Many computer users and other entities have systems that utilize some form of security. Therefore, there often arises a need to prevent all but selected authorized persons from being able to carry out some defined transaction or to gain access to electronic equipment or other system, facility or data. Preventing unauthorized clearance or access typically involves devices which limit access to the subject data, facility, or transaction to those who possess a unique physical device, such as a key or who know a fixed or predictable (hereinafter “fixed”) secret code. In at least some cases, relying on a fixed code or unique physical device as the means to control such selective clearance or access can mean that would-be unauthorized users need only obtain possession of the fixed code or unique device to gain such clearance or access. Typical instances of fixed codes include card numbers, user numbers or passwords issued to customers of computer data retrieval services.
An information validation service known as RSA Identity Verification or Verid compiles, and enables verification of the identity of a user through inquiries into public record or publicly available information regarding the user's status and/or activities. It is not expected that the user would necessarily answer all questions to correspond exactly to the answers on file. Thus, there is a usual threshold set such as a majority of the questions, for example 2 out of 3 questions, will qualify as a pass, or alternatively for example, 2 out of 3 questions could trigger a second round of an additional number of questions. Based on the strength of the user's assertion, various options are available including posing further questions and/or re-directing the user to an alternate authentication approach. A server system accesses at least one information server having corresponding user specific answers to the authenticating questions. The server system poses the authenticating questions to the user and receives the user's answers. The user's answers are compared against the user specific answers for assessing a match threshold. If the match threshold meets a verification threshold, the user is authenticated.
In particular, Verid provides a question based screened verification method that includes asking an individual questions regarding the individual's asserted identity at an authorized location to determine whether the individual's asserted identity is correct. The questions are derived from external sources, such as credit reports from a third party, and may inquire into historical information regarding the individual's asserted identity, such as previous addresses.