Best practices in knowledge-based authentication

  • 4 December 2014
  • 0 replies
  • 148 views

Userlevel 7

Posted on 04 December 2014.Knowledge-based authentication (KBA) is a methodology gaining increasing recognition for providing the identity proofing part of user authentication.

A group of senior IT pros got together during a Wisegate Roundtable session and had unguarded, honest conversations about knowledge-based authentication. They agree that KBA is a technology:
  • that has not yet reached its time,
  • that is worth watching,
  • but its value to individual companies will depend on a risk analysis decision.
  • There are no detailed best practices yet available.
The roundtable started with one member presenting his own view of the need for and difficulties in reliable user authentication. It should be noted that this member’s need for reliable authentication is extreme. He provides valuable services to a very large, diffuse and widespread number of remote users.

The problem, he suggested, is that most existing user authentication processes rely on tokens that actually authenticate the token but not the individual. It remains necessary to prove the identity of the individual before the token is bestowed or accepted. full article

0 replies

Be the first to reply!

Reply