Return to site
Return to site

A Look At The Knowledge Based Authentication Alternatives You Can Use

· Technology
broken image

What are some of the knowledge based authentication alternatives that I can use? This is a question that you may be asking yourself if you are looking to switch from KBA to something better for ensuring the security of your company systems and data. While KBA seems like a good method for verifying who a person is, it has proven incredibly easy to compromise. In this modern age, KBA is a good way to irritate your customers and leave them as victims of fraud. 

There are various problems that you are likely to experience while using Knowledge based Authentication. One of them is the customer error. Your customers might forget what they put down. This is especially true for those questions whose answers can change with time. For instance, if a person puts down the name of their favorite pet as an answer to a security question, that name could very easily change with time. Due to shorter lifespans, a customer can change pets every so often, and they might like the new pet better. Since you want your customers to stay with you for a long time, it is counter-productive to punish them for not remembering how they would have answered a security question ten years ago.

Another problem with KBA is that anybody can find the answer. This method depends upon publicly available information. You have probably been told about the dangers of posting your social security number, but the ubiquitous nature of KBA makes a Facebook selfie labeled “Chilling out with my favorite teacher” with yourself and that teacher tagged in equally dangerous. To a skilled fraudster, these security questions are not asking him if he is who he claims to be. Instead, what they hear is “have you read this customer’s Facebook?” While you can try advising your customers to refrain from using security questions with publicly available information, but that is not always practical.

Good alternatives to KBA include behavior recognition and phone limited access. The former is a pattern that is frequently employed by credit card agencies while the latter involves tying customer identity to phone number, which is a convenient way to verify identity. 

For more information on knowledge basedauthentication alternatives, visit our website at https://authid.ai/ 

 

PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save