Where did you meet your spouse?
What was your spouse's grandmother's middle name? What was her favorite food? What was her kitty's name? What was the kitty's favorite food? When was that kitty born?
These are the sorts of questions I get these days as I am trying to establish that I am actually the person I purport to be.
I foresee greater depth and completeness in credentialing in the future. We seem to be moving toward retinal ID, typing ID where the exact speed and keystrokes and typical errors identify you, device ID where the operating system, cookies still lingering on the machine and other features, taken together identify the machine.
Similarly, I am often asked to read a policy, sometimes a statement that the company promises to try to sell data about me and my tastes, proclivities and activities to the highest bidder as often as possible. At the bottom of the statement of policy is a check box that I need to check to state that I have read the policy. If I go directly to checking the box, the computer says "You cannot read that quickly. Now go back and actually read our message."
The verification and testing industry, probably a spin off of the folks who bring us the SAT test, is working on automatic generation of quizzes to try to increase the probability that I have actually read, comprehend and will remember the policy and its implications, ramifications and relation to previous policies and similar ones posted by other companies. Their machines might create a set of quiz questions like these:
In summary, what are the five main actions we have said we will take with your data?
What was the copyright date of the post of our policy?
What action can you take if you feel we are misusing your data?