Knowledge-based authentication (KBA)

Validate the identity of your signers with KBA in Zoho Sign.

What is KBA?

Knowledge-based authentication, or KBA, is an identity verification method that involves asking signers out-of-wallet questions that only they know the answers to. These questions can range from their demographic data to their purchase history or business transactions.

Why should businesses use KBA?

KBA is a legally accepted vetting process for signers based in the United States. Businesses in regulated industries, such as health care and finance amongst others, deal with sensitive data and documents that require signatures. KBA is the IRS-complaint way to authenticate signer identities.

What are the types of KBA?

  • Static KBA

    Signers select their own pre-determined security questions and share their responses with the authenticator in advance. Example: What is your mother's maiden name?

  • Dynamic KBA

    These security questions are generated from public and private records collected using the signer's social security number. They may range from demographic questions to questions related to credit transactions. Example: When did you purchase your property located on XYZ street?

  • Customer-based KBA

    Companies can generate questions based on customer behavior inside their app. Example: When did you create the template "Social media policy"?

Why dynamic KBA?

Zoho Sign offers dynamic KBA because it enables senders to authenticate their signers with questions that can only be answered by them.

  • Security for your data

    Dynamic KBA is highly secure, as it involves user-specific questions that cannot be easily answered by others. This reduces the chances of fraudulent behavior

  • Easy to set up

    It's effortless to configure the authentication process. You can customize the number of questions and attempts according to the sensitivity of the transaction.

How does this integration work?

Once the integration has been enabled, senders can choose dynamic KBA as a mode of recipient authentication. Signers who receive the signing link will enter the required details to proceed to the authentication process.

Signers can access and sign the document once the authentication is completed.

  1. Enable the integration from settings.

  2. Configure the authentication settings.

  3. Select dynamic knowledge based authentication as the authentication mode while adding recipient details.

  4. Sender sends the document.

  5. The signer recieves the document and starts the signing process.

  6. Signer enters the required details and proceeds to the authentication process.

  7. Signer completes the authentication process to access the document.

  8. Signer signs the document.

Frequently asked questions:
  • How secure is KBA?

    Knowledge-based authentication is a highly secure method of authenticating signers in the real world.

  • How does Zoho Sign offer KBA ?

    Zoho Sign has partnered with iDology to provide KBA.

  • Will my data be shared with anyone?

    Yes. However, the data shared to IDology is limited to your name, address, year of birth and the last four digits of your social security number (SSN).

  • Will my information be stored?

    No, Zoho Sign doesn’t store any of your data.

  • What are the types of KBA?

    There are three types of KBA: static, dynamic, and customer based. Zoho Sign uses dynamic KBA powered by IDology.

  • How are KBA questions generated?

    Questions are generated based on the credit charges and demographic data available in public credit bureau records.

  • Is there a time limit for completing the authentication process?

    Yes, the authentication process consists of five questions that need to be answered within two minutes.

  • What happens if you don’t answer within the time frame?

    If the authentication isn't completed in the given time frame, the selected options with be auto-submitted for verification.

  • What happens if you fail the authentication?

    In such a case, you would need to contact the sender to restart the authentication process.