Ohio Rev. Code Ann. § 1306.18
(A) If there is a security procedure between the parties with respect to an electronic signature or electronic record, both of the following apply:
(2) In all other cases than those described in division (A)(1) of this section, if the parties agree to use or otherwise knowingly adopt a security procedure to verify the person from which an electronic signature or electronic record has been sent, the electronic signature or electronic record is attributable to the person identified by the security procedure, if the person relying on the attribution establishes all of the following:
(B) If the electronic signature or electronic record is not attributable to a party under section 1306.08 of the Revised Code but is attributable to the party under other provisions of this section, then, notwithstanding the other provisions of this section, the electronic signature or electronic record is not attributable to the party if the party establishes that the electronic signature or electronic record was caused directly or indirectly by a person meeting any of the following:
(C) If the parties use a commercially reasonable security procedure to detect errors or changes with respect to an electronic signature or electronic record, both of the following apply: