• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1659-1673
• /
• 2019

Android platform provides In-app Billing service for purchasing valuable items inside mobile applications. However, it has become a major target for attackers to achieve valuable items without actual payment. Especially, application developers suffer from automated attacks targeting all the applications in the device, not a specific application. In this paper, we propose a novel scheme detecting automated attacks with probabilistic tests. The scheme tests the signature verification method in a non-deterministic way, and if the method was replaced by the automated attack, the scheme detects it with very high probability. Both the analysis and the experiment result show that the developers can prevent their applications from automated attacks securely and efficiently by using of the proposed scheme.

• Health Policy and Management
• /
• v.15 no.2
• /
• pp.16-36
• /
• 2005

Due to the existence of asymmetry of information between doctor and patient, it has been believed that doctor might affect patient's decision making process of purchasing medical care. Based on this notion, doctor's reimbursement method has been suggested as an effective policy device of improving efficiency of patient's medical care use by way of its affecting doctor's practice pattern. By using the Community Tracking Study (CTS) household and physician data set, which includes not only various information on patient's medical care use, but doctor's practice arrangements and sources of practice revenue, this paper investigates the effect of community doctor's characteristics of reimbursement method on community patient's medical care use under the control of patient's socio-demographic characteristics and community doctor's practice type. In the process of estimating econometric model, the endogeneity problem of individual health insurance purchase was corrected by using 2818. And due to the existence of sample selection problem, Heckman's two-step estimation method was used for strengthen the robustness of estimation which was adversely affected by sample selection problem The empirical results show that as the average value of community doctor's portion of practice revenue determined by prospective method out of total revenue increases, the community patient's total out-of-pocket medical cost decreases. This results suggest, as doctor's practice revenues are mainly determined by prospective method, such as capitation, doctors would be more conscious about practice cost, which might affect doctor's practice pattern and by which his/her patient's use of medical care would decrease.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.40 no.4
• /
• pp.183-190
• /
• 2017

This paper proposes a dynamic magnetic field emulator (DMFE), which can electrically emulate information for the magnetic stripes of most widely used credit cards. Payment transactions with most common credit cards are performed by reading the card's information, encoded in magnetic stripes, using the reader head of a point-of-sale (POS) system. A stripe-type permanent magnet is attached to the back side of the credit card, and information for payments or value-added service is reorganized by exposing it to strong magnetic field. The process of data recording and retrieving as stated above has been pointed out as a major cause of illegal credit card use, because the information on the magnetic stripe is always exposed, and is thus vulnerable to forgery or alteration. A dynamic magnetic field emulator displays card information only when necessary by using the principle of solenoidal magnets. The DMFE proposed in this paper can prevent fraudulent use if it is operated with a device, like a smart phone, or a separate user-authentication procedure. In addition, because it is possible to display various information as needed, it can be utilized for a smart multi-card application, in which information for multiple cards is stored in one card, and can be selected and used as needed. This paper introduces the necessity of the DMFE and its manufacturing principles. As a result, this study will be helpful for making various application cases in payment, which is a core area of the Fintech (a newly-coined word of finance and technology) industry.

• Korean Security Journal
• /
• no.9
• /
• pp.133-153
• /
• 2005

The suggestions that follow are about the effectual operating device for private security service. First, in legal and institutional policy, new establishment by law for private security and more support from government is asked. Moreover, the restructuring or M&A between petty companies and the pricing for security service should be performed. Second, in the structural aspect of private security industry, the professional education center for private security guards should be established and the terms of payment and welfare should be improved to the level above standard. In addition, it should be achieved to change the public to have a new and correct understanding of private security and develop the specialized parts suited to the characteristic and ability of each companies. Third, the construction of operating system for private security service should be achieved; recruit system for competent security guards, marketing strategy and enforcement system, widely known confidence to client, normal training system for security guards and post management system for client. This is also to be suited to the characteristic of each companies.

• Journal of the Korea Convergence Society
• /
• v.10 no.12
• /
• pp.93-99
• /
• 2019

Small electric vehicles, such as electric bicycles or electric kickboards, operate with the power charged in a battery mounted in the vehicle, and some of these users use emergency power sockets installed in apartments or public facilities without getting permission. For this reason, the necessity for a simple method to approve the use of power with instant payment system rises for the building managers and small vehicle users as well. In this paper, we propose a technique to charge batteries for small electric vehicles with less than 1 [kW] through a power supply control device installed on the existing 15 [A]. sockets on the common residential properties or public buildings. It also describes the power user authorization algorithm and how to charge fees for the power used. As a result of this research, this paper shows how the user authentication power supply system with the effect of preventing power theft can be realized by creating an environment in which a battery in a small electric vehicle can be easily charged.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.9 no.3
• /
• pp.119-127
• /
• 2013

