Section 5-11-69 - Identity proofing(a) If a remote online notary public does not have satisfactory evidence of the identity of a remotely located individual, the remote online notary public shall reasonably verify the remotely located individual's identity through two different types of identity proofing consisting of a multi-factor authentication procedure as provided in this section. The procedure shall analyze the remotely located individual's identity credential against trusted third-person data sources, bind the remotely located individual's identity to the remotely located individual following successful knowledge-based authentication, and permit the remote online notary public visually to compare the identity credential and the remotely located individual.(b) The analysis of the identity credential and the knowledge-based authentication shall conform to the following requirements: (1) Credential analysis. The analysis of an identity credential shall use public or private data sources to confirm the validity of the identity credential presented by a remotely located individual and shall, at a minimum:(A) Use automated software processes to aid the remote online notary public in verifying the identity of each remotely located individual;(B) Require that the identity credential passes an authenticity test, consistent with sound commercial practices that use appropriate technologies to confirm the integrity of visual, physical, or cryptographic security features and to confirm that the identity credential is not fraudulent or inappropriately modified;(C) Use information held or published by the issuing source or an authoritative source, as available and consistent with sound commercial practices, to confirm the validity of personal details and identity credential details; and(D) Enable the remote online notary public visually to compare for consistency the information and photograph on the identity credential and the remotely located individual as viewed by the remote online notary public in real time through communication technology; and(2) Knowledge-based authentication. A knowledge-based authentication is successful if it meets the following requirements: (A) The remotely located individual shall answer a quiz consisting of a minimum of five questions related to the remotely located individual1s personal history or identity formulated from public or private data sources;(B) Each question shall have a minimum of five possible answer choices;(C) At least eighty per cent of the questions shall be answered correctly;(D) All questions shall be answered within two minutes;(E) If the remotely located individual fails the first attempt, the remotely located individual may retake the quiz one time within twenty-four hours;(F) During a retake of the quiz, a minimum of forty per cent of the prior questions shall be replaced;(G) If the remotely located individual fails the second attempt, the remotely located individual is not allowed to retry with the same remote online notary public within twenty-four hours of the second failed attempt; and (H) The remote online notary public shall not be able to see or record the questions or answers.[Eff and comp 2/27/2022] (Auth: HRS §§ 28-10.8, 456-1.5, 456-8, 456-23) (Imp: HRS §§ 456-20, 456-23)