CompTIA CASP+ (CAS-003) — Question 92

An insurance company has two million customers and is researching the top transactions on its customer portal. It identifies that the top transaction is currently password reset. Due to users not remembering their secret questions, a large number of calls are consequently routed to the contact center for manual password resets. The business wants to develop a mobile application to improve customer engagement in the future, continue with a single factor of authentication, minimize management overhead of the solution, remove passwords, and eliminate to the contact center. Which of the following techniques would BEST meet the requirements? (Choose two.)

Answer options

• A. Magic link sent to an email address
• B. Customer ID sent via push notification
• C. SMS with OTP sent to a mobile number
• D. Third-party social login
• E. Certificate sent to be installed on a device
• F. Hardware tokens sent to customers

Correct answer: C, E

Explanation

The best options are C and E. Option C, SMS with OTP sent to a mobile number, provides a secure and user-friendly single-factor authentication method that can eliminate password usage and reduce contact center calls. Option E, a certificate sent to be installed on a device, also enhances security through device verification, thus fulfilling the requirements. The other options either do not eliminate passwords effectively or do not directly address the need to reduce contact center interactions.