The merits of Smartphone are portability, convenience and especially a lot of information can be stored in the device. Especially in Smartphone, users can install programs that cannot install to normal cell phone and users can use many different services through these Smartphone programs. Also Smartphone can connect to Internet through network, so it can access information anytime, anywhere easily. Security of personal information and variety of information which stored in Smartphone are in risk. In Chapter 2 of thesis, it will discuss the definition and features of the Smartphone and market trends. In Chapter 3 of thesis, it will discuss security vulnerabilities of Smartphone and it will analyze and research security vulnerabilities of Smartphone in Chapter 4. In conclusion, it will check users' identification twice in useful application especially application that relate to finance and mobile payment. By checking users' identification several times, it will help to defend from security threats. Users can use Smartphone safely and convenience by know how to prevent from mobile hacking for personal and private information. the quality of APIs matching by the clustering and hierarchical relationships mechanism.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.568-570
• /
• 2013

NFC represents the 2nd generation of the proximity contact-less technology, which beyond the RFID, supports peer-to-peer communication, and enables consumer access to aggregated services, anytime, anywhere, with any type of consumer stationary and mobile devices. NFC is a short range device wireless technology designed to exchange data, initiate connections with other wireless networks and act as a secured smart key for access to services such as cashless payment, ticketing, on-line entertainment and access control. In this paper, the NFC services for social networking applications are studied, and the signal flow of SNS application based on NFC P2P for smart devices and server model is proposed.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.65 no.12
• /
• pp.2240-2250
• /
• 2016

MIFARE Classic is the most popular contactless smart card, which is primarily used in the management of access control and public transport payment systems. It has several security features such as the proprietary stream cipher Crypto 1, a challenge-response mutual authentication protocol, and a random number generator. Unfortunately, multiple studies have reported structural flaws in its security features. Furthermore, various attack methods that target genuine MIFARE Classic cards or readers have been proposed to crack the card. From a practical perspective, these attacks can be partitioned according to the attacker's ability. However, this measure is insufficient to determine the optimal attack flow due to the refined random number generator. Most card-only attack methods assume a predicted or fixed random number, whereas several commercial cards use unpredictable and unfixable random numbers. In this paper, we propose optimal MIFARE Classic attack procedures with regards to the type of random number generator, as well as an adversary's ability. In addition, we show actual attack results from our portable experimental setup, which is comprised of a commercially developed attack device, a smartphone, and our own application retrieving secret data and sector key.

• Journal of Internet Computing and Services
• /
• v.20 no.5
• /
• pp.79-86
• /
• 2019

This paper is an overview of key elements of Korea National Open University's smart mobile learning system, and an attempt to evaluate its main services relative to the FRAME model and the Mobile Learning Development Model for distance learning in higher education. KNOU improved its system architecture to one based on xMOOC e-learning content delivery while also upgrading its PC-based online/mobile learning services to facilitate an easier and more convenient access to lectures and for better interactivity. From the users' viewpoint, the upgraded 'U-KNOU Campus' allows for a more integrated search capability coupled with better course recommendations and a customized notification service. Using the new system, the students can access not only the school- and peer-issued messages via online bulletin boards but also share information and pose questions to others including to the school faculty/officials and system administrators. Additionally, a new mobile payment method has been incorporated into the system so that the students can select and pay for additional courses from anywhere. In spite of these advances, the issue of device usability and content development remain; specifically U-KNOU Campus needs to improve its instructor-learner and learner-to-learner interactivity and mobile evaluation interface.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.6
• /
• pp.319-329
• /
• 2017

As Korea is now an aging society, the demand and necessity of assistive products for senior citizens are increasing. On the other hand, their satisfaction with the assistive-product payment service is pretty low, so that the necessity of assistive-product specialists is newly rising. Therefore, it is important to establish a frame of assistive product specialist and clarify the duties. This study aimed to define and analyze the job of assistive-product specialists. This study was carried out from June 1, 2015 to February 10, 2016. After the literature consideration and analysis of the current status, a job analysis(plan) of assistive product specialists was drawn after the job of assistive product specialists was defined, and the duties, tasks, and task elements were analyzed by experts through an advisory conference. A Delphi method was conducted with five professional panels to verify the validity. For the job contents of assistive product specialists, 5 duties, 12 tasks, and 23 task elements were identified. The significance of this study was to establish the system and standard for assistive device specialists defining and analyzing the job of assistive product specialist. Through this study, it would be possible to secure the professionalism of an assistive-product specialist and qualitative improvement of an assistive-product payment service.