Skip to content

Multifactor Authentication as Demonstrable Consent?

Answered by: 

Question: 
Management is searching for a way to use the internet sign-in process by customers (two factor authentication) as "demonstrable consent" for purposes of E-Sign. I am seeking support for why multi-factor alone cannot be used as demonstrable consent, verifying that the customer was able to receive and read materials sent to them.
Answer: 

What does multi-factor authentication do to demonstrate that your customer can access a document in the format you will use to provide the statement, notice or other document that is supposed to be delivered in writing? For example, if you provide e-statements on a "pull" basis, meaning the customer will have to access statements on a specific server and have the ability to read the format in which the statements will be provided, you should have a test or consent document located on that server in the correct format. If you use a PDF format, you could have a button on that document that captures information about the session, documenting your customer's identity, and signifying the customer's agreement if clicked, assuming you can then capture and save that information.

First published on BankersOnline.com 11/09/09

First published on 11/09/2009

Filed under: 
Filed under technology as: 

Search Topics