Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.6.1503

Advanced Mandatory Authentication Architecture Designed for Internet Bank  

Hong, Ki-seok (Graduate School of Information Security, Korea University)
Lee, Kyung-ho (Graduate School of Information Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.6, 2015 , pp. 1503-1514 More about this Journal
Abstract
Non-face-to-face real name verification policy that financial authorities announced, in order to secure a face-to-face or more of accuracy, are in principle of multi check. The business model and legal entities of Internet banks is different from existing Internet banking. Relpacing real name verification from face-to-facd to non-face-to-face while maintaining the structure of identification can not only cause inconvenience to a first time member, but also can be more vulnerable to verious security risks. In this study, to evaluate a service level of a bank of the Internet, and provide an improved identification of the structure such that the registration and use of differentiated services is performed in accordance with the evaluation. In addition, the security that may occur with respect to Bank of the Internet to establish a vulnerability and attack model, the results of the analysis of the safety of the step-by-step security attributes and services of the authentication medium of each attack model, existing the safer than Internet banking, confirmed the usefulness in user registration guide.
Keywords
real name verification; mandatory authentication; internet bank; internet primary bank; attack model;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Financial Services Commition, http://www.fsc.go.kr/know/wrd_list.jsp?menu=7420000&dn_no=490, Financial Glossary
2 Financial Services Commission, "Internet Primary Bank will be Introduced," Press Release, Jun. 2015
3 Financial Services Commission, "Internet Primary Bank Preliminary Approval Examination Will Review Centered on Innovation," Press Release, Sep. 2015
4 Ministrary of Government Legislation, http://www.law.go.kr/lsInfoP.do?lsiSeq=154291&efYd=20141129#0000 "Law of Real Name Financial Transaction System", Nov. 2014
5 Financial Services Commission, "A Comprehensive Handbook of The Real Name Financial Transaction System," pp. 3-6, 2008
6 Korea Federation of Banks, "A Commentary of The Real Name Financial Transaction System," Dec. 2010
7 Financial Services Commission, "A Rationalization of Real Name Verification on the Account Opening," May. 2015
8 Byeong-Ho Seo, "Non-face-to-face real name verification introducing notes on," Financial Weekly Briefing, Korea Institute of Finance, 25(3), May. 2015
9 The Bank of Korea, "2014 The Result of The Usage Patterns of Means of Payment and Implications," Survey Materials 2005-1, Jan. 2015
10 Bon-Seong Gu, "An Introduction of Internet Bank," Korea Institute of Finance, Finance Policy Research Report, Mar. 2008
11 Tae-Ho Kim, "A study on Preparation for The Electronic Finance Risk of Domestic Internet Only Bank," Korea Institute of Information Security and Cyptology, 8(5), Oct. 2008
12 Yong-Jae Kim, "Need for Elimination of The Regulatory Arbitrage on The Real Name Financial Transaction System and The Advancement of The Regulation of The Real Name Verification Procedures," The Korean Journal of Securities Law, 14(2), 2013
13 Jae-Hoon Lee "Improvement of The Electronic Finantial Service and Developement of The Real Name Financial Transaction System," IT and Law Research 7, Feb. 2013
14 Geol-Won Bang, "Implementation of The Fingerprint Identification Algorithm Fingerprint Registration," Korea Multimedia Society, pp. 585-589, 2002
15 William E. Burr, Donna F. Dodson and Elaine M. Newton "Electronic Authentication Guideline", NIST Special Publication 800-63-2, Aug. 2013
16 Chan-Ju Jeong "Research for Online Identity Verification Using Financial Security OTP," Information Security Journal, 18(5), Oct. 2008
17 Peotta, Laerte, et al. "A formal classification of internet banking attacks and vulnerabilities," International Journal of Computer Science & Information Technology vol. 3, no. 1, pp. 186-197. Feb. 2011   DOI
18 Han-Na You "A Study on the Two-channel Authentication Method which Provides Two-way Authentication using Mobile Certificate in the Internet Banking Environment," The Journal of The Korean Institute of Communication Sciences 36(8), pp. 939-946, Aug. 2011   DOI
19 Jae-Sik Lee, "A Design of Service Provider Model and Authentication Seheme for Secure Internet Banking," Ph.D. Thesis, Soongsil University Graduate School, Jun. 2013
20 Han-Wook Lee and Hu-Gen Shin "A Review of User Authentication Strong to The Memory Hacking Attack," Korea Institute of Information Security and Cyptology 23(6) Dec. 2013
21 National Police Agency, http://www.police.go.kr/portal/main/contents.do?menuNo=200286, New Financial Crime(Memory Hacking)
22 Byung-Chul Cho and Jong-Man Park "Technology Review on Multimodal Biometric Authentication," The Journal of Korean Institute of Communications and Information Sciences 40(1) Feb, 2015
23 Ditital Times, http://www.dt.co.kr/ contents.html?article_no=2015012802100351800001 28. Jan, 2015
24 Chang-Hyun Cho, "Research on mobile communication dual channel authentication mechanism for Internet banking environment, security," Soongsil University Graduate School, Jun. 2010
25 Ditital Times, http://www.dt.co.kr/ contents.html?article_no=2015081302100558739001 13. Aug, 2015