In an electronically notarized document, usually the only meaningful security is the PKI digital signature of the notary*. The scrawl made with a mouse by the signer is a joke. The JPEG of the notary's seal is a joke. The graphical image of the notary's handwritten signature is usually a joke, although a few electronic pen pad vendors claim they record special information that makes it hard to fake. I'll believe that last claim when I see a court case where that was a decisive factor.
Sure, a forger could copy the entire "loose" certificate page and put it in some other document. But while they're changing the signer's name and the date, they could also delete the document description at the bottom. So we're back to the PKI digital signature being the key security feature.
* The signer could also use their own PKI digital signature, but from what I've seen on the internet, the RON and IPEN platforms don't support this scenario. So to serve this client the notary would have to work outside of a platform, do IPEN, and be in a state that doesn't require a platform for IPEN. If the draft rules don't change much when the final version is adopted, Vermont will be such a state. |