EPA has determined that to meet the CROMERR requirement, a system using PIN/password must be accompanied by some other identifier that, together with the PIN/password, will be sufficient to prove that the e-signature has not been compromised. One approach is to use the PIN/password in conjunction with a ‘second factor’ to create an e-signature. This document outlines the use of challenge questions as one approach to meeting this CROMERR requirement.
You may need a PDF reader to view some of the files on this page. See EPA’s About PDF page to learn more.- Challenge Question Second Factor Approach (PDF)(3 pp, 114 K)