Knowledge-based authentication (KBA)
Verifying identity by asking questions only the real person should know.
Knowledge-based authentication, or KBA, verifies a caller by asking questions only the genuine person should be able to answer, such as a recent transaction or an account detail. It is widely used but increasingly weak, because much of that information can be found or bought.
Voice biometrics is often used to reduce reliance on KBA: verifying the voice itself is faster for genuine callers and harder to socially engineer than a list of security questions.
