Organizations strive to ensure secure and convenient user access to services or accounts. With the proliferation of identity theft and the growing emphasis on convenience, organizations are forced to find a balance between gathering enough identifying information to provide enough confidence in a user's identity and making the services or accounts accessible to users. Regulations and business rules may govern how much or what identifying information the user must provide depending upon the nature of the activity that is requested.
Many traditional systems often rely on authentication measure that include ownership factors (e.g., security token), knowledge factors (e.g., passwords or PINs), and/or inherence factors (e.g., fingerprints or retinal patterns). These authentication measures are often static or presented at pre-defined entry points. To varying degrees, authentication measures based on these factors can be easily circumvented and/or counterfeited. In addition, many systems simply rely on passwords and/or challenge responses at a single point to determine if access should be granted. Also, many systems sacrifice increased security measures for convenience of use. As such, techniques are needed that provide for improved security without sacrificing ease of use for the user.