• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.5
• /
• pp.113-130
• /
• 2011

Due to the development of information and communication technology, the global influence on politics, economics, society, and culture has grown. A major example of this impact on the economic sector is the growth of e-commerce, which increases both the speed and efficiency of businesses. In light of these new developments, businesses need to shift away from the misconception that information overwhelms to embrace the enhanced competitiveness that e-commerce provides. However, concern about fraudulent transactions through e-commerce is pertinent because of the loss in both critical revenue and consumer confidence in open markets. Current solutions for fraudulent transactions include real-time monitoring and processing, payment pending, and confirmation through SMS, E-mail, and other wired means. Our research focuses on the management of Fraud Detection Systems (FDS) to safeguard online electronic payment systems. With effective implementation of our research we hope to foster an honorable online trading culture and protect consumers. Future comparative research in domestic and abroad markets would provide further insight into preventing fraudulent transactions.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.15 no.8
• /
• pp.5294-5302
• /
• 2014

The development of public-key-based technique that enables a variety of services(E-government, e-banking, e-payment, etc.) evaluated as having complete safety. On the other hand, vulnerabilities(e.g, heartbleed bug, etc.) are constantly being discovered. In this paper, a public key infrastructure to verify the safety and reliability, the collision rate using OpenSSL key pair was analyzed. the experiment was performed using the following procedure. Openssl was used to create five private certification agencies, and each of the private certificate authority certificates to create 2 million, generating a total of 10 million by the certificate of the key pair conflicts analysis. The results revealed 35,000 in 1 million, 0.35% chance of a public key, a private key conflict occurred. This is sufficient in various fields(E-payment, Security Server, etc.). A future public-key-based technique to remove the threat of a random number generator, large minority issues, in-depth study of selection will be needed.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.1
• /
• pp.100-106
• /
• 2018

Since the concept of virtual currency called Bitcoin was announced in 2008, the blockchain technology, which is the basis of Bitcoin, is attracting attention as an important platform technology in the era of the 4th industrial revolution that can change our society in the future. Although Existing electronic financial transactions store and manage all transaction history at a reliable central organization such as government and bank, blockchain-based electronic financial transactions are composed of a distributed structure in which all participants participating in the transaction store and manage the transaction history, it is possible to secure transaction transparency while reducing system construction and operation costs. Besides the virtual currency that started with bit coins, the technology of these blockchains has been extended in various fields such as smart contracts and document management. The key technology area of this blockchain is security based on proven cryptographic technology to make it difficult to forge and hack, but there are security risks such as security vulnerabilities in the virtual currency trading service, We will discuss security risks in using virtual currency and discuss countermeasures. Especially security accidents of virtual currency exchanges are occurring frequently recently, the damage of users who trade the virtual currency is also increasing, we propose security threats and security countermeasures against virtual currency exchanges.

• Journal of Intelligence and Information Systems
• /
• v.10 no.3
• /
• pp.73-89
• /
• 2004

Since people have come to access more and more information about products with the proliferation of the Internet, more and more customer-to-customer e-marketplaces are being introduced with rapidly increasing transaction volumes. As the role of customer-to-customer electronic commerce has become increasingly regarded as vital to the economy, much research has delved into developing intelligent agent systems to efficiently support customer-to-customer electronic commerce. Most of this research, however, has focused only on supporting simple negotiation for the price of common goods along the time span. To expand the negotiation object to the differentiated goods, the customer must be allowed to negotiate over multi-at-tributes of the product besides the price, including the attributes related to the transaction activity itself, such as delivery time and payment method. To satisfy this requirement, we propose an agent marketplace for differentiated goods where the agent of a customer can negotiate not only the price but also the various attributes of the product and the transaction in order to achieve a better utility level for both buyer and seller. The formal protocol and the architecture issues to support the proposed e-marketplace and agents are also addressed.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of Digital Convergence
• /
• v.9 no.6
• /
• pp.81-90
• /
• 2011

Companies using internet as a kind of marketing means are increasing rapidly according to the expansion trend of e-commerce through internet and consumers also use internet as the common means of purchasing necessary articles. E-commerce using internet has advantages without limitation to temporal and spatial accessibility and general consumers and unspecified individuals also use internet to purchase their goods as well as general transactions such as advertisement, contract, payment and claim settlement. 'In the age of information, invasion of personal information resulted from the development of information and communication technology is one of the greatest problems all the countries in the world face. Therefore, Personal information protection Act is one of basic laws to protect personal information and rights and it is also an essential law in the age of information. In that sense, new Personal information protection Act is the advanced act containing various items to minimize the national damages from the leaking of private information and protect right to informational self-determination in the information society. It is expected that this legislation contributes to reduce the leaking of private information, enhance the level of privacy protection and develop privacy related industries. However, active participation of all members of our society and improvement of their recognition should be preceded for the rational and legal use of private information and the settlement of its protection culture. While the purpose of Personal information protection Act can protect privacy from collection, leaking, misuse and abuse of private information and enhance national interests and protect personal dignity and value, it also must perform the roles of balancing privacy protection with liberal information flow.

