A knowledge-based authentication (KBA) system can utilize, as input, a list of individuals (as identified, for example, via in a lightweight directory access protocol (LDAP) or other identifier) that should not be authenticated by the system. Such a list is also referred to herein as a white list. Commonly, individuals on a white list include individuals (executives, for example) for whom the corresponding entity is not willing to expose related information to a call center or analogous information hub. Entities may opt, alternatively, to utilize separate authentication techniques for such individuals.
However, existing KBA approaches require providing a full and complete white list manually, one entry at a time. Such approaches are labor intensive and vulnerable to inaccuracies due to data availability issues as well as changes and/or modifications made to relevant data.
Similarly, KBA systems can also utilize, as input, a list of subjects and/or keywords that should not be used as visible facts in a presentation to a user for generating authentication questions. Such a list is also referred to herein as a black list. Commonly, a black list is implemented and/or incorporated into a KBA so as to avoid asking authentication questions pertaining to potentially sensitive events, meetings, emails, etc.
However, existing KBA approaches, as with white lists, require providing a full and complete black list manually, one entry at a time. Such approaches are labor intensive because a black list may properly include many terms. Further, some terms may be sensitive in one context but less sensitive (or not at all sensitive) in other contexts, potentially leading to accuracy challenges for manual selection.
Accordingly, a need exists for techniques capable of automatically creating white lists and black lists to be used in connection with a KBA system.