%20formatted-1.png?width=582&height=170&name=SIGNiX%20Logo%20Main%20(white)%20formatted-1.png)
At SIGNiX, we talk a lot about identity which is process of identifying people online. It's a big deal in the e-signature world. After all, if you don't know who is signing a document, what use is a signature? We get a lot of questions about the most secure type of identity authentication we offer — knowledge based authentication (KBA) — so I thought I'd take a minute to explain KBA.
KBA is an identity authentication method that asks questions based on detailed information an individual knows. This information is usually more advanced than the kind of information a fraudster might be able to access through your email or computer. KBA is often used alongside another type of authentication (like a password) to increase security. There are three kinds of KBA — static, dynamic and enhanced.
Static KBA
If you've ever needed to reset a password, you've probably encountered static KBA. With this method, you pick security questions and give answers that are stored and referenced later. The user controls the questions and answers with this type of KBA.
Dynamic KBA
Dynamic KBA takes authentication to the next level by generating questions that only apply to one specific person. This type of KBA doesn't require any previous relationship with the customer, so it is an attractive option for e-signature users that need to be authenticated instantly. We sometimes call these questions "out-of-wallet" questions because the information couldn't be found in a person's wallet if it was stolen. The questions are generated from the user's credit history or public records.
Many regulatory bodies, including the IRS, require that e-signature users be authenticated using dynamic KBA. This is the type of KBA offered by SIGNiX's e-signature service. Check out the infographic below to learn more about knowledge based authentication.
Knowledge Based Authentication Infographic: Difference between Static, Dynamic & Enhanced KBA
