Secret Questions

Knowledge based authentication (KBA), or the use of secret questions to verify a person's identity, is generally safe. The most frequently used KBA questions are ones with unchanging answers, such as what is your mother's maiden name or the name of your favorite pet. The consumer selects a secret question and provides an answer himself, which the company stores in its database. These types of questions are implemented only after a relationship has been established with the consumer. However, some risk exists if an identification thief were to know the answers from common knowledge or a data breach. Another type of KBA question is the dynamic type, which is intuitive and is created spontaneously using data from a consumer's data record that is accessed in real-time. This type of question does not require a prior relationship with the consumer and can be used for such things as account origination or requesting account changes.