• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.3-9
• /
• 2018

The purpose of this study is to propose effective countermeasures against the regulation and supervision of unique identification information for financial institutions and present the present problems and future directions. In financial institutions, it is investigated that DB system of many personal information processing systems is in order to comply with the law, and additional measures such as encryption are required for data files containing unique identification information in many other application systems. In this paper, the conclusions of institutional, administrative, and technological feasibility are presented.

• Journal of Intelligence and Information Systems
• /
• v.14 no.2
• /
• pp.179-192
• /
• 2008

This case study shows constructing the knowledge-based system using a rule-based approach for detecting illegal transactions regarding money laundering in the Korea Financial Intelligence Unit (KoFIU). To better manage the explosive increment of low risk suspicious transactions reporting from financial institutions, the adoption of a knowledge-based system in the KoFIU is essential. Also since different types of information from various organizations are converged into the KoFIU, constructing a knowledge-based system for practical use and data management regarding money laundering is definitely required. The success of the financial information system largely depends on how well we can build the knowledge-base for the context. Therefore we designed and constructed the knowledge-based system for anti-money laundering by committing domain experts of each specific financial industry co-worked with a knowledge engineer. The outcome of the knowledge base implementation, measured by the empirical ratio of Suspicious Transaction Reports (STRs) reported to law enforcements, shows that the knowledge-based system is filtering STRs in the primary analysis step efficiently, and so has made great contribution to improve efficiency and effectiveness of the analysis process. It can be said that establishing the foundation of the knowledge base under the entire framework of the knowledge-based system for consideration of knowledge creation and management is indeed valuable.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.9
• /
• pp.2044-2055
• /
• 2015

Financial information systems play such a pivotal role in the financial institution services that are provided for a large customers on the basis of various information including the personal information. As for the personal information collected during the transactions in the financial information systems, huge efforts and investment have been made to protect previously them from being inappropriately misused or illegally used if they could be released. Unfortunately, the frequent accidents on the leakage of sensitive personal information have occurred recently not only by external service users but even by internal system users. Therefore, the aim of this study is to suggest a model of advanced two-channel authentication for internal users in order to increase the stability of financial information systems with enhanced security.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10c
• /
• pp.550-552
• /
• 2002

인증서기반의 인터넷뱅킹과 온라인증권거래에서, 금융거래 서비스 제공자는 많은 사용자의 인증서상태 검증이 요구된다. 금융거래 서비스는 사용자 인증서상태를 실시간의 검증이 보장되어야 한다. 인증서 상태 검증을 위해 기존의 CRL(Certificate Revocation List), Delta CRL, Freshest CRL과 실시간 인증서상태 검증을 위하여 OCSP(Online Certificate Status Protocol)의 표준이 제안된 바 있다. 실시간성과 검증속도는 상호 대비되기 때문에 응용프로그램의 특성을 고려하여 인증서상태 검증방법을 채택한다. 본 논문에서는 CRL의 갱신되기 이전의 폐지에 대하여 실시간으로 전송하는 시스템을 설계한다. 제안하는 인증서폐지 전송서버는 서명자의 검증자 리스트를 관리하여 금융거래 사용자가 CA에 폐지를 요청하면 사용자가 이용하는 금융거래 서비스 제공자들에게 실시간으로 폐지를 고지한다. 본 논문은 CRL 생성이후 갱신까지의 인증서 폐지정보를 검증자에게 전송하여 인증서의 실시간 상태정보를 유지하면서 OCSP보다는 검증속도를 향상시켜 금융거래 환경에서 향상된 효율성을 제공한다.

