In knowledge based authentication (KBA), a human authenticates by answering a set of questions (i.e., one or more questions). If the human answers the set of questions correctly, authentication is considered successful. If the human does not answer the set of questions correctly, authentication is considered unsuccessful.
Conventional KBA questions have been derived from credit bureaus (e.g., “where did you live in 2006?”), government records (e.g., “what type of vehicle did you own in 2007”), and public databases (e.g., what school did you attend in 2008?”). Additionally, the legitimate human may proactively provide answers to certain secret questions during an enrollment period so that the legitimate human can provide correct answers at a later time (e.g., “what was the name of your first pet?”). Accordingly, if the authenticating human is legitimate, the human will correctly answer the set of secret questions to successfully authenticate.