EPA has determined that to meet the CROMERR requirement, a system using PIN/password must be accompanied by some other identifier that, together with the PIN/password, will be sufficient to prove that the e-signature has not been compromised. One approach is to use the PIN/password in conjunction with a ‘second factor’ to create an e-signature. This document outlines the use of challenge questions as one approach to meeting this CROMERR requirement.
You will need Adobe Reader to view some of the files on this page. See EPA’s About PDF page to learn more.- Challenge Question Second Factor Approach (PDF)(3 pp, 97 K)