A multinational financial institution is implementing a new online banking platform that will allow customers to register and access their accounts remotely. The security team wants to implement a robust identity proofing system for the registration process. Which of the following approaches provides the strongest level of identity assurance?
Implementing biometric verification through facial recognition matched against a selfie taken during registration
Using knowledge-based authentication that asks customers questions about their credit history
Requiring customers to upload scanned copies of their government-issued identification documents
Implementing a multi-step verification process that combines document verification, knowledge-based authentication, and biometric verification
The correct answer is implementing a multi-step verification process that combines document verification, knowledge-based authentication, and biometric verification. This approach represents a comprehensive identity proofing strategy that incorporates multiple factors:
Document verification: Validates government-issued ID documents to establish a baseline identity claim
Knowledge-based authentication: Verifies the user knows information that should be known only to them
Biometric verification: Confirms the user's physical characteristics match those on their ID documents
This multi-layered approach follows the principles of strong identity proofing by using multiple independent verification methods, making it harder for an attacker to successfully impersonate someone.
The other options are insufficient because:
Requiring only government ID upload lacks verification that the person registering is actually the ID holder
Knowledge-based authentication alone is vulnerable to data breaches where personal information might be compromised
Biometric verification without document verification doesn't establish the initial identity claim properly
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is document verification in identity proofing?
Open an interactive chat with Bash
Why is combining multiple verification methods more secure?
Open an interactive chat with Bash
What are the limitations of knowledge-based authentication (KBA)?
Open an interactive chat with Bash
ISC2 CISSP
Identity and Access Management (IAM)
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .