Posted on 04 December 2014.Knowledge-based authentication (KBA) is a methodology gaining increasing recognition for providing the identity proofing part of user authentication.
A group of senior IT pros got together during a Wisegate Roundtable session and had unguarded, honest conversations about knowledge-based authentication. They agree that KBA is a technology:
- that has not yet reached its time,
- that is worth watching,
- but its value to individual companies will depend on a risk analysis decision.
- There are no detailed best practices yet available.
The problem, he suggested, is that most existing user authentication processes rely on tokens that actually authenticate the token but not the individual. It remains necessary to prove the identity of the individual before the token is bestowed or accepted. full article