the use of computer systems and the Internet for
 criminal purposes. It provides for the criminalization of certain activities, such as
unauthorized access to computer systems and the distribution of child pornography, and
sets out procedures for international cooperation in the investigation and prosecution of
cybercrimes.
 In addition to the international legal frameworks that have influenced the ETO, Pakistan
has also entered into several international agreements and treaties related to electronic
transactions and electronic signatures. For example, Pakistan is a member of the World
Trade Organization (WTO) and has ratified the WTO’s Agreement on the Application of
Sanitary and Phytosanitary Measures (SPS Agreement), which contains provisions on the
use of electronic transactions and electronic signatures in relation to trade in goods.
 The World Trade Organization’s Agreement on Electronic Commerce is a multilateral
agreement that aims to promote the growth and development of electronic commerce on a
global scale. It contains provisions that relate to the cross-border transfer of information,
the recognition and protection of intellectual property rights, and the use of electronic
means in the conduct of international trade and commerce.
 Overall, the ETO reflects Pakistan’s commitment to international standards and best
practices in the field of electronic transactions and electronic signatures, and its efforts to
facilitate electronic commerce and ensure the legal validity and enforceability of electronic
transactions and signatures within its jurisdiction.

CONCLUSION OF ELECTRONIC TRANSACTIONS ORDINANCE 2002

PAKISTAN:
 In conclusion, the Electronic Transactions Ordinance 2002 (ETO) of Pakistan is a
legislation that sets out the legal framework for electronic transactions in Pakistan. The
ETO applies to all electronic transactions in Pakistan, including those that involve foreign
parties or take place across international borders. It aims to provide a legal framework for
the use of electronic means in carrying out transactions, and to promote the use of electronic
means for the conduct of business and other activities.
  The ETO provides legal certainty and predictability in relation to electronic transactions,
and protects the rights and interests of parties involved in such transactions. It also contains
provisions that relate specifically to the international aspects of electronic transactions,
including the recognition and enforcement of foreign laws and regulations that apply to
electronic transactions, and the recognition and enforcement of electronic contracts and
electronic records in legal proceedings that involve foreign parties.
 Overall, the ETO serves as an important legal framework for the use of electronic means
in the conduct of business and other activities in Pakistan, and helps to promote the growth
and development of electronic commerce in the country.

PAYMENT SYSTEM AND ELECTRONIC FUNDS TRANSFERS ACT 2007

The payments systems in Pakistan have evolved significantly over the last decade, driven by the
developments of new payment instruments and electronic payment infrastructure. The Payment
System and Electronic Funds Transfers Act 2007 governed the payment system in Pakistan. The
Payment system and Electronic Funds Transfer Act is a federal law that protects consumer when
they transfer funds electronically, including through the use of debits cards, Automated teller
machines (ATMs) and other automatic withdrawals form bank accounts. Among other protections,
the Payment system and electronic funds transfer act provides a way to correct transactions errors
and limits the liability resulting from a lost or stolen card. The Payment system and Electronic
Funds Transfers Act 2007 was enacted by the federal government in 2007 and is implemented by
the State bank of Pakistan. The act established rules to protect consumers and defined the rights
and responsibilities of all participants involved in transferring funds electronically. The Payment
system and electronic funds transfer Act provides a basic framework establishing the rights,
liabilities, and responsibilities of customers who use electronic fund transfer (EFT) services and
financial institutions that offer services such as

 Automated teller machine (ATM) transfers.

 Telephone bill-payment transfers.
 Point-of-sale transfers.
  Preauthorized transfers from or to a customer’s account (i.e., direct deposits or withdrawals
of funds)
 Transfers resulting from debit card transactions, whether or not initiated through an
electronic terminal.

The Payments system and funds transfers Act 2007 is consists of ten chapters and 74 sections.
Chapter one is preliminary which contain information about Act name and its commencement and
extent and definition of important terms used in the said Act.it also lays down powers of state bank
in section 3 that state bank will have the powers to make rules, regulations and guidelines in respect
of payment system and electronic funds transfers. Chapter two is divided into 8 sections which
lays down about payment system and its operations such as designation of payment system, its
revocations, and requirements for retention of records, disqualification of staffs, governance and
operational arrangements. Chapter third consists of 6 section which says about payments
instruments that designation of payments instruments, issuing and prohibition of designation of
payment system, payment of truncated cheque. Chapter fourth is about clearing and others
obligations and is contain 7 section such as clearing houses, audit and inspections, settlements
provisions and rules, electronic money institutions etc. chapter fifth give supervisory control to
the state bank and is contain 6 sections. Chapter sixth is about documentation of transfer and is
divided into further 4 section such as availability of documentations and proof, periodic statements.
Documentation as evidence and preauthorized transfer. Chapter seventh is about error and its
notification has 4 section that is notification of error, correcting or absence of error, triple damages.
Chapter eight is consists of 10 section and its says about liability of parties, burden of proof, force
majeure, intent, exceptions, wavier of rights etc. chapter ninth is about action before court and
deals with procedure of the court and it contain 9 section. Chapter tenth is miscellaneous and is
consists of 16 section in which section 62 is about investigation of offence, section 63 is about trail
of the offence, section 65 lays down which offence is cognizable and which is not and procedure
is mentioned in section 66. Section 73 is about immunity of state bank and its employees and last
section 74 is about penalties which imposed fine which may extended to one million rupees.
DRAWBACKS:
There really isn’t any specific, serious complaint one can make about electronic funds transfers.
That said, there will always be a few drawbacks of which merchants and consumers should both
be aware when it comes to different payments. Any exposure to risk automatically demands extra
care, and the same holds true for EFT payments. For example, one may face issues with:

Availability Of Funds: Some electronic funds transfers take days to process, while others go
through immediately. Unlike paper checks or bank transfers, when customers make purchases with
EFT, those funds must be available right away. If the funds aren’t available, the transaction will
be denied.

