Call Center Customer Verification by Query-Directed Passwords
Date: February 2004
Publication: Proceedings of Financial Cryptography 04
Publisher: International Financial Cryptography Association
Source 1: http://pubs.research.avayalabs.com/pdfs/ALR-2003-045-paper.pdf
Abstract or Summary:
We introduce an authentication framework called Query-Directed Passwords (QDP) that incorporates the convenience of authentication by longterm knowledge questions and offers stronger security than from traditional types of personal questions. Security is strengthened for this scheme by imposing several restrictions on the questions and answers, and specifying how QDP is implemented in conjunction with other factors. Four QDP implementations are examined for call center applications. We examine the security and convenience of one of these implementations in detail. This implementation involves client-end storage of questions in a computer file or a wallet card, and follows a basic challenge-response authentication protocol.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.