Our service desk team is looking for a basic way to verify a user's identity when they call in without using personal information as the basis (ie last 4 social, phone #, home address, etc.), so the idea is to use FIM for that.
Is there a way to duplicate the functionality that the SSPR portal provides to have a separate registration for a QA gate that could be used to accomplish this? It would have its own set of less "personal" questions and follow the same process as the password reset portal, just minus the password reset step.
My other idea I had was to create a couple custom attributes (ie a private code word or PIN) to bind to a user object in FIM and give users access to edit them and woudl set them themselves, and a help desk agent would have access to read them to verify. My dilemma here though is how to force users to fill them out. I looked how to edit the RCDC to make them required fields, so a user would not be able to edit their profile and save it ever if those fields are not populated..... but if there was a way to have a popup reminder for registration like SSPR, that would be better.
the other alternative of using the actual SSPR responses isn't ideal since the answers might be too "private", and also confusing potentially if a person has to run thorugh the reset portal up until the reset part and just hit cancel each time.