Knowledge based authentication, also known as KBA, is a type of authentication which looks to prove that the person providing identity information truly is that exact person. As its name suggests, KBA is based on some sort of knowledge the individual has. Knowledge based authentication continues to get more sophisticated in order to keep information and access in the right hands.
There are three different forms of KBA – static, dynamic and enhanced KBA.
Static KBA methods allow users to select security questions and provide answers that are stored by a company and accessed later, usually when a password needs to be retrieved or reset. Dynamic KBA, on the other hand, goes a step further by generating questions that apply only to the intended end user and do not require a previous relationship with the customer. These types of questions have also been called “out-of-wallet” as the content is generated from information within a person’s credit history or public records. Therefore, the answers could not be found in a wallet or purse, making it difficult for anyone other than the actual person to know the answer.
Enhanced dynamic KBA goes even further by using your proprietary data collected that is stored behind your firewall to create custom security questions for your customers. This gives you a complete end-to-end authentication solution so you can verify new and existing customers online.
The FTC recently issued a letter approving the use of KBA as a method of obtaining prior verifiable parental consent under the Children’s Online Privacy Protection Act (COPPA).
For more information on Knowledge Based Authentication, check out our infographic here! (Click on the image to expand the infographic.)