From my experiments with the security questions:

1. Security Questions are not case sensitive. So "London" is the same as "london".

2. Indeed it's possible to add a words with unicode characters, e.g. greek words and most likely in other languages, spaces, dashes etc. But the system will take in consideration any accents in the words. When answering the security questions, you need to write the exact same word/phrase as it was typed - with the only exception of the upper/lower case.

So for example the greek word "Αθήνα" will be different than "Αθηνα", while the "ΑΘΗΝΑ Ελλάδα" will be the same as "αθηνα ελλάδα"

The above are what I have found out by experimenting with my security questions. Unfortunately, I searched and couldn't find any reliable sources to cite. It seems that there is nowhere this kind of information.

The only reference I managed to find is here: http://www.reddit.com/r/applehelp/comments/31tquo/are_the_security_questions_case_sensitive/

So, I decided to call Apple Support and ask. The support representative confirmed to me that security questions are case insensitive, I can type in greek letters and that accents are considered.

"Security question answers" are akin to auxiliary passwords, which users will not use on a daily basis. Remembering a password that you almost never type is hard. Requiring exact case is likely to make the user fail to answer properly.

On a theoretical point of view, a "security question" is already a huge weakness, which you tolerate because some users will forget their password, and you want to handle that case with as much automation as possible, and not asking any security question would be even worse security-wise. Hence, the added value of security questions is that they allow a not-totally-open password reset process which can nonetheless be conducted automatically, i.e. at minimal cost for the server. Case sensitivity would probably remove much of that value. Actually, I would even recommend normalization by suppressing whitespace, punctuation and accents.