Current through September 24, 2024
(1) Identity
proofing and credential analysis must be performed by a third party who has
provided evidence to the online notary public of the ability to satisfy the
requirements of this chapter.
(2)
Requirements for Credential Analysis.
A credential is a non-military identification card or other
document issued by the United States government, any state government, or a
passport issued by a foreign government that has been stamped by the United
States immigration and naturalization service. In order to be valid, the
credential must also be unexpired and contain the photograph and signature of
the principal. Credential analysis is the process by which the validity of a
non-military government-issued identification credential is verified.
Credential analysis is performed utilizing public and proprietary data sources
to verify the credential presented by the principal. Credential analysis shall,
at a minimum:
(a) Use automated
processes to aid the online notary public in verifying the identity of a
principal;
(b) Ensure that the
credential passes an authenticity test, consistent with sound commercial
practices that:
1. Use appropriate
technologies to confirm the integrity of visual, physical or cryptographic
security features;
2. Use
appropriate technologies to confirm that the credential is not fraudulent or
inappropriately modified;
3. Use
reasonable efforts to utilize information held or published by the issuing
source or authoritative source(s), as made generally available for commercial
purposes, to confirm the validity of personal details and credential details;
and,
4. Provide output of the
authenticity test to the online notary public; and
(c) Enable the online notary public to
visually compare the following for consistency: the information and photo
presented on the credential itself and the principal as viewed by the online
notary public in real time through audio-visual transmission.
(3) Requirements for Identity
Proofing.
Identity proofing is the process by which the identity of an
individual is affirmed by a third party through review of public and
proprietary data sources. Identity proofing is performed through dynamic
Knowledge Based Authentication (KBA) which meets the following
requirements:
(a) The principal must
answer a quiz consisting of a minimum of five (5) questions related to the
principal's personal history or identity, formulated from public and
proprietary data sources;
(b) Each
question must have a minimum of five (5) possible answer choices;
(c) At least 80% of questions must be
answered correctly;
(d) All
questions must be answered within two (2) minutes;
(e) If the principal fails in his or her
first attempt, the principal may retake the quiz one time within 24
hours;
(f) During the second
attempt, a minimum of 60% of the prior questions must be replaced;
and
(g) If the principal fails in
his or her second attempt, the principal is not permitted to retry with the
same online notary public for a period of 24 hours.
(4) If the principal must exit the workflow,
the principal must meet the criteria outlined in this section and must restart
the identity proofing and credential analysis from the beginning.
(5) An online notarization system used to
perform online notarial acts by means of two-way audio-video communication
shall:
(a) Provide for continuous, synchronous
audio-visual feeds;
(b) Provide
sufficient video resolution and audio clarity to enable the online notary
public and the principal to see and speak with each other simultaneously
through live, realtime transmission;
(c) Provide sufficient captured image
resolution for credential analysis to be performed in accordance with these
rules;
(d) Include a means of
authentication that reasonably ensures only authorized parties have access to
the audio-video communication;
(e)
Provide some manner of ensuring that the electronic record presented for online
notarization is the same record electronically signed by the
principal;
(f) Be capable of
securely creating and storing or transmitting securely to be stored an
electronic recording of the audio-video communication, keeping confidential the
questions asked as part of any identity proofing quiz and the means and methods
used to generate the credential analysis output; and
(g) Provide reasonable security measures to
prevent unauthorized access to:
1. The live
transmission of the audio-video communication;
2. A recording of the audio-video
communication;
3. The verification
methods and credentials used to verify the identity of the principal;
and
4. The electronic documents
presented for online notarization.
Authority: T.C.A. §§
8-16-301, et seq.
(Public Chapter 931, effective April 18, 2018).
