Knowledge-Based Authentication (KBA)
Knowledge-Based Authentication (KBA) is a method of verifying an individual’s identity by asking security questions that only the legitimate user should know. It is often used in online payments as part of Strong Customer Authentication (SCA) alongside One-Time Passwords.
Applications
E-commerce:
Reduces fraud in online card payments by verifying the cardholder's identity
E-commerce:
Reduces fraud in online card payments by verifying the cardholder's identity
Advantages
- Enhanced security: Reduces unauthorised transactions by verifying that the genuine account holder is authorising the payment
- Enhanced security: Reduces unauthorised transactions by verifying that the genuine account holder is authorising the payment
Challenges
- User Experience: Additional authentication steps can cause friction and increase checkout abandonment
- User Experience: Additional authentication steps can cause friction and increase checkout abandonment