Knowledge-Based Authentication (KBA)

In November 23, 2015

Have you ever had to answer a security question to log into an account that contains personal information? If so, you already know a little bit about knowledge-based authentication, also referred to as KBA. These questions are meant to verify your identity by answering security questions that only you would know the answers to. This is a very common step when you set a login for any company who keeps your financial data or any sensitive personal information. You will often be prompted to answer a KBA when you try to log into your online banking account from an unrecognized computer or device.

There are two forms of KBA, static and dynamic. Static KBA lets users set up the answers to their security questions upon creating a password protected account. If they need to make any changes to their account or log in from a new location, they will be prompted to answer their previously set security questions. Dynamic KBA is a much more challenging setup in which a data system will ask a user a question at random based on personalized data about the user. The data used to pull the security questions is still personalized enough that only the correct person would know the answer. However this system is very difficult to set up which has led to many companies preferring to work with static KBA’s. They may choose to work with strict static KBA system in which there are multiple questions and an IP address check. The IP address check is why you may need to answer a KBA question when you log in from a new device. This is one way your personal data is kept safe online. Common questions you may be asked to answer are:

  • Who was your favorite high school teacher?
  • What is your mother’s maiden name?
  • What was the name of your favorite pet?
  • What is your favorite book?
  • Where did you spend your first honeymoon?

These are just a few common questions you may see when setting up your KBA questions and answers. Remember that these answers should be answers that only you will know. It is important to pick questions as your security verification that aren’t the easiest to answer but the hardest to answer, so no one could easily guess them.

If you have ever wondered how companies work to keep your personal data and financial information safe, this is one of many steps. Want to know more about online security surrounding your vital records? You can visit our online security and privacy policy to learn how we work day and night to keep your personal information safe at VitalChek!

Leave A Comment