MeriTalk: GAO: Agencies Should Discontinue Knowledge-Based Verification

“In light of the increasing ubiquity of data breaches, Government Accountability Office (GAO) released a report today recommending that Federal agencies should discontinue knowledge-based verification to strengthen their remote identity proofing processes and that the National Institute of Standards and Technology (NIST) should provide guidance in creating alternative identity proofing methods.”

“When Federal agencies that issue benefits conduct remote identity proofing – a process agencies and organizations use to verify individuals’ identities when they apply online for benefits and services – they often use knowledge-based verification to compare applicants’ identifying information with electronic records consumer reporting agencies (CRAs) hold to confirm their identities.”

“But with the rise of data breaches, such as with Equifax, a CRA, in 2017, GAO said that hackers could use the stolen data to respond to knowledge-based verification…” Read the full article here. 

Source: GAO: Agencies Should Discontinue Knowledge-Based Verification – June 14, 2019. MeriTalk.


Tagged: ,

This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 year, 3 months ago.

  • Author
  • #68255

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2020 G2Xchange all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?