• Journal of the Korea Society of Computer and Information
• /
• v.22 no.5
• /
• pp.29-39
• /
• 2017

In this paper, we analyse security threats and security requirements about the designated PC solution which restricts usable PCs that are only an user own PCs or a registered PC for online banking or very important services. Accordingly, causable threats of the designated PC solution are classified a process, a network layer, a software module, and an environment of platform, and we draw security requirements based on analysed security threats. Results of this research are considered utilization of criteria for improving security of the designated PC solution and standards for giving hint of imposition of the designated PC solution.

• Convergence Security Journal
• /
• v.2 no.2
• /
• pp.29-38
• /
• 2002

Everyday demand of wireless internet is increasing. Security problem is certainly resolved for wireless internet activation. Especially problem is only wiretap in mobile communication with voice, but problems, user authentication, data integrity guarantee etc., are resolved in data-services that have commercial transaction over simple data information service such bill, banking. Necessity of wireless PKI that can offer security service likely in wired environment is requested for offering security service in wireless environment. For offering security services, confidentiality, integrity, non-repudiation etc, that of offered in wired environment in wireless environment, first it must construct wireless PKI infrastructure and do service activity. This paper analyze various wireless internet technology for offering safe wireless internet service and wireless PH standards. Performance Result of this paper expect activity of safe wireless PH service and activity of electronic commercial transaction used wireless internet such banking service, bill transaction, online shopping.

• KIPS Transactions on Computer and Communication Systems
• /
• v.7 no.2
• /
• pp.49-58
• /
• 2018

A certificate is a means to certify users by conducting the identification of the users, the prevention of forgery and alteration, and non-repudiation. Most people use an accredited certificate when they perform a task using online banking, and it is often used for the purpose of proving one's identity in issuing various certificates and making electronic payments in addition to online banking. At this time, the issued certificate exists in a file form on the disk, and it is possible to use the certificate issued in an existing device in a new device only if one copies it from the existing device. However, most certificate duplication methods are a method of duplication, entering an 8-16 digit verification code. This is inconvenient because one should enter the verification code and has a weakness that it is vulnerable to security issues. To solve this weakness, this study proposes a method for enhancing security certificate duplication in a multi-channel using TCP and BLE. The proposed method: 1) shares data can be mutually authenticated, using BLE Advertising data; and 2) encrypts the certificate with a symmetric key algorithm and delivers it after the certification of the device through an ECC-based electronic signature algorithm. As a result of the implementation of the proposed method in a mobile environment, it could defend against sniffing attacks, the area of security vulnerabilities in the existing methods and it was proven that it could increase security strength about $10^{41}$ times in an attempt of decoding through the method of substitution of brute force attack existing method.

• Journal of Korea Society of Industrial Information Systems
• /
• v.5 no.3
• /
• pp.94-110
• /
• 2000

While most of the previous information technology adoption and diffusion researches focus the critical factors not on the organizational perspective but on the individual perspective based on the various reasons such as informational characteristics. This paper will try to analysis the adoption and diffusion factors of the Internet related technologies based on the organizational perspective. Nowadays, in especially, the evolving and fast diffusing Internet related technologies and the flourishing e-commerce applications pressure retail banks that prepare the new types of online payment systems to maintain their existing and new customer relationship and compete with their potential competitors in the coming market environments. In addition, while most previous researches only focus on the adoption of new information technologies, this paper not only analysis the adoption of innovational technology but also analysis the diffusion process in an organization, which encourage practitioners and researchers to reveal more detail and practical analysis of the innovational technology adoption and diffusion process in ann organizational setting. Based on the previous researches, there are several factor-category will be selected for this research: 1) organizational factor, 2) within banking industry factor, 3) non-banking industry factor, 4) customer acceptance factor, 5) government factor, and 6) the functionality of e-commerce systems factor. Finally, in this study, we assumed that the more sophisticated e-commerce adopting banks provide the more broad range of banking services in general. Thus, we develop the extended integrated technology diffusion model to provide empirical evidences to distinguish between adopters and non-adopters and explain the diffusion levels of e-commerce using the level of services provided via Internet to the customer in retail bank industry.

• Journal of Digital Convergence
• /
• v.15 no.8
• /
• pp.183-193
• /
• 2017

Digital accredited certificates issued under the Digital Signature Act provide essential functionalities for online service, so certificates are used for various services such as online banking, e-government. However, certificates can be stolen by hackers and users need to install separate software to use certificates. Recently FIDO, which aims to solve the problems of password-based authentication and the lack of interoperability between authentication methods, is used for biometric authentication and TrustZone, hardware-based secure environment, is used for safe smartphone usage. In this paper, the new service method is suggested which uses FIDO-based biometric authentication and stores certificates in TrustZone. This method can not only improve security and convenience but also be easily applied to the service because it uses built-in functionalities of new smartphones such as biometric sensors and TrustZone. It is expected that people can use certificates in a safe and convenient way with this method.

