CoraCloud: KBA (Knowledge-Based Authentication)


In CoraCloud, KBA or knowledge-based authentication can be enabled for eSignature documents that need a higher level of security and user identification than standard eSignature PDFs. It can also be enabled for documents with the legal requirement of having the end user be KBA validated such as for IRS documentation. 

KBA is an additional feature of CoraCloud. KBA services are billed upon use at a cost of $1.50 per signature requested with KBA enabled. 

Signees of KBA documents can only attempt to go through KBA validation services (personal identification information and knowledge quizzes) 3 times in a 7-day period

Sending an eSignature with KBA Enabled:

To send a document for eSignature with KBA validation, you'll go through all the same steps you would for any standard eSignature within CoraCloud.

  1. Find the PDF document you need to get signed with KBA validation, click the three-dot menu for the file, and select 'eSignature'. Then select the ‘Prepare Document’ button.
  2. On the “Select users to sign document” screen, there will be a check box that says "Enable KBA".  Check this box for all signees that need KBA validation on this document.
  3. Next, click on ‘Prepare Document’ and finish adding the required fields to the document like any normal eSignature. If you are unsure of what to do here you can see our guide on Initiating eSignatures. When you are done adding and assigning eSignature components to the document, click on ‘Save & Send’ to send the file to the necessary parties. 

Receiving/Signing a KBA Enabled Document:

KBA eSignatures require the recipient to pass two identity confirmations before they can access the document. The first is the personal identification information screen and the second is a custom set of screening quizzes. The recipient has 3 attempts to get these correct before entering a lockout period. The most important thing for anyone signing a KBA document is to make sure they answer all questions accurately and to the best of their ability.

This section displays what a user who is asked to complete a document with KBA enabled will see when attempting to sign a document. 

First, the user will receive an email notification that there is a document waiting for them to sign. The user will click on 'Start' to begin the eSign process.

Next, it will present the user with the Personal Information Identification screen. All of the information on this screen needs to be filled out accurately to move forward.

If the information entered is incorrect, the KBA service will display an error message and the recipient will be brought back to this screen. One of the attempts to use KBA has now been used. If the information is correct, it will take you to the next part of the authentication process, the screening quiz.

After the user successfully answers these questions they will be granted access to the document to complete their eSignature.