The status of an electronic record or an electronic signature as secure may be challenged by evidence:
- (1) indicating that the security procedure agreed to between the parties is not commercially reasonable or was not implemented in a trustworthy manner; or
(2) that a security procedure not agreed to by the parties was not trustworthy because it was not:
- (a) unique to the party using it;
- (b) capable of identifying such party;
- (c) created in a manner or using a means under the sole control of the party using it; or
- (d) linked to the electronic record to which it related in a manner such that, if the record was changed, the electronic signature would be invalidated.