網路銀行之第三人冒名轉帳的風險分配

The Risk Distribution in the Case of Abusive Account Transactions by Third Person in Online Banking

本研究之目的在於探討網路銀行之第三人冒名轉帳之風險究應如何合理分配之問題。本文首先說明匯款轉帳所涉及之多人法律關係，並分析網路銀行冒名轉帳之可能的類型態樣，尤其重要者，乃基於網路攻擊（例如網路釣魚、網址嫁接、中間人攻擊等）所生之冒用型態。而就第三人冒名轉帳之風險分配，本文得到以下結論：第一，民法委任契約一節中之民法第546條第1項規定應係冒用風險分配之基本原則。第二，實務上常援引作為風險分配之民法第310條第2款規定，本文認為應重新檢討其要件，並應限縮其適用範圍。第三，帳戶所有人（網路銀行使用者）於接受網路銀行服務時，應負有一定保護義務，而於其因可歸責於已之事由違反該義務並致銀行受有損害時，須對銀行負損害賠償責任。最後，本文於結論亦提出若干立法上之建議。

The Aim of this study is to discuss the risk distribution in the case of abusive account transactions by third person in Online-Banking. In the first part, this study analyzes legal relationship between the participant in the credit transfer and various forms of abusive account transactions by third person in Online-Banking, such as Internet attacks e.g., Phishing, Pharming and Man-in-the-middle attack. With regard to the issue of the risk distribution in event of abusive account transactions by third person, this study get the following conclusions: 1. The first paragraph of Art. 546 Civil Code in mandate relationship can be regarded as the principle of risk distribute. 2. In contrast to practical opinion Art. 310(2) Civil Code is to be applied strictly. 3. When the account owner, who participates in Online-Banking transactions, violates the collateral obligation, the bank is entitled to claim damages. In the last place, this study points out a number of legislation suggestions.