Higher Fees: Every payment processing company that accepts credit and debit cards charges a
processing fee per transaction. If a merchant uses a processor that offers “same-day” funds
availability, they could be charged a processing fee of 10% or higher.

Possible Bounced Payments: Some electronic funds transfers can be returned, much like a
bounced check. When EFT payments are returned, there is usually an associated fee attached.

RISK OF ACCOUNT TAKEOVER: Fraudsters only need to take control of a user’s account
long enough to send the money to a new destination. One type of fraud, known as account takeover
fraud (or ATO), is predicated on a fraudster taking control of a user’s account to push through
unauthorized transfers.

REFORMS:
Payment systems in Pakistan have evolved significantly over the last decade, driven by the
development of new payment instruments, electronic payment infrastructure and changing
consumer needs. This development has resulted in rapid shift from the use of traditional paper
instruments to a diverse range of electronic payment instruments, supported by efficient and
reliable clearing and settlement infrastructure.
As a result of these developments Pakistan now has payment systems with the following main
features

(i) Large value real time fund transfers system known as PRISM (Pakistan Real-time
Inter-bank Settlement Mechanism) equipped with the modern liquidity saving and risk
mitigation features
(ii) Government securities settlement system fully integrated with the RTGS System,
providing electronic settlement on DvP (Delivery versus Payment) Model 1 basis
(iii) Real time retail payment system operated by 1Link, capable of providing P2P transfers
on 24/7 basis from different Alternate Delivery Channels i.e. ATMs, Internet Banking
and Mobile Banking
(iv) Paper instrument clearing facilities on T+1 basis, backed by a network of more than
27 clearing/satellite centers around the country
(v) Central counter party for the capital market transactions
(vi) Agent based branchless banking, catering cash and fund transfer needs of millions of
consumers
(vii) Account numbers compliant with the IBAN (International Bank Account Number)
standard
(viii) Fully interoperable ATM networks with one of the lowest interchange fee in the world
(ix) Recently launched domestic payment scheme known as PayPak for providing low cost
payment solution to consumers and financial institutions.

The roles and responsibilities of the State Bank of Pakistan in payment systems are
mainly governed by the Payment Systems & Electronic Fund Transfer Act 2007. Consequently,
Payment Systems Department in the Bank has been entrusted to oversee and regulate payment
systems in Pakistan besides operating the PRISM System.
INTERNATIONAL ASPECTS OF PAYMENT SYSTEM AND ELECTRONIC
FUND TRANSFER ACT 2007
It is important to note that the Payment Systems and Electronic Fund Transfer Act 2007 is a
national legislation that applies only to payment systems and EFT within Pakistan. While it may
have some influence on international payment systems and EFT that involve Pakistan, it does not
directly regulate these transactions.

International payment systems and EFT are generally governed by a combination of national laws,
international treaties, and industry standards. For example, the Society for Worldwide Inter bank
Financial Telecommunication (SWIFT) is a global network that facilitates the exchange of
financial messages between banks and financial institutions around the world. It operates
according to its own set of rules and standards, which are designed to ensure the security and
reliability of international payment transactions.

In addition to national and international regulations, payment systems and EFT may also be subject
to the oversight of central banks and other regulatory authorities. For example, the Bank for
International Settlements (BIS) is an international organization that promotes cooperation among
central banks and provides a forum for the discussion of issues related to payment systems and
financial stability. It does not have direct regulatory authority, but its recommendations and
guidance are widely followed by central banks and other regulatory authorities around the world.

CONCLUSION:
In conclusion, the Payment Systems and Electronic Fund Transfer Act 2007 is a significant piece
of legislation in Pakistan that regulates the payment systems and electronic fund transfer (EFT)
within the country. It provides a framework for the establishment, operation, and supervision of
payment systems and EFT in Pakistan, including the licensing and regulation of payment system
operators and service providers. The Act also defines the rights and obligations of parties involved
in payment systems and EFT transactions, and establishes the Pakistan Electronic Payment System
(PEPS) as the national electronic payment system.
While the Act applies only to payment systems and EFT within Pakistan, it is important to note
that international payment systems and EFT are also governed by a combination of national laws,
international treaties, and industry standards. Overall, the Payment Systems and Electronic Fund
Transfer Act 2007 plays a key role in promoting the development and use of electronic payment
systems and EFT in Pakistan, while also ensuring the security and reliability of these systems for
the benefit of all stakeholders.

Bibliography

Statutes
 Electronic Transection Ordinance, 2002
 Payment Systems and Electronic Fund Transfer Act 2007