Identity Verification at the Highest Level: Docusign ID Verification for IAL2 Compliance

Identity verification is no longer just a formality—it’s the foundation of trust in today’s digital ecosystem. Irrespective of industry, organizations need to confidently know who they’re doing business with before they approve loans, collect patient consent, or complete high-value transactions. However, the continued use of fragmented identity systems slows down the process and creates compliance gaps.

At the forefront of the digital agreement landscape, Docusign’s new purpose-built IAL2 identity verification configuration supports this requirement by enabling businesses to deliver a fully digital and secure way to verify identities at the NIST Identity Assurance Level 2 (IAL2) standard, directly from within the digital agreement process. 

What is IAL2, and why does it matter?

IAL2 is a federal identity assurance standard defined by the National Institute of Standards and Technology (NIST) in the United States. It provides a high level of confidence that an individual’s claimed identity is tied to their real-world identity, typically through the validation of several pieces of identity evidence, such as two pieces of Strong evidence or one piece of Strong evidence plus two pieces of Fair evidence. This is followed by a required physical or biometric comparison to the applicant’s strongest piece of validated identity evidence.

Through Docusign’s IAL2 configuration, organizations can now seamlessly integrate federally recognized identity proofing into their digital agreement workflows, allowing for faster agreement completion rates, reduced risk of identity fraud, and simplified compliance efforts, all within the trusted and centralized Docusign experience.

How it works

The Docusign ID Verification for IAL2 Compliance workflow is easy to add to workflows within eSignature and Maestro, part of the Docusign Intelligent Agreement Management (IAM) platform. 

Before a recipient can access an agreement, they will be required to verify their identity using their existing ID.me or CLEAR account. If needed, they can create a free account with either provider from within the same Docusign workflow. Once verified, they can securely sign and complete their agreement, all in a single, seamless experience.

For the business, every verification event generates a tamper-evident audit trail containing evidence that an IAL2 check was conducted as well as key recipient identity information, such as a copy of the identification and supporting data points used. This information is readily available through the centralized Docusign platform, eliminating manual transfers of verification results and providing evidence to support regulatory compliance.

Real-world applications 

Supporting Small Business Administration loans

In financial services, verifying borrower identity is critical for compliance with federal lending regulations. This is particularly important for programs administered by the U.S. Small Business Administration (SBA).

Docusign’s IAL2 configuration can streamline the digital loan process, beginning with the critical step of identity verification. By verifying borrowers to an IAL2 standard, Docusign enables lenders to establish identity confidence and mitigate risk throughout the lending process.

With Docusign’s IAL2 workflow, lenders can:

• Meet stringent SBA identity expectations, ensuring that all digital approvals adhere to federal lending requirements

• Eliminate manual ID checks and paper-based processes

• Maintain tamper-evident audit trails that align to SBA and applicable regulatory requirements and remain instantly available for any review or audit

• Deploy fully digital processes for quicker loan closings and mitigated fraud exposure

Streamlining healthcare patient formalities

Healthcare organizations are under constant pressure to balance patient privacy, regulatory compliance, and convenience. Executing critical patient agreements (such as treatment consent forms and HIPAA authorizations) requires the utmost level of trust and security. Not only does this help safeguard sensitive medical data and other protected health information (PHI), but it also helps protect organizations from compliance risks, potential fines, and reputational damage..

Using Docusign’s IAL2 configuration, healthcare providers can achieve higher levels of identity assurance, with secure, fully digital consent workflows that support regulatory compliance and protect digital interactions. 

As a result, healthcare providers can:

• Confirm patient identities remotely through a trusted, fully integrated partner that performs identity proofing as a Credential Service Provider (CSP) to meet IAL2 requirements, like ID.me or CLEAR

• Securely collect digital consent and authorizations in a manner that supports HIPAA compliance

• Reduce administrative overhead while delivering a modern, patient-friendly digital experience

• Easily access verifiable, high-assurance patient identity records to demonstrate compliance 

Facilitating eTitle transfers in the automotive industry

In the automotive industry, some Federal regulations (i.e. 49 CFR 580.3 in Odometer Disclosure Requirements) require the use of NIST level 2 (IAL2) identity verification as part of eTitle Transfers. As these processes move online, digital IAL2 verification not only confirms that each party involved in the transfer is accurately and securely identified before ownership changes hands, but it also supports strict regulatory compliance obligations. 

Docusign’s IAL2 identity verification configuration streamlines the eTitle transfer workflow by delivering a trusted, fully digital experience without disrupting existing processes. 

This enhancement allows dealerships and consumers to complete secure title transfers with confidence by: 

• Supporting regulatory compliance efforts by enabling businesses to meet IAL2 and industry standards for secure digital identity verification

• Helping mitigate identity fraud by ensuring that only verified individuals can authorize title changes

• Driving operational efficiencies and reducing manual workloads by streamlining identity checks and securely storing key customer identity information 

• Enhancing the user experience by providing a fast, intuitive, and fully digital process for all participants

A new standard for digital trust

Docusign’s IAL2 identity verification configuration marks a significant step forward in secure digital transformation, helping organizations mitigate identity fraud risk before it reaches downstream processes. 

Whatever your industry or use case, through Docusign you can now securely verify identities using a workflow designed to align with the same level of assurance used by U.S. federal agencies, all within one centralized and fully digital workflow.

Learn more about how Docusign’s IAL2 identity verification can help your organization accelerate digital transformation without compromising on trust or compliance.