Knowledge Based Authentications KBA

Hate it when you have to verify yourself to the bank telephone operator? When they ask if you are you? How can you prove that it is you? Remember the questions that they ask?

KBA Knowledge Based Authentication

Knowledge-based authentication

Knowledge-based authentication, commonly referred to as KBA, is a method of authentication which seeks to prove the identity of someone accessing a service such as a financial institution or website. As the name suggests, KBA requires the knowledge of private information of the individual to prove that the person providing the identity information is the owner of the identity. There are two types of KBA static KBA, which is based on a pre-agreed set of shared secrets, and dynamic KBA, which is based on questions generated from a wider base of personal information.

Static KBA (shared secrets)

Static KBA, also referred to as "shared secrets" or "shared secret questions", is commonly used by banks, financial services companies and e-mail providers to prove the identity of the customer before allowing account access or, as a fall-back, if the user forgets their password. At the point of initial contact with a customer, a business using static KBA must collect the information to be shared between the provider and customer—most commonly the questions and corresponding answers. This data must then be stored only to be retrieved when the customer comes back to access the account.

The weakness of static KBA was demonstrated in an incident in 2008 where unauthorised access was gained to the e-mail account of former Alaska Governor Sarah Palin. The Yahoo! account's password could be reset using shared secret questions including "where did you meet your spouse?" along with the date of birth and ZIP code of the former governor to which answers were easily available online.

Some identity verification providers have recently introduced secret sounds or pictures in an effort to help secure sites and information. These tactics require the same methods of data storage and retrieval as secret questions.

Dynamic KBA

Dynamic KBA is a high level of authentication that uses knowledge questions to verify each individual identity but does not require the person to have provided the questions and answers beforehand. Questions are compiled from public and private data such as marketing data, credit reports or transaction history.


To initiate the process, basic identification factors such as name, address and date of birth must be provided by the consumer and checked with an identity verification service. After the identity is verified, questions are generated in real time from the data records corresponding to the individual identity provided. Typically, the knowledge needed to answer the questions is not available in a person's wallet (some companies call them "out-of-wallet questions") making it difficult for anyone other than the actual identity owner to know the answer and obtain access to secured information. Generally, the period of time for the person is given to respond to questions and the number of attempts is limited to prevent answers from being researched.

Dynamic KBA is employed in several different industries to verify the identities of customers as a means of fraud prevention and compliance adherence. Because this type of KBA is not based on an existing relationship with a consumer, it gives businesses a way to have higher identity assurance on customer identity during account origination.


To find out more about Cert IV TAE

For more information on HSE Coach Courses

For more information on FPSO courses

For more information on NEBOSH Courses

For more information on IOSH Managing Safely

For more information on internationally recognised safety training

Simply Safety is a Singapore international center for Safety, Health and Environmental training. We also operate in Malaysia, Thailand, South Korea, Myanmar, Vietnam, China, Philipines, Qatar, Saudi Arabia. We conduct courses accredited by NEBOSH like the NEBOSH International General Certificate (NEBOSH IGC) and the NEBOSH Health and Safety Award (NEBOSH HSW) Simply Safety also does other courses such as OGSC FPSO Courses. We also do the WDA courses Apply Workplace Safety Health in Process Plants, Perform Work in Confined Spaces, Supervise Work in Process Plants and Supervise Work in Confined Space Operations. Very similar to Singapore Contractors Association (SCAL), ASPRI (Association of Singapore Process Industry) or NTUC Learning Hub. , MOM Accredited Courses, or like Institute of Adult Learning IAL which does ACTA Advanced Certificate in Training and Assessment we do the Australian Cert IV TAE 40116(Australian ACTA) which can be converted to the full ACTA. Simply Safety also does many other elearning and online international certificate courses as well as a range of short courses designed to meet specific industry needs. We believe in lifelong learning and adult education and growth of the individual. Be it skillsfuture or skillsfuture credit or sdf fundings- one should not wait to upgrade themselves. Whether you are a trainer or freelance trainer or going through Train the Trainer program or even if you are a safety practioner or safety professional or safety officer or safety coordinator.

Simply Safety is the foremost Singapore Workplace Safety Health Environmental Training Provider providing Nebosh, Nebosh IGC, IOSH, IOSH MS, Accident Investigation, Work At Height, Work in Confined Space, Lifting Operation, Emergency Preparedness and Procedures, Control and Handling Hazardous Substances, Risk Management, Risk Assessment, Permit To Work System,  WSH Management System, Safety Management System, Leadership Training, Consultation, Training Needs Analysis, develop MOM ATP Course materials, customised Course Development, behavior based safety,BBS,behavior-based safety, behavior-based safety, behavioral psychology,  oil & gas training, nebosh general certificate, NEBOSH in Indonesia, Johor Bahru JB Malaysia, Korea, China, Beijing, Qatar, Training, Consulting in Shanghai, China, Qatar

We also provide study tools and study kits for students

Ultimate Guide 1 25 Prep Questions for NEBOSH IGC 1,  Ultimate Guide 2 Another 25 Prep Questions for NEBOSH IGC 1, Ultimate Guide 3 Another 25 Prep Questions for NEBOSH IGC 1 Exams, Ultimate Guide 4 Another 25 Prep Questions for NEBOSH IGC 1 Exams, Ultimate Guide 1 25 Prep Questions for NEBOSH GC 2 Exams, Ultimate Guide 2 Another 25 Prep Questions for NEBOSH GC 2 Exams, Ultimate Guide 3 Another 25 Prep Questions for NEBOSH GC 2 Exams, Ultimate Guide 4 Another 25 Prep Questions for NEBOSH GC 2 Exams,,,,,,,,,,

For more information about NEBOSH IGC, please visit our NEBOSH IGC page. You may also reach us at or visit us at


Recent Posts

Satisfaction Guarantee

Simply Safety Guarantee

We guarantee that our service will help you and your company. If you are not satisfied, we'll provide you more services, more than what you've paid for.

Privacy & Security

Simply Safety Guarantee

All your information is safe and secure. The entire transaction will take place on a secure server using SSL technology.

LiveZilla Live Chat Software