With various electronic notary providers e-notarizing documents and notaries who e-notarize documents independently... How do you know if the e-Notarized document is real and if you can trust it?
The Notary Trust Registry because it is a central trusted registry that ensures, maintains, and creates trust.
Every time a provider or individual creates an e-Notarized document, they will send metadata about their e-Notarized documents to Notary Trust Registry that Federal, State, local governments will use to instantly verify that it is an e-Notarized document, as well as institutions such as the lending or mortgage institutions. NTR is provider and notary neutral, and only serves to create trust with e-Notarized documents.
The Notary Trust Registry is provider and notary neutral, and serves to create trust with e-Notarized documents.
The registry is currently free for users to send and access the registry data.
No. Because of the nature of the registry and the data it contains, we validate any individual or organization wanting access. To gain access:
The Registry supports both SOAP and REST based protocols to send and access data. Please go to the API Docs page to review the documentation.
No. The registry only saves the message digest or the fingerprint of the e-Notarized documents, and the actual document is not saved in the Registry.
Yes. We have taken the required steps to assure security, and we also do not collect private data that is not publically available on the internet today.
Do not share your Security Key with anyone, and it should be protected in such a way as to prevent someone from acquiring it.
When an e-Notary provider or independent e-notary adds the meta-data of that particular e-Notarized document to the registry, they're also adding the unique Secure Hash Algorithm (SHA) digest sometimes referred as a fingerprint to the registry. If you're in
possession of the e-Notarized document, simply generate the SHA fingerprint with the document you have. You can then do a search on the registry to verify that the document
instance exists. If it exists, you can then compare the SHA fingerprint that you generated against the one listed in the registry. If they match, and the other information also matches then you can trust it. The meta-data also contains the notary's name, commission info, and other relevant information.
Please visit Wikipedia to learn more about SHA digests.
No. It is a misconception that a digital signature or digital certificate also known as PKI ensures that you can trust a document. Just because a document has a digital certificate doesn't mean anything, and it only basically assures that the document was not altered after it was applied. There are many forms of attacks a forger can use against a document with a certificate, but the most common is to remove the certificate, change the contents of the document, and then reapply a certificate onto the document. If the document is not in the registry it can easily be overlooked, e-recorded, and you can end up losing a lot.
The registry in this case maintains the actual fingerprint of the document, which can be used for comparisons, and the notarial act as well... This ability of having the data at your fingertips is what creates the trust.
Any e-Notary or provider can have their e-notarizations included in the registry, but before you can do that you must be able to provide information that your applications are secure, your infrastructure is SSAE 16 compliant, you adhere to the security practices provided by NIST, and can also provide other compliance or third party auditing information before you're permitted to add to the registry. In most cases, we highly recommend working with an e-Notary provider that's already been vetted and they adhere to the registry's strict policies by visiting the member's page. This is how we maintain trust.