Currently, when a user at a client computing device desires to access a secure application for a business process, an agent at an agent computing device is utilized to query and verify the requesting user. Typically, the agent will asks over the telephone or other communication medium predefined security questions particular to that user. If the user provides the correct responses to the queries to the agent, then user will be verified and granted access to the secure application to interact with the business process.
Unfortunately, the static nature of the stored security verification data for each user for the security questions is susceptible to misuse. For example, the agent involved in the verification could preserve the received security verification data for a user and then later misuse it for the agent's personal benefit. News regarding these types of security risks makes some users reluctant to try and access some secure applications on line which results in fewer online business transactions.
Another problem with this current verification process is with storage requirements for the personal security verification data for each user. The application service providers must maintain storage servers with this data which can be quickly accessed by an agent when needed for verification purposes. These additional storage requirements add expense and may not always provide the personal security verification data to agents as quickly as some user's may desire. As a result, again users may be less likely to access some secure applications on line which results in fewer online business transactions.