Knowledge Based Authentication (KBA)

When I was first brought in to [company not disclosed] my first big project was to integrate a Knowledge Based Authentication solution for our clients. It was decided to use the LexisNexis Knowledge Based Authentication (KBA) SOAP API. A SOAP Client Library was developed using PHP’s SoapClient Class to authenticate and interact with the KBA SOAP API. The SOAP Envelopes’ Security Header was custom developed to fit the SOAP API’s requirements. The Library was used in many CodeIgniter applications.

About LexisNexis: LexisNexis Group is a corporation providing computer-assisted legal research services. During the 1970s, LexisNexis pioneered the electronic accessibility of legal and journalistic documents. As of 2006, the company has the world’s largest electronic database for legal and public-records related information.

About Knowledge Based Authentication: Knowledge-based authentication, commonly referred to as KBA, is a method of authentication which seeks to prove the identity of someone accessing a service, such as a website. As the name suggests, KBA requires the knowledge of personal information of the individual to grant access to the protected material. Knowledge-based authentication is used by financial services firms, call centers and other companies to verify a person’s identity through a series of questions, which are generated through public databases.