Knowledge Based Authentication (KBA)

Knowledge Based Authentication or KBA for short is a security process that requires asking users for answers to personal information questions to authenticate their identity when accessing accounts or services. Users are required to answer questions that only the individual would know the answer to; for example, secret phrases, names of relatives, or prior transactions. There are three types of KBA:

  • Static KBA, in which the question is chosen by the user upon account creation
  • Dynamic KBA, in which questions are generated in real-time, with more specific questions gathered from credit reports, marketing databases, etc.
  • Enhanced KBA uses both static and dynamic questions, as well as other methods, including biometrics like fingerprints or facial recognition technology.