7.3 RON Identity Verification

The Three Identity Pathways in RON

Because the signer is not physically present, RULONA gives a Pennsylvania notary three ways to confirm the identity of a remotely located individual. The notary needs only one of these pathways for a given act:

The third pathway is what makes RON distinctive. "Two identity-proofing processes" does not mean showing the same ID twice — it means two different methods, almost always credential analysis combined with dynamic knowledge-based authentication. Both must succeed during the session.

Credential Analysis

Credential analysis is an automated process in which the signer presents a government-issued photo identification — such as a driver's license, state ID, or passport — to the camera, and the platform captures and analyzes the credential for validity.

Credential analysis answers the question, "Is this a real, valid ID, and does it match the face on the screen?" It is one of the two required processes — but, by itself, it is not enough.

Dynamic Knowledge-Based Authentication (KBA)

Dynamic KBA asks the individual a set of targeted personal-history questions drawn in real time from third-party data sources — questions "that are targeted to the specific individual and cannot be reasonably anticipated or guessed by another individual." The word dynamic is key: the questions are generated on the spot, not pre-scripted, so a fraudster cannot prepare answers in advance.

KBA answers a different question than credential analysis: "Does this person actually know the life details of the identity they are claiming?" Because the two processes test different things — a valid document and private knowledge — pairing them is what satisfies the "two different processes" rule.

Why Two Different Types Are Required

The statute deliberately demands processes of different kinds because each defends against a different fraud. Credential analysis defeats someone who lacks any genuine ID but cannot defeat an impostor holding a stolen, genuine license. Dynamic KBA defeats the impostor who has the stolen ID but does not know the victim's loan history or former addresses. Used together, an attacker would need both a genuine credential and the victim's private life data — a far higher bar.

This is why running credential analysis twice, or asking the signer to show two different IDs, does not satisfy the rule: both are the same type of process and defend against the same single threat.

Credible Witnesses in a Remote Setting

A credible witness can substitute for the two-process route. In RON, the witness may appear in either of two ways:

• Physically with the notary, while the signer appears remotely; or
• Appearing remotely alongside the signer, on the same audio-visual session.

In every case the witness must personally know the signer, must vouch on oath or affirmation, and must themselves be identified by the notary (by personal knowledge or by satisfactory evidence). A witness with a beneficial interest in the transaction is disqualified, exactly as in traditional notarization.

When Identity Fails

Identity verification is a gate, not a formality. If a credential is rejected, the photo does not match the live person, or the signer fails KBA, the notary has not established identity and must refuse to complete the RON.

The notary may suggest the signer try again later or pursue an in-person notarization, but the notary may never "vouch through" a failed check.

Exam Focus

• Three pathways: personal knowledge, credible witness on oath/affirmation, or two identity-proofing processes.
• The two processes are different types — typically credential analysis + dynamic KBA.
• Dynamic KBA = real-time, unanticipatable questions; credential analysis validates a government photo ID and matches the face.
• Failed identity = must refuse the act.