• The Journal of Society for e-Business Studies
• /
• v.23 no.3
• /
• pp.13-32
• /
• 2018

Btcoin has made a big progress through anonymity, decentralized authority, sharing economy, multi-ledger book-keeping, block-technology and the convenient financial vehicle. Bitcoin has the characteristics of mining and supply by decentralized suppliers, limited supply quantity and the partial money-like function as well as gold. The paper studies the hedge and safe-haven of Bitcoin and gold on daily frequency data over the period of July 20, 2010-Dec. 27, 2017 employing Asymmetric Vector GARCH. It finds that gold has the hedge and safe-haven against inflation and capital markets while Bitcoin has the weak hedge and the weak safe-haven. It shows insignificant effects of inflations of US and Korea on the volatilities of Bitcoin and gold. It also suggests the necessity of clearing of vagueness behind the anonymity for fair and transparent trade through the law application in the absence or fault in law (Lucken im Recht). following the spirit of the living constitution (lebendige gutes Recht oder Vorschrift). The relevant institutions are hoped to be given some of obligations such as registration, minimum required capital. report, disclosure, explanation, compliance and governance with autonomous corresponding rights. The study also suggests the reestablishment of the relevant financial law and taxation law. The hedge would not be successfully accomplished without the vigilant cautions of investors.

• Korean Business Review
• /
• v.12
• /
• pp.29-66
• /
• 1999

Electronic Commerce is rapidly expanding with the development of internet and will be very useful for the consumers in the future. However, we could not find many studies on consumers' attitudes and behaviors in the cybermarket. The purpose of this study is to analyze perceptions of college students in Seoul and Chunchon on Electronic Commerce. The main findings are as follows. First, they prefer surfing on the net with search engines like Simmamai or Yahoo to directly looking over the homepages of department stores and advertisement sites. Students in Chunchon, especially, tend to check out banners at E-mail sites. Second, most of the students get information about shopping mall sites and products from their friends, newspapers or magazines. And they want to have information (advertisements) classified by brand names of the products. Third, students in Seoul rely on brand names more than those in Chunchon do. Students in Chunchon, compared with those in Seoul, believe more kinds of products are available in the internet shopping mall. They complain, however, deficiencies of information about the products and high prices. They want the price information compared with those in traditional markets. Fourth, they feel very uncomfortable about informing their credit card numbers, and thus prefer payments with Electronic Money. And finally, they are not satisfied with return and exchange policies and after-sale services. They also complain that the products are not delivered safely when they are not home. They want the delivery-date indicated.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.41-48
• /
• 2009

As enactment and enforcement of capital markets integration law, investment banks are going to be appeared in our financial market and be able to provide payment services. To provide these kinds of services, investment banks need to be participated in the financial network. As the financial network enormously affect the economy, the operation of the network will require a variety of risk managements. In this paper we define operational risk management criteria for the financial network such as security, in-time response, economical efficiency and stability to be required for the healthy economy and propose the configuration of the financial network system based on virtual private networks for investment banks to provide payment services. Finally we analyze that the proposed VPN configuration for financial networks has high security and in-time response with the cost and operation effective.

• Journal of KIISE:Information Networking
• /
• v.29 no.5
• /
• pp.482-494
• /
• 2002

In E-mail based accounting system, the remitter does not have need to find collector's account number. To transfer money to a collector's account, what remitter need is just a collector's E-mail address. But the current E-mail based accounting systems are built on SSL technology. Basically SSL provides some security services - confidentiality, user authentication and data integrity, but does not provide non-repudiation. So, in the current E-mail based accounting system, it is possible to deny transaction. And there is no receipt of transaction. In this paper, we design and implementation of a S/MIME applied Secure Payment Mechanism. In our system, every account information - account number, receiver name, amount of money, etc. - is included in a 'check' message. And this message is protected under the Secure Web-mail using S/MIME. In a view point of the convenience, users using our system do not have need to find collector's account number. And in a view point of the security, our system provides confidentiality, user authentication, data integrity and non-repudiation. Moreover our system provides a receipt.