Identity Verification
KBA · ID Scan · QES · Liveness

Know exactly who's signing every time.

Zignature layers three independent verification methods — KBA, government ID + liveness, and Qualified Electronic Signatures — so you can dial up assurance to match the risk of any document, in any regulated industry.

NIST 800-63 IAL2 compliant — meets federal identity assurance standards

Required for RON — satisfies identity proofing laws in 40+ states

Tamper-evident audit trail — verification events attached to every completed document

Per-role configuration — set different verification levels for different signers

Start free — no card needed Talk to sales

Verification Assurance Stack

Qualified Electronic Signature eIDEasy · Level 3

EU eIDAS · Highest legal trust · Cross-border

Gov't ID + Liveness Stripe Identity · Level 2

Passport · Driver's license · Biometric match

Knowledge-Based Auth KBA · Level 1

Credit bureau data · Out-of-wallet questions · RON-compliant

99.3%

ID match accuracy

<90s

Avg. verify time

40+

RON states

Verification standards & compliance frameworks

NIST 800-63 IAL2
HIPAA
SOC 2 Type II
ESIGN Act
UETA
eIDAS QES
21 CFR Part 11
MISMO
Three Verification Methods

Pick the right level of assurance for every workflow

Not all documents carry the same risk. A routine NDA needs different controls than a real estate deed or a HIPAA authorization. Zignature gives you three proven identity verification methods — and lets you combine them.

Level 1 · KBA

Knowledge-Based Authentication

KBA verifies a signer's identity by generating multiple-choice questions drawn directly from credit bureau and public records data — information only the real person would know. Answers are evaluated in real time and scored against MISMO identity proofing standards.

Legally required for Remote Online Notarization in most states, KBA is the baseline identity assurance method that satisfies state RON statutes, MISMO standards, and NIST 800-63 Identity Assurance Level 2 (IAL2) requirements.

5 questions per session — drawn from address history, financial accounts, and public records
Real-time scoring — instant pass/fail result with detailed score breakdown
2 attempts maximum — attempt limit enforced at the session level to prevent gaming
RON-compliant — satisfies credential analysis + KBA requirements in 40+ states
Deep dive into KBA →

Sample KBA Session

Question 1 of 5 · Address History

Which of the following ZIP codes is associated with an address where you have lived?

78201
30309
90012
None of the above

Identity Verified · Score: 85/100

4 of 5 questions answered correctly

Government ID Verification Flow

1

Document capture

Signer photographs front + back of government-issued ID

2

OCR extraction + authenticity check

Name, DOB, ID number extracted and verified against issuer database

3

Liveness detection

Real-time selfie with anti-spoofing — no printed photos, masks, or screen replays

4

Biometric face match

Selfie compared to ID photo with 99.3% accuracy — result logged to audit trail

Identity Confirmed · Match: 98.7%

Liveness passed · Driver's license (FL) · Expires 2028

Level 2 · Biometric

Government ID + Liveness Detection

Powered by Stripe Identity, Zignature's government ID verification captures and verifies a real-world identity document — driver's license, passport, or state ID — then confirms the person presenting it is live and present using facial biometrics and anti-spoofing AI.

This method delivers IAL2+ assurance without requiring in-person appearance. It's ideal for high-value contracts, healthcare authorizations, financial transactions, and any workflow where a forged identity would carry material risk.

190+

Countries of ID supported

99.3%

Biometric match accuracy

<60s

Average verification time

0%

Liveness spoof pass rate

Level 3 · QES

Qualified Electronic Signatures

Qualified Electronic Signatures (QES) are the highest trust level under the EU eIDAS Regulation and are legally equivalent to a handwritten signature in all EU member states. They require identity proofing by a Qualified Trust Service Provider (QTSP) — a process that results in a certificate-backed signature that cannot be repudiated.

Zignature integrates with eIDEasy to offer QES for cross-border European transactions, regulated financial services, healthcare data exchanges, and public sector workflows where Advanced Electronic Signatures are not sufficient by law.

eIDEasy-powered — EU-listed Qualified Trust Service Provider
Legally equivalent to handwritten — in all EU member states by regulation
Certificate-backed — each signature contains a cryptographic certificate issued by the QTSP
PAdES / XAdES format — long-term validation (LTV) built in
Remote signing — no smart card or physical token required

eIDAS Signature Levels

QES — Qualified Highest

QTSP identity proofing · Certificate-backed · Legally equivalent to handwritten signature in EU

Level 3
AES — Advanced High

Uniquely linked to signatory · ID verification + liveness · Detects any subsequent change

Level 2
SES — Simple Standard

Standard e-signature · Email authentication · Suitable for most commercial contracts

Level 1
By Industry

Every regulated industry has its own verification standard

Zignature ships the right verification stack out of the box for healthcare, legal, financial services, HR, and more.

Real Estate & Mortgage

RON-compliant KBA satisfies state closing requirements. Pair with ID + liveness for high-value deeds and title transfers. MISMO-standard audit trail included.

KBA Required RON Compliant MISMO

Healthcare

HIPAA-compliant identity proofing for patient authorizations, PHI release forms, and telemedicine consent. BAA available. 21 CFR Part 11 audit trails for clinical workflows.

HIPAA BAA 21 CFR Part 11 PHI Safe

Financial Services

KYC-grade identity verification for account opening, investment agreements, and wealth management documents. Satisfies FINRA, SEC, and BSA/AML identity requirements.

