Knowledge Based Authentication (KBA)

Knowledge Based Authentication or KBA for short is a security process that requires asking users for answers to personal information questions to authenticate their identity when accessing accounts or services. Users are required to answer questions that only the individual would know the answer to; for example, secret phrases, names of relatives, or prior transactions. There are two types of KBA:

  • Static KBA, in which the question is chosen by the user upon account creation
  • Dynamic KBA, in which questions are generated in real time, with more specific questions gathered from credit reports, marketing databases, etc.