Leveraging personal information for user authentication is receiving increased attention as a cost effective method for identifying users that may need only infrequent access to system resources. However identity theft and other “Front Page” issues complicate the implementation of systems using this new and evolving technique. Our co-founder Mr. Steve Bruck brings direct experience in the development of KBA strategies, with an emphasis on acceptable use and the steps implementers should take to ensure that sensitive information is safeguarded and that users have greater visibility into the ways their personal information is used. We translate this direct experience into the following KBA service areas:

• Concept of Operations and Best Practices Implementations

We help our customers answer questions such as what information should be used, how should the questions be structured, how will notifications be made subsequent to authentication, and other issues relating to how this technique meshes with other business processes already in place.

• Acceptable Use and Data Stewardship

We assist our customers in the development of data stewardship and safeguarding strategies. We evaluate data types, data sensitivities and develop risk models that enable our customers to identify candidate data as well as those data elements that should be avoided. We also develop notification processes that make the use of personal information more visible to the owner—and enable constituents to better manage their electronic identity.