Certificate Hall

Certificate Safety Tips

For the purpose of using certificates correctly and trying to reduce the risk of your account, CFCA reminds the majority of cerificates users:
1. We recommend you use USB key to store certificates (Choose the CSP of USB key and connect USB key to the computer when downloading certificates).
2. To avoid using cerificates in public places or other people's computer. Immediately disconnect USB key from the computer when you have completed operation. Do not stay USB key on the computer for a long time.
3. You must keep cerificates password and USB key stored certificates properly to prevent the leakage of confidential information or to be stolen by others. If certificate is lost or the leakage of password occurred, you must report the loss of formalities in time to the branch applied for, re-apply the cerificate and/or reset password according to the rules.
4. Do not use simple password related to your personal data when setting password, include ID card number, birthday, telephone number and etc. Please regularly change you password.
5. Carefully read the Certificates Service Agreement to define your rights and obligations.
6. Provide real, integrated and exact identity information and other related information when apply for cerificates. Process the change formalities in time to the branch applied for when information changes.
7. Install the newest security patches of operation system and browser to improve the system security on your computer used certificates. Install personal firewall to prevent illegal access and malicious attack. Install and regularly update anti-virus software to avoid the newest virus infraction. Do not access unknown websites, download and install unknown softwares or run unknown applications.
8. Regularly access China Financial Certification Authority (CFCA) website to download and read newest CFCA Electronic Authority Practice Statement (CPS) and other related files.
9. We recommend that you should regularly check your fund changes in account through the online bank, ATM or mobile SMS service of banks.

Error Code	Error Info	Details
			None

(This agreement contains CFCA's disclaimer, please read it carefully)

Dear Users,

China Financial Certification Authority (hereinafter referred to as "CFCA") is an electronic certification service provider approved and established by the relevant state management authorities. As an authoritative third-party security certification authority, it issues digital certificates to users through the Registration Authority (hereinafter referred to as "RA?) to provide information security protection for their online transactions.

Users should read and agree to the "CFCA Digital Certificate Service Agreement" (hereinafter referred to as "this Agreement") before applying for the use of digital certificates issued by CFCA. This Agreement constitutes an agreement of rights and obligations between the User and China Financial Certification Authority. If the user/you do not agree to all or part of the terms of this Agreement, please do not apply for the use of CFCA digital certificate. Once the user/you completes the download or initial use of the CFCA digital certificate, he/she agrees to accept and is willing to comply with all the terms of this agreement and becomes a subscriber of the CFCA digital certificate (hereinafter referred to as "subscriber").

I. Subscribers' rights and obligations

1. Subscribers shall follow the principle of honesty and credit and shall provide true, complete and accurate information and materials when applying for a digital certificate from RA. The subscriber authorizes CFCA to keep the above personal information of the subscriber for at least 5 years after the expiration of the digital certificate, subject to the provisions of laws and administrative regulations.

2. Subscribers shall promptly notify CFCA or the former RA of any changes to the above information and data, and shall be responsible for any losses caused by the subscriber's intentionally or through negligence failing to notify CFCA or the former RA in a timely manner if the information provided by the subscriber is untrue, incomplete or inaccurate, or if the information is changed.

3. After passing the RA's audit and information registration, subscribers can obtain the digital certificate download credentials. Subscribers should keep the download credentials properly and use them to download the digital certificate into a secure container from the relevant website in person; subscribers can also entrust or authorize others to obtain and use the digital certificate through other secure means according to the law.

4. Subscribers must use the relevant software obtained through legal channels and use the digital certificate issued by CFCA legally. Subscriber use of the certificate shall be in accordance with the subscriber's true intentions or for the sole purpose of handling authorized transactions, and shall be legally responsible for the use of the digital certificate.

5. Subscribers shall take necessary measures to ensure the safe storage and backup of the private key or relevant password of the certificate. If the subscriber intentionally or negligently causes others to steal or fraudulently use the private key or password of the certificate, the subscriber shall bear the responsibility arising therefrom.

6. If subscriber's digital certificate private key, password or passphrase is leaked or lost, or if the subscriber decide not to continue to use the digital certificate, or if the subscriber does not exist, the subscriber or the legal right holder shall immediately apply to the former RA or CFCA for revocation of the certificate, and the relevant procedures shall follow the regulations of the former RA or CFCA. Once the certificate has been revoked, the subscriber will not be able to use the certificate again.

7. If subscribers damages the interests of CFCA, the subscriber shall compensate CFCA for all losses. These circumstances include but are not limited to :

①The subscriber fails to provide true, complete and accurate information when applying for a digital certificate, or fails to notify RA or CFCA in a timely manner when such information changes.

