A challenge question is a question that can be used
|“||as a backup in the event that the primary logon authentication technique becomes inoperable or presents an unexpected characteristic.||”|
"In its basic form, the user is presented with one or more simple questions from a list that was first presented to the customer when they originally enrolled in the online banking system. These questions can often be easily answered by an impostor who knows the customer or has used an Internet search engine to get information about the customer (e.g., mother's maiden name, high school the customer graduated from, year of graduation from college, etc.)."
- ↑ Supplement to Authentication in an Internet Banking Environment, at 6.
- ↑ Id. at 7.