Knowledge Based Authentication versus Knowledge Based Verification
The terms Knowledge Based Authentication (KBA) and Knowledge Based Verification (KBV) are often used interchangeably. Both KBA and KBV test a user’s knowledge by asking a series of multiple choice questions about their life history before granting access to an account with sensitive data or that initiates financial transactions.
KBV is typically used with new accounts. It is a means of identity verification. KBA is typically used with existing accounts. It is a means of confirming that the person logging in is the same person that originally created the account. Sometimes the words “dynamic’” and “static” are used to differentiate the two approaches.
What is Knowledge Based Verification (KBV)?
Dynamic KBV
KBV is typically used to verify someone’s identity before granting access to an account that safeguards personal data or initiates financial transactions. Although it is most often used as a fraud prevention strategy with new accounts, identity verification may be required with existing accounts requesting access to higher risk transactions. For example, an existing bank account user applying for a mortgage or credit card. In these scenarios, a series of multiple-choice questions are generated dynamically from public and financial records then presented to the user.
Common examples of knowledge-based verification questions include:
- Which of the following retail credit cards do you have?
- What state did you reside in during 2015?
- What is your approximate monthly mortgage payment?
What is Knowledge Based Authentication (KBA)?
Static KBA
KBA is typically used to confirm that someone logging into an online account is the same person that originally created the account. It is used as a fraud prevention strategy to prevent account takeover in the case that an authorized person has obtained another user’s id and password. In these scenarios, the user selects 3-5 questions about themselves from a pre-defined list of options.
Examples might include:
- What is your favorite food?
- What middle school did you attend?
- What is your favorite book?
The user supplies their answers to these secret questions, which are stored on file. Each time the user attempts to login, they must answer one or more of these questions to authenticate.
