• Review of KIISC
• /
• v.10 no.4
• /
• pp.41-51
• /
• 2000

무선 인터넷 서비스가 국내외적으로 크게 증가하고 있으며 2003년경에는 세계 무선 인터넷 사용인구가 6억 명에 이를 것이라는 전망이 나오고 있다. 그러나 무선인터넷이 보다 활성화되고 이를 이용한 뱅킹 서비스, 주식거래, 온라인 쇼핑 등의 전자상거래 서비스가 원활히 제공되기 위해서는 보안기술의 적용이 필수 사항이다. 본 고에서는 WAP(Wireless Application Protocol)을 위한 전자서명인증 및 키 분배용 모델을 제시함으로써 국내 무선공개키기반구조 구축시 발생할 수 있는 혼란을 최소화하고 국내 무선 인터넷 인증 관련 기술의 발전과 응용 서비스를 활성화시키는데 기여하고자 한다.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.29-38
• /
• 2002

Everyday demand of wireless internet is increasing. Security problem is certainly resolved for wireless internet activation. Especially problem is only wiretap in mobile communication with voice, but problems, user authentication, data integrity guarantee etc., are resolved in data-services that have commercial transaction over simple data information service such bill, banking. Necessity of wireless PKI that can offer security service likely in wired environment is requested for offering security service in wireless environment. For offering security services, confidentiality, integrity, non-repudiation etc, that of offered in wired environment in wireless environment, first it must construct wireless PKI infrastructure and do service activity. This paper analyze various wireless internet technology for offering safe wireless internet service and wireless PH standards. Performance Result of this paper expect activity of safe wireless PH service and activity of electronic commercial transaction used wireless internet such banking service, bill transaction, online shopping.

• Journal of KIISE:Information Networking
• /
• v.36 no.6
• /
• pp.552-557
• /
• 2009

One-time passwords are used just once and discarded, which makes it more secure than the repeatedly used conventional passwords. This paper proposes a challenge-response based one-time password generator on a user's mobile phone always carried with the user. The generator can provide an additional authentication for a user to issue a money transfer request within his Internet banking session on a PC. A currently used device for Internet banking generates a password that changes every 30 seconds or so, which allows a man-in-the-middle to use it for stealing money within the 30 seconds. Unlike such a device, the proposed generator resists against the man-in-the-middle attack by a novel challenge-response scheme, provides better accessability and protection against stolen devices. As the currently used devices do, it prevents any unauthorized transfer even if the victim's all other credentials are revealed through his PC infected with spyware such as a keyboard logger.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.36 no.8B
• /
• pp.939-946
• /
• 2011

The Internet banking service provides convenience than the traditional offline services. However, it still causes a number of security problems including hacking. In order to strengthen security, the financial institutions have provided such authentication methods as the official authentication certificate, the security token, the security card and OTP. However, the incidents related to hacking have continuously occurred. Especially, various weak points have been suggested for the authentication methods in regard to such types of hacking as the memory hacking or the MITM attack. So I needed was a new authentication method. In this study, the two-channel authentication method which provide two-way authentication on the user's PC and mobile device when executing the electronic financial transactions in the Internet banking environment is suggested. Also, by analyzing it in comparison with other existing methods, it is possible to check that the prospects of safety and credibility are strengthened.

• Journal of Intelligence and Information Systems
• /
• v.9 no.3
• /
• pp.193-205
• /
• 2003

In this paper, we suggest user authentication and authorization system for internet banking by face recognition. The system is one of Biometrics technology to verify and authorize personnel identification and is more unobtrusive than the other technologies, because they use physiological characteristics such as fingerprint, hand geometry, iris to their system that people have to touch it. Also, the face recognition system requires only a few devices such as a camera and keypad, so it is easy to apply it to the real world. The face recognition algorithms open to the public are separated by their analysis method differ from what characteristic of the human face use. There are PCA (principal Component Analysis), ICA (Independent Component Analysis), FDA (Fisher Discriminant Analysis). Among these, physiological data of encrypted form is translated utilizing PCA which is the most fundamental algorithm that analyze face feature, and we suggests design method of user authentication system that can do send-receive fast and exactly.

