Fraud prevention methods are well known. In the past, methods of fraud prevention were based upon a personal relationship among transaction partners. Merchants knew their customers and would not be fooled by someone else asking for access to customer accounts.
In today's environment, merchants and account managers do not personally know their customers. As such, access to accounts is typically based upon at least two levels of security. On the first level, a user is required to have some form of identification (e.g., a credit or debit card, an account number, etc.). The second level of security is usually a password.
The first level of security is often manifested in a hard-coded format (e.g., a plastic card) that could be lost or stolen. On the other hand, the second level of security (i.e., passwords) are often committed to memory. As long as a person's password is committed to memory, a lost or stolen credit card is useless.
However, many people often forget their passwords. As a consequence, some people will write their passwords down and carry the passwords with them in their purse or wallet. In this case, if the user loses their purse or wallet, then a thief may still be able to access the accounts of the account holder.
In order to counteract the problem of compromised passwords, many organizations will often request personal information from users (e.g., mother's maiden name, high school mascot, name of first employer, etc.). In addition, to requiring an account number and passwords, many organizations often request an item of personal information on a random basis.
While adding another level of security further increases security, the additional level further increases the difficulty in providing the information of the various levels of security, especially where the memory of a user is impaired. This problem is made worse when a user has accounts with many different organizations. Accordingly, a need exists for better methods of providing the information required for the various levels of security.