How to Mitigate User Identity Risks in a Faceless Environment
As a child of the 90’s, one of my favorite board games was "Guess Who?" Two players pick a character card each, and then guess who their opponent has by asking questions to eliminate possible options. Unlike the fun board game, organizations can’t risk playing guessing games to determine user identity.
According to Forrester, user authentication is a key driver to the success of e-signature adoption. When organizations are in the evaluation stage of considering which e-signature solution best fits their business needs, emphasis is placed on how well the solution can prove a signer’s identity and if documents were sent to the correct signer. Organizations want peace of mind when choosing an e-signature solution with robust and flexible user authentication features to add an extra layer of security when conducting transactions online. e-SignLive gives reassurance to organizations by offering a variety of authentication options to choose from depending on the type of document they want to send out to signers. In this blog post, I’ll go over two knowledge-based authentication (KBA) methods used in e-SignLive: Static KBA and Dynamic KBA.
Q&A (aka Static KBA)
Q&A allows you to present challenge questions to the signer. These are commonly referred to as "shared secrets" since you need to formulate questions based on information you already have on file about your customer, such as the last 4 digits of their social security number or an application ID number. If the signer provides the correct answer, then they are verified as the correct recipient of the package. This authentication method is ideal to use for transactions such as renewing an insurance claim or an electronic fund transfer. Static KBA is included in the e-SignLive service at no additional charge.
Dynamic KBA is the highest level of authentication e-SignLive offers that uses knowledge questions to verify a signer’s identity. Questions are compiled from public and private data such as marketing data, credit reports, or transaction history. To initiate the process, basic identification factors, such as name, address, and date of birth must be provided by the consumer and checked with an identity verification service. e-SignLive partners with Equifax and uses its eIDVerifer service to verify the signer’s ID. After the identity is verified, questions are generated in real-time from the data records corresponding to the individual’s identity. Answers to the questions are typically "out-of-wallet" and are generated on the fly, making it difficult for anyone other than the actual user to know how to the answer to the questions. Dynamic KBA is ideal for high value transactions such as line of credit forms, lending forms or mortgage application forms. Dynamic KBA is a fee-based service add-in for e-SignLive. Contact your sales representative to enable Dynamic KBA in your e-SignLive account today. Interested in using knowledge-based authentication for your digital transactions? Read more about user authentication best practices in our white paper.