Customizing Abbreviations and Equivalences for Locales

7-38 Oracle Fusion Middleware Administrators Guide for Oracle Adaptive Access Manager See Section 7.9.3, Level of Answer Logic. 2. Test against specifications.

7.13 KBA Guidelines and Recommended Requirements

These recommendations provide guidelines for implementing KBA authentication. They provide guidance to institutions for configuring and implementing custom enrollment and challenge procedures within the guidelines of best practices.

7.13.1 Best Practices for Managing Questions

Applying Validations Many validations may be applied locally or globally. You must be careful not to apply any validations globally that you do not want to influence all answer registration. For example, if the Four-digit year YYYY validation is applied globally then only numeral answers are accepted during KBA registration. This is a problem if there are questions available to users that normally have alphanumeric answers. Deleting Questions and Categories You can create, edit, and delete questions and categories. You should take care when deleting categories and questions. Insufficient numbers of questions and categories can impact the security of the solution and cause usability issues. For example, if the Categories per menu Registration Logic is set to a number that is more than the total number of categories in the system then there may be duplicate questions listed. This can be confusing to users so it should be avoided. Questions per Menu Setting The Questions per menu setting should be between 4 and 7. This range provides a good mix of questions in a question set but does not expose too many questions to any single user. Question User will Register Setting The Questions user will register setting should be between 3 and 7. This provides enough questions to offer good security but does not over burden a users memory. The basic industry standard for KBA is 3 registered questions. The max and min limits are configurable through the following properties. bharosa.config.type.kba_config.enum.regQuestionsCount.validation.minValue=3 bharosa.config.type.kba_config.enum.regQuestionsCount.validation.maxValue=7 Challenge Questions Configuration It is recommended that you completely configure all of the challenge questions, including locale, before making the question available to users. Challenge Question Disabling If you disable a challenge question, users who previously had that question continue to have the question even after it is disabled. However, users that are registering for the first time or re-registering are not presented with the disabled question.