• Journal of Internet Computing and Services
• /
• v.8 no.1
• /
• pp.79-85
• /
• 2007

As the use of the computer and networks generalized, the various tasks which are requested secrets can be processed such os the banking transaction. And because of increasing of data exchange, Internet, and mobile networks, the method which is not connected only but also used with many users has been changed. Especially because of the structural problem of the Internet, a lot of information is leaked out when we use the Internet banking. If we check the Internet banking by using an existing cypher method which is either simple of slow, a credit card number, an account number or password will be leaked out. Because the security of information doesn't meet our expectation, we need more powerful cryptography. But, the wasted space-time which is required shouldn,t be ignored when the whole transferred data are encrypted. So, by using both the Elliptic Curve algorithm which is based on mobile networks and the partial encryption of the DTD of XML in this essay, we will implement more faster cypher method of the partial XML.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10b
• /
• pp.421-423
• /
• 2004

최근 국내의 인터넷사용인구는 3,000만 명에 육박하고 있으며 인터넷 뱅킹 또한 활성화되고 있음에도 불구하고 공과금의 인터넷 수납은 매우 저조하여 2%정도에 머물고 있다. 그 이유로는 업체마다 서로 다른 아키텍처로 개발하여 시스템 간 인터페이스가 어렵고 제공되는 서비스의 신뢰성이 떨어지기 때문이다 본 논문에서는 전자공과금 수납 시스템의 표준모델로 SEBPPA(Standard Electronic Bi11 Presentment and Payment Architecture)를 제안하고 그에 따른 시스템 구조를 설계하였다. 또한 실제 구축사례를 통하여 제안한 SEBPPA모델에 기반을 둔 시스템이 충분히 안정적인 서비스를 제공할 수 있으며 유지보수의 편의성, 시스템의 유연성을 증가시킴을 증명하였다.

• Review of KIISC
• /
• v.21 no.7
• /
• pp.53-61
• /
• 2011

최근 들어 초고속 인터넷서비스의 보편화, 무선통신망의 고속화 및 스마트폰 등 새로운 정보통신매체 등이 보급 활성화됨에 따라 인터넷 뱅킹, 사이버 트레이딩 등 전자금융서비스가 보편화되고 이용률이 해마다 급증하고 있다. 이처럼 전자금융의 대중화 및 활성화로 인해 전자금융사고에 의한 이용자의 금전적인 손실은 해당 금융기관의 신뢰도 하락과 경영상 피해 등 과거보다 더 심각한 영향을 줄 수 있다. 따라서 본 논문에서는 다변화하는 전자금융 환경에 대해 살펴보고 인터넷, 모바일 및 자동화기기 등 전자금융에서 발생한 또는 발생 기능한 보안위협을 분류함으로써 향후 이를 기반으로 전자금융 서비스 안전성 강화를 위한 대응 방안 연구에 기반이 되고자 한다.

• The Journal of the Korea Contents Association
• /
• v.18 no.8
• /
• pp.109-117
• /
• 2018

The launch of internet-only banks has brought many changes. As the existing commercial banks and internet-only banks have started the infinite competition, the maintenance of relationships with customers or the creation of new customers is important. For this, it is meaningful to understand the aspect of customers' perception of value. Thus, this study conducted the empirical analysis on the attitude of the existing phone-banking users after the launch of internet-only banks. First, the reliability and mobility out of the characteristics of the existing mobile service of commercial banks had effects on the perceived switching value while the reactivity had no effects on it. Second, in the results of understanding the effects of diverse benefits from internet-only banks on the perceived value, the economic benefit and convenient benefit had positive(+) effects on the perceived switching value. Lastly, the perceived switching value had positive(+) effects on the use intention.

• Digital Contents
• /
• no.9 s.100
• /
• pp.93-101
• /
• 2001

개인자산관리란 인터넷 뱅킹 이용자가 은행계좌, 주식계좌, 신용카드 대금, 뮤추얼 펀드 수익률, 공과금 등을 확인하기 위해 각 은행 웹사이트들을 각각 오가야 했던 수고를 할 필요 없이 하나의 웹사이트에서 모든 계좌를 통합해 개인의 자산과 부채현황, 잔고등을 통해 온라인 상에서 투자조언이나 자산관리 등을 받는 것을 말한다.