KYC/AML FINRA SEC

Legal

Affidavits, depositions, power of attorney, estate planning, and notarized declarations all benefit from layered identity proofing. Admissible evidence in US courts under FRE 901.

Court-admissible FRE 901 Notarization

Human Resources

I-9 verification, offer letter signing, background check authorizations, and benefits enrollment. ID + liveness eliminates in-person I-9 requirements for remote workers.

I-9 Compliant Remote Hire EEOC

Government & Public Sector

NIST 800-63 IAL2 identity proofing for government benefit enrollment, permit applications, public records, and inter-agency document workflows. FedRAMP alignment in progress.

NIST 800-63 IAL2 FedRAMP

Compare verification methods

Choose the right method — or layer all three — based on your risk profile and compliance requirements.

Feature
KBA Level 1
ID + Liveness Level 2
QES Level 3
NIST 800-63 Level IAL2 IAL2+ IAL3
RON Compliant
Biometric verification
Physical ID required
EU eIDAS compliant
Tamper-evident audit log
Best for RON · Legal · Notarization Healthcare · Finance · HR EU cross-border · Regulated
Tamper-Evident Audit Trail

Every verification event.
Permanently recorded.

Zignature creates a cryptographically sealed audit log that captures every identity verification event — when it happened, what data was checked, what the result was, and who made the decision. This log travels with the document and is permanently attached to the completed PDF.

Admissible under ESIGN Act & UETA

Meets the electronic record attribution requirements of 15 U.S.C. § 7001 and UETA § 9.

SHA-256 document fingerprint

Any post-signing modification to the document or audit log is immediately detectable — cryptographic proof of integrity.

10-year retention with export

Audit logs are retained for a minimum of 10 years. Full CSV and PDF export available for discovery, compliance reviews, and audits.

audit_trail.json

{

"document_id": "doc_9Kx2mPqR...",

"sha256_fingerprint": "a8f3c1e9...",

"verification_events": [

{

"type": "kba_passed",

"timestamp": "2026-05-29T14:32:11Z",

"score": 85,

"attempt": 1,

"ip_address": "98.235.xx.xx"

},

{

"type": "identity_verified",

"method": "stripe_identity",

"document_type": "driver_license",

"match_score": 98.7,

"liveness": "passed"

}

]

}

Frequently asked questions

Everything you need to know about identity verification in document workflows.

What identity verification methods does Zignature support?
Zignature supports three layers: KBA (Knowledge-Based Authentication using credit bureau and public records data), Government ID + Liveness via Stripe Identity (document scan + biometric face match), and Qualified Electronic Signatures (QES) via eIDEasy (EU eIDAS highest-trust certificates). These can be configured individually or stacked per workflow and per-signer role.

Is Zignature's identity verification HIPAA compliant?
Yes. Zignature signs a Business Associate Agreement (BAA) with healthcare customers. All verification data — ID scans, liveness videos, KBA results — is encrypted in transit (TLS 1.3) and at rest (AES-256), access-controlled, and audit-logged. Verification data is never used for any purpose other than verifying the specific signer in your specific workflow.

What's the difference between KBA and ID verification?
KBA verifies identity through knowledge — asking out-of-wallet multiple choice questions from credit and public records. It requires no physical document but confirms the person has a real financial and residential history matching the claimed identity. ID verification physically verifies a government-issued document and confirms the live person presenting it matches the photo on that document using facial biometrics. Both are valid for RON; ID + liveness provides higher assurance and is better suited for high-value or regulated transactions.

When is identity verification legally required for document signing?
Remote Online Notarization (RON) legally requires identity proofing in all states with RON statutes — typically credential analysis plus KBA. HIPAA-regulated workflows require strong authentication for access to PHI. Financial industry (FINRA, SEC) often requires KYC-grade verification. High-value contracts, estate planning documents, and cross-border EU transactions may require QES. Zignature lets you configure required verification level per template, per workflow, or per signer role.

Does identity verification create a legal audit trail?
Yes. Every verification event is recorded in a tamper-evident audit log: KBA question set, score, attempt count, timestamp, and IP address; ID document type, OCR extraction result, biometric match confidence score; liveness result. This log is cryptographically sealed, attached to the completed document, and retained for 10 years. It's admissible as evidence under ESIGN Act (15 U.S.C. § 7001), UETA, and meets 21 CFR Part 11 requirements.

What is a Qualified Electronic Signature (QES)?
A QES is the highest trust level under the EU eIDAS Regulation (Regulation 910/2014). It requires identity proofing by a Qualified Trust Service Provider (QTSP) listed on the EU Trust List, and the resulting signature has the same legal effect as a handwritten signature across all EU member states. Zignature integrates with eIDEasy (a certified QTSP) to offer QES for cross-border European workflows, regulated financial services, and public sector transactions where AES is insufficient by law.

Can I require different verification levels for different signers on the same document?
Yes. Zignature's per-role verification settings let you configure different identity verification requirements for each signer role on the same template. For example: require KBA for the external borrower, ID + liveness for the co-signer, and SSO/MFA for your internal notary — all on the same loan document. This granularity means you match assurance levels to actual risk without friction for lower-risk signers.

Stop signing in the dark.
Know who's signing.

Start with KBA for RON, layer in ID + liveness for high-value workflows, and go full QES for EU cross-border deals — all in one platform.

Start free — no card needed Talk to sales

Used by legal teams, notaries, mortgage lenders, and healthcare operators in 40+ states.