②The subscriber knows that his/her private key has been compromised or may have been compromised but fails to inform RA or CFCA in a timely manner and terminate its use.

③The subscriber has other faults or fails to fulfill the relevant agreement of this Agreement and violates the relevant laws and regulations.

8. Subscribers has the obligation to pay the digital certificate service fee on time, please consult RA for the fee standard.

9. If subscribers discovers or suspects that the authentication service provided by RA or CFCA has caused leakage and/or tampering of the subscriber's online transaction information, the subscriber shall submit a request for dispute handling to RA or CFCA and notify the relevant parties within 3 months.

II. CFCA's services, rights, obligations, limitation of liability and exemption from liability

1. CFCA has formulated the Certification Practice Statement (hereinafter referred to as "CPS") in accordance with the law and published them on CFCA's website (www.cfca.com.cn) to clarify the functions of CFCA digital certificates, the rights and obligations of the parties using the certificates and the scope of CFCA's responsibilities. The relevant terms of this agreement are derived from the CPS.

2. CFCA provides a 7x24-hour hotline support service (4008809888) for subscribers. To ensure the quality of our services, CFCA has set up a complaint line (010-80864105) and will respond to subscribers' comments and suggestions within 7 working days.

3. CFCA will guarantee the confidentiality, integrity and resistance to repudiation of transaction information under the condition that subscribers encrypts and signs the transaction information using a digital certificate through a security tool. In the event of a dispute, CFCA will assume the following obligations depending on the circumstances :

①Provide the CA certificate that issued the subscribers' digital certificate.

②Provide proof of whether the subscribers' digital certificate was on the digital certificate revocation list (i.e. CRL) issued by CFCA at the time of the transaction.

③Technical confirmation of the authenticity and integrity of the digital certificate, digital signature and time stamp.

4.The CFCA has the right to revoke the issued digital certificate if one of the following circumstances exists :

①The information provided by the subscriber when applying for the digital certificate is untrue.

②The subscriber fails to fulfill the obligations agreed in this agreement.

③The subscriber applies in writing for the revocation of the digital certificate

④The security of the certificate cannot be guaranteed.

⑤The subscriber's certificate is used for illegal or criminal acts.

⑥Other circumstances as stipulated by laws and administrative regulations.

5. CFCA will review the information submitted by subscribers when applying for a digital certificate, and provide relevant services during the life cycle of the certificate, and also provide enquiry services to relevant parties. Both CFCA and RA are obliged to protect the security of subscribers' personal information.

6. According to the provisions of the Electronic Signature Law, if a subscriber suffers losses due to civil activities based on the certification services provided by CFCA, unless CFCA can prove that the services it provides are implemented in accordance with the Electronic Signature Law and other relevant laws and regulations or the CPS that CFCA has filed with the competent authorities, CFCA will compensate accordingly in accordance with the law.

7. The maximum compensation for CFCA digital certificates applied by corporate subscribers is RMB 500,000.00; the maximum compensation for CFCA digital certificates applied by individual subscribers is RMB 20,000.00.

III. Other

1. In the event that the "former RA" is merged or abolished, i.e. the "former RA" ceases to exist, the business shall be accepted and carried out at a separately designated "new RA".

2. Subscribers are advised to frequently visit the CFCA website (www.cfca.com.cn) in order to keep abreast of CFCA's information on certificate management, CPS and the announcement of changes to this Agreement.

3. CFCA reserves the right to amend this Agreement and the amended Agreement will be posted on CFCA's website (www.cfca.com.cn). By continuing to use the digital certificate services provided by CFCA after one month from the date of publication of the amendments to this Agreement, subscribers agree to be bound by such amendments. If the subscriber does not accept the binding provisions of the Agreement, the subscriber may unilaterally apply in writing to RA to stop using the certificate within the above-mentioned period.

4. Disputes arising from the electronic authentication service under CFCA shall first be resolved through friendly negotiation between the parties, and if the parties cannot agree, either party may apply to the Beijing Arbitration Commission for arbitration, which shall be conducted in Beijing in accordance with the rules of the Commission, and the arbitral award shall be final and binding on either party.

5. This agreement shall take effect when the subscriber reads and agrees or completes the download or initial use of the CFCA digital certificate.

China Financial Certification Authority Co., Ltd.

(China Financial Certification Authority)

August 2022

Server Exception Occurred

CFCA Digital Certificate Service Agreement

CFCA Certificate Hall

Dear customers: