Question based IDentification

Initiated by a research grant from the Eduserv Foundation, the QID project is investigating the use of questions about personal information (cognitive) as the basis for authentication instead of the widely used password (recall) method. The research aims to improve accuracy and usability by generating random authentication questions from a set of personal data. Fraudulent access detection is performed using a novel application of two machine learning algorithms, Expectation Maximisation and Bayesian Classification.

Knowledge based authentication has been commercially used by the consumer credit industry for many years and more recently by government agencies such as the Inland Revenue. Currently, knowledge-based authentication software is typically bundled with the reference consumer credit data provided by the vendor, which are not affordable for many businesses and academic institutions. The research aims to design and implement knowledge-based authentication software that will be provided free to the public using the open source BSD license.

Initial prototypes of the authentication system and fraud detection processing have been completed. The current research is focused on improving the fraud detection processing and a system using CAPTCHA techniques to automatically collect empirical test data from the Internet.