• Convergence Security Journal
• /
• v.14 no.5
• /
• pp.31-36
• /
• 2014

As security management center of financial area, financial ISAC monitors financial corporations and provides security services. Financial ISAC minimizes damage by responding quickly to external attack such as hacking, virus but it is poor at handling internal attack. For the efficient management and stable operation of information source, also to respond jointly to online hacking, the necessity of information sharing system increases day by day in and outside country. This paper proposes financial ISAC that can prevent a secondary damage of leakage information as well as providing security services. The proposed financial ISAC provides new password to financial corporation in which the same ID and password as leakage information are used and in case of financial information leakage it warns customers against phishing etc.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.869-870
• /
• 2009

가택침입이나 물리적인 납치 강도 등의 위협을 당할 경우, 개인은 외부와의 소통이 단절된 상태에서 생명의 위협과 함께 금융자산 유출의 위험에 쉽게 노출될 수밖에 없다. 본 논문에서는 이러한 상황에서 금융 계좌의 비상용 비밀번호를 이용하여 개인의 긴급한 상황을 외부에서 인지할 수 있는 고객상황 인지시스템을 제안한다. 제안하는 고객상황 인지시스템은 비밀번호 인식기, 비상상황 인식기, 경보 발령기, 비상상황 처리기로 구성된다. 제안한 시스템은 고객의 긴급 상황을 인지하여 적절히 대처할 수 있을 뿐만 아니라, 금융자산 강탈을 목적으로 하는 범죄 심리를 사전에 예방하는 효과가 있을 것으로 예상된다.

• Information Systems Review
• /
• v.25 no.1
• /
• pp.111-128
• /
• 2023

With the development of artificial intelligence technology, interest in data-based product preference estimation and personalized recommender systems is increasing. However, if the recommendation is not suitable, there is a risk that it may reduce the purchase intention of the customer and even extend to a huge financial loss due to the characteristics of the financial product. Therefore, developing a recommender system that comprehensively reflects customer characteristics and product preferences is very important for business performance creation and response to compliance issues. In the case of financial products, product preference is clearly divided according to individual investment propensity and risk aversion, so it is necessary to provide customized recommendation service by utilizing accumulated customer data. In addition to using these customer behavioral characteristics and transaction history data, we intend to solve the cold-start problem of the recommender system, including customer demographic information, asset information, and stock holding information. Therefore, this study found that the model proposed deep learning-based collaborative filtering by deriving customer latent preferences through characteristic information such as customer investment propensity, transaction history, and financial product information based on customer transaction log records was the best. Based on the customer's financial investment mechanism, this study is meaningful in developing a service that recommends a high-priority group by establishing a recommendation model that derives expected preferences for untraded financial products through financial product transaction data.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.743-763
• /
• 2018

It has been 10 years since the concept of cloud system has emerged. Despite the fact that the cost-effectiveness and security of cloud systems has been proven, financial companies are reluctant to adopt cloud systems. Financial institutions are reluctant to adopt the cloud system because of the strong regulation of financial authorities in relation to the leakage of customer information However, more important reason why financial institutions hesitate to introduce cloud systems is the lack of direction and standards for the introduction of cloud systems by financial institutions. This study examines the legal and institutional constraints on the introduction of cloud systems in financial institutions and suggests decision models for determining whether cloud systems can be applied and how cloud systems are configured when financial institutions construct IT systems. We hope that this research will be helpful for establishing direction of cloud system introduction of many financial institutions.

• Proceedings of the Korea Society of Information Technology Applications Conference
• /
• 2002.11a
• /
• pp.136-160
• /
• 2002

Most important to financial is to provide well designed and built services to the customers by accessing their core bank systems and affiliated systems in their partners. This will be essential to introduce new products and services and still be able to count on legacy and collaborative affiliated systems. Winning the war on such service competitions among financial institutions is attainable by seizing the 'e-bank' opportunities in B2Bi and CRM ( Customer Relationship Management ). Such application integrations among systems and 'e-bank' services need to be available in the new IT environment.

• Information and Communications Magazine
• /
• v.34 no.3
• /
• pp.37-46
• /
• 2017

최근 핀테크 산업이 이슈가 되면서 금융 업무를 더 효율적으로 만드는 기술 중 하나로서 이상행위 탐지시스템(FDS)이 관심을 받고 있다. 이상행위 탐지시스템은 금융업무의 리스크 관리를 위한 기술로 주로 활용되고 있다. 본고에서는 이상행위 탐지시스템의 개념을 소개하고, 은행, 카드, 보험 등 금융권 적용분야를 살펴보고자 한다. 또한, 각 금융업무의 리스크 관리 목적뿐만 아니라 FDS를 활용한 침해사고 대응 활동을 소개하면서 기술 발전 방향을 고찰하도록 한다.