At the point of initial contact with a customer, a business using static KBA must collect the information to be shared between the provider and customer—most commonly the questions and corresponding answers.
The weakness of static KBA was demonstrated in an incident in 2008 where unauthorized access was gained to the e-mail account of former Alaska Governor Sarah Palin.
Some identity verification providers have recently introduced secret sounds or pictures in an effort to help secure sites and information.
To initiate the process, basic identification factors such as name, address and date of birth must be provided by the consumer and checked with an identity verification service.
Dynamic KBA is employed in several different industries to verify the identities of customers as a means of fraud prevention and compliance adherence.