• The KIPS Transactions:PartB
• /
• v.9B no.5
• /
• pp.599-608
• /
• 2002

This paper proposes DIT (Digital Investment Trust) agent based on ECSSL (Elliptic Curve SSL). This DIT agent is a banking project using IT (Investment Trust) conception based on EC (Electronic Commerce) and can manage micro payment, account opening and account transferring. In addition, ECSSL (Elliptic Curve SSL) protocol is implemented which consists of much better encryption functions than existing SSL (Secure Socket Layer) Protocol. Therefore, This DIT agent based on ECSSL protocol protects a customer's information and asset from third party.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.635-636
• /
• 2009

공개키 암호 시스템을 이용하는 공인인증서는 IT 기술의 발달과 함께 e-Banking, e-Commerce, e-Finance 등 다양한 분야에서 사용자 인증을 제공하는 수단으로 사용되고 있다. 그러나 최근에 다양한 해킹툴과 사용자 PC의 취약점을 이용하여 PC에 저장된 공인인증서가 유출되는 사고가 발생하면서 전자금융에 대한 안전성을 위협받고 있다. 따라서 본 논문에서는 기존에 공인인증서를 하드디스크에 저장하여 발생하였던 문제점을 해결하고자 모바일 디바이스를 이용하여 전자서명을 수행하는 MobiSign의 공인인증서 이동방식 및 전자서명 방식을 분석한다. 또한 모바일 환경에서 악성코드에 의해서 발생할 수 있는 MobiSign 서비스의 보안 위협을 분석한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Management & Information Systems Review
• /
• v.7
• /
• pp.21-51
• /
• 2001

For increasing the competitiveness and efficiency of Korea's finance industry under the new e-finance paradigm, this paper compared the practical use of finance portal site' on service parts and stage between Korea and U.S.A.. The services which can be served from site are banking, mortgage and credit loan, stock, card, retirement tax, PFM(Personal Finance Management), EBPP(Electronic Bill Presentment and Payment) and Account Aggregation and so on. The stage of site can be divided as the information provide stage which only gives information about service parts, on-line transaction stage which real-time transaction is possibile and PFM services provide stage according to development process. As a result, the beginning of finance portal service in Korea was lated about 10years and more than it of U.S.A. So the development stage of domestic portal site is still staying in the first step and the providing services and contents or business model development parts are also in the same stage than U.S.A. Resides, Korea's sites mainly focus on their first service parts even though they recently aim internet finance portal, and provide not real time transaction but finance information. On the other hand, the U.S.A. site support substantially not only various on-line transactions but also distinctive personal services like PFM(Personal Finance Management), EBPP(Electronic Bill Presentment and Payment), Account Aggregation and Trans-account, brokerage, education center, mortgage loan, mutual fund, option, pension fund and IPOs and so on. Thus, the site of Korea need to establish real type of internet finance portal which provides one-stop services on every type of finance to customers in the real time and also require the strategic integration among finance institutions. The next turn, they need to build information system and education center to give best satisfaction to customers and acquire customer information and marker environment changes and need to provide distinctive services to quality customers throughout database from this. Also the site should provide various type of banking services which refereed above like PEM, EBPP and education center etc, and the government of Korea should support the building of IT infrastructure to Physical, legal, systematic, sociocultural, technical and human resource sections. This paper provided the future movement direction of the domestic finance portal through comparison and analysis on the practical use of it between Korea and U.S.A. and also wanted to contribute for developing and reading of Korea finance portal in the new era of the finance paradigm.

• Journal of the Korean Professional Engineers Association
• /
• v.24 no.6
• /
• pp.106-112
• /
• 1991

Electronics has different meanings to different people and in different countries. Hence, let me difine the term in the sense that it is used here. Electronics in the science and the technology of the passage of charged particles in a gas, in a vacumn, or in a semiconductor. The beginning of electronics came in 1895 when H. A. Lorentz postulated the existence of discrete charges called electrons. Two years later J.J. Thompson found these electrons experimentally. In the same year (1897) Braun built what was probaly the first electron tube, essentially a primitive cathode-ray tube. It was not until the start of the 20th century that electronics began to take technological shape. In 1904 Fleming invented the diode which he called a valve. This era begins with the invention of the transistor about 30 years ago. The history of this invention is interesting. M.J. Kelly, director of research(and later president of Bell Laboratories), had the foresight to realize that the telephone system needed electronic switching and better amplifiers. Vacuum tubes were not very reliable, principally because they generated a great deal of heat even when they were not being used, and, particularly, because filaments burned out and the tubes had to be replaced. In 1945 a solid-state physics group wa formed. The foregoing completes the history of electronics and electronic industries up to 1978. There is already a start toward a merging of the computer and the communication industries which might be called information manipulation. This includes storage of information, sorting, computation, information retrieval, and transmission of data. This combination of the computer and the communication fields will penetrate many disciplines. Applications will be made in the fields of law, medicine, biological sciences, engineering, library services publishing banking, reservation systems, management control, education, and defense.

