A Quick RONdown on Remote Online Notarization
As the digital landscape becomes ever more all-encompassing, it was only a matter of time before analogue processes in the title and escrow industry were given a digital “upgrade.” We're talking, of course, about RON-- Remote Online Notarization. With the driving force behind RON being ease-of-use, particularly in an increasingly remote-work environment, to ensure a solid ROI by cutting direct costs in the closing process, it's simple to see how one might view the eClosing as the next logical step for the industry. While we're not here to outright refute that, we are here to touch on an issue that has been overshadowed amidst all the excitement-- the issue of digital security.
While security issues are always present, and should always be accounted for, the breakneck pace of industry-wide digital developments is cause to brush up on your understanding of the security risks of all-digital business transactions.
First, the basics:
A quick rundown on a few different types of closings.
“Wet” Closing: Traditionally the most common, these closings are often held in the offices of the title company, with all parties present in-person. All-paper documents are signed with “wet” ink signatures.
Hybrid Closing: Typically takes place in-person, but with a mix of paper and digital documents. A third party system allows the option to eSign documents.
Remote Online Notary (RON) Closing: Typically entirely remote, with all parties connecting via a third party platform, eSigning all-digital documents, and using an online notary.
Know the risks:
With a wet closing, all documents and parties are physically present, substantially reducing the risk of fraudulent activity. Both hybrid and RON closings introduce the same potential risk factor: third-party software and hardware.
The recent HubSpot breach is a shining example of what can go wrong when bad actors hijack third-party software companies that house sensitive, and valuable, information. HubSpot being a CRM, and thus housing loads of financial information for numerous companies, makes it an obvious target. One could argue that remote online notaries would be an obvious target, as well.
To more clearly illustrate the wealth of security issues you should be aware of, lets take a look at the recently-implemented rules and regulations for remote online notaries in our home state of Louisiana. It's worth noting that Louisiana was initially among a group of states who were holding off on allowing RON, citing security concerns.
RON in Louisiana
At the beginning of the year, Louisiana added Section 144 under Chapter 46, Section 101 et seq. of the Administrative Code pertaining to Notaries Public. Section 144 deals specifically with the process of becoming an online notary, and the rules and regulations that follow.
We'll highlight some areas of note.
“Communication technology systems used to perform remote online notarization” must “include a communication encryption protocol and means of authentication that reasonably ensures that only the parties, participating witnesses, and notary public have access to the audio-video communication”
Additionally, the notary must:
“prevent unauthorized access to all of the following:
a. the live transmission of the audio-video communication;
b. any recording of the audio-video communication being stored or being transmitted by the communication technology;
c. the verification methods and credentials used to verify the indemnity of the party; and
d. the instrument presented for electronic notarization.”
While we have no doubt that qualified notaries have robust security protocols, the simple fact remains that RON introduces several additional potential weak spots. But with potentially four parties (buyer, seller, and two agents) connecting to the video session from their machine, using their own personal WiFi networks, it begs the question— is the RON held accountable if the buyer’s connection is compromised? The agent’s? It’s one thing to rely on the security protocols of a third-party software company, but what about the home WiFi network of the seller? You can take some steps to see that your connection is secure on your end, but from the language above, it remains that you're almost solely relying on third-party software to keep the closing as secure as possible, as well as the expectation, or hope, that every party present has taken steps to secure their own networks.
Rather than sounding the alarm, we're instead taking this opportunity to remind you that you should always pay extra concern wherever you're handing sensitive information over to third-party software.
Moving forward, whoever you may work with to perform a remote online notarization, be sure to ask them for more information on their security protocols, and keep in mind the potential vulnerabilities you open yourself up to when you hand off valuable data.