• Journal of Digital Contents Society
• /
• v.6 no.1
• /
• pp.19-24
• /
• 2005

Mobile service is able to offer the elastic service to anyone regardless of the place and the tin. With this characteristics, the ubiquitous service could be also provided even to the place which the access was limited with the existing line service, which could improve the mutual connection and could result in the service extension Mobile communication companies, which realized the limit of sale only by telephone conversation, have made an effort to develop wireless internet with concentration as its alternation. Especially concentrating their effort both to the development of distinctive and various contents and to tin development of system for mobile service such as the mobile banking, mobile game and etc., they have done their best to secure the number of the people using the wireless internet. This study is to propose the electronic account system based on the mobile as a case study of contents production for such a mobile service. This system has its advantage to perform the financial management immediately when the income and outcome happen without limitation of the time and space. The information could be stored, searched and modified by using of the mobile phone for this system was made up for the weak point of the financial management for wired internet.

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.6
• /
• pp.221-231
• /
• 2020

This research investigates the relationship among product risk, financial risk, security risk, privacy risk, perceived satisfaction, and purchase intention. Validated measurements were identified from a literature review. The measurement model and the conceptual model depicting hypothesized relationships were evaluated based on responses from 306 customers using confirmatory factor analysis and structural equation modeling. The results showed that product risk, financial risk, security risk, and privacy risk impacted on perceived satisfaction. Besides, product risk, privacy risk, and perceived satisfaction influenced purchase intentions. Thus, this study focused on the influences of product risk, financial risk, security risk, and privacy risk on their cognitive attitudes toward websites. That means the more consumer perceive security, the more they avoid shopping online. The study is important to show how perceived risk affects online shopping behaviors, and it invites marketers to make necessary adjustments to prevent perceived risks to increase and online shopping to decrease. The findings of this study suggest the creation of a framework on the effect of perceived risk types on online shopping. Managers need to take perceived risks into account when designing their electronic marketing channels. In addition, shopping websites should strengthen their transaction security by appropriately using various available resources and new information technologies.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.2
• /
• pp.64-69
• /
• 2010

This paper designs the ABC(Advanced Block Cipher) algorithm which is a 64byte block encryption algorithm, improves the performance of encryption process time, and makes an key exchange using EC-DH. The ABC algorithm reduces basic memory occupation rates using the original data position exchange method which is a data swap key without S-Box, IP-Box and etc. Also, it prepares the exposure of symmetric key using the unfixed encryption(decryption) key excepting the fixed encryption(decryption) key. Therefore, the proposed ABC algorithm in this paper is a proper encryption algorithm in lower memory environment and mobile banking.

• International Commerce and Information Review
• /
• v.12 no.3
• /
• pp.35-53
• /
• 2010

In connection with a non-cash payment through the banking system, "finality of payment" has acquired diverse meanings. In according to Section 4A-209(2), the acceptance by the beneficiary's bank by means of receiving payment "pursuant to section 4A-403(a)(1) or 4A-403(a)(2)," constitutes final settlement through a Federal Reserve Bank or through a funds-transfer system" or credit to the account of the beneficiary's bank. Above of all, Acceptance by beneficiary's bank is the most important. According to 4A-209(b), the beneficiary's bank can accept a payment order in one of four ways : First, by paying the beneficiary; obligating itself to pay the beneficiary or, Second, by notifying the beneficiary of receipt of the order or notifying the beneficiary that its account was credited or, Thirdly, by receiving full payment from the sender's order or Lastly, by passage of time, i.e., the opening of the next funds transfer business day of the bank following the payment date of the order. A beneficiary's bank is considered to have accepted a payment order when the earliest of the four means of acceptance occurs.

• The Journal of Society for e-Business Studies
• /
• v.21 no.4
• /
• pp.41-53
• /
• 2016

Today, leading smartphone manufacturers offer biometric technologies such as fingerprints, voice recognition, and iris patterns in their flagship models. These biometric technologies are used for authentication. Biometric authentications are widely used in device security and even in financial transaction. This paper examines cases where a user uses biometric authentication during financial transaction (both online and smartphone banking), and explains biometric for non-repudiation by digital signature. Finally, the paper also explains technical and legal requirements for biometric authentication in the area of financial services.