• The Journal of Asian Finance, Economics and Business
• /
• v.6 no.3
• /
• pp.225-234
• /
• 2019

The study aims to explore key dimensions of service quality of E-Retailing of Islamic banks in the Kingdom of Saudi Arabia. The convenience sample size consists of 373 respondents who regularly use online Islamic banking facilities in Saudi Arabia was used. For measuring the consumers' perspective, a four-factor E-SERVQUAL scale; namely efficiency, system availability, fulfillment, and privacy was used. Exploratory Factor Analysis and Confirmatory Factor Analysis are used to test the model fitness. Structural equation modelling is utilized to determine the impact of E-service quality dimensions on customers' satisfaction. The results of the study reveal that 1) reliability as a dimension of E-retailing of Islamic banks made a significant impact on customers' overall satisfaction; 2) there is a positive significant relationship between responsiveness and customers' overall satisfaction. One unit increased in responsive leads to 0.763 unit increases in the overall satisfaction of the customer; and 3) ease of use is the most important dimensions of service quality of E-retailing of Islamic banks. One unit increases in Security/ Privacy leads to 0.473 unit increases in overall satisfaction. There is a positive impact of good E-service on customers' satisfaction, but it does not override unsatisfactory performance in other areas.

• The Journal of Society for e-Business Studies
• /
• v.21 no.4
• /
• pp.41-53
• /
• 2016

Today, leading smartphone manufacturers offer biometric technologies such as fingerprints, voice recognition, and iris patterns in their flagship models. These biometric technologies are used for authentication. Biometric authentications are widely used in device security and even in financial transaction. This paper examines cases where a user uses biometric authentication during financial transaction (both online and smartphone banking), and explains biometric for non-repudiation by digital signature. Finally, the paper also explains technical and legal requirements for biometric authentication in the area of financial services.

• Convergence Security Journal
• /
• v.14 no.5
• /
• pp.65-74
• /
• 2014

Phishing scans through wired telephones have been evolving into smissing and pharming. While we use wire or wireless telephones, text messages, e-mails, and online-banking conveniently, the ways of hacking and phishing attacks are getting developed and various. This paper investigates the various aspects of attacks depending on the kinds of phishing and suggests general prevention measures. In addition, the user-oriented practical preventive measures and government-driven long term measures are proposed in this paper. Technological developments, short or long term preventive measures proposed by the government, and continuous public relations could be solutions since in a short time, it could be difficult to eradicate phishing scams evolving continuously. Besides, the internet media as well as SNS are great helps in promoting the preventives against phishing and smissing. Finally this paper asserts that the newly developed service technology should be made carefully without security problems.

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.2
• /
• pp.213-219
• /
• 2020

Studies related to Electronic Word-of-Mouth (eWOM) show that the acceptance of eWOM information is an important factor in customer purchase decisions. When consumers accept eWOM information, they tend to use that information in considering before making purchase decisions. In Viet Nam, there are few studies about eWOM information, especially on the acceptance of eWOM information. Research is conducted to test the influence of consumers on the perception of the senders' identity to the acceptance of online reviews (a kind of eWOM) in Viet Nam - a case study in Ho Chi Minh City. Using adjustment techniques, inspecting the scales and a theoretical model represent the relationship among the influential factors. The research is based on a sample of 522 consumers who use the Internet to search for product reviews before buying and used Structural Equation Modeling (SEM) to test the relationships among the variables. The research results show that the scales of the variables: Message Quality, Source Credibility, Perceived Message Usefulness, Perceived Senders' Identity, Perceived Message Credibility, Message Acceptance attain the validity and reliability in the research. The research contributes to the understanding of the determinants that influence the acceptance of eWOM information, which are informational factors, and factors related to consumer skepticism.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.6C
• /
• pp.497-501
• /
• 2012

While increasing online services with developing e-businesses, finance, game companies and others have employed OTP(One-Time Password) to overcome vulnerabilities of static passwords. Existing OTP technology has inconvenience that customers always possess reserved token since requiring the token to generate OTP. In order to supplement the issue we propose mobile OTP generated by mobile devices such as smart phones. Our mobile OTP scheme generates OTP by using a non-linear function based on pairing to eject the collision problem of S/Key scheme universally used to design OTP schemes. Our scheme based on a non-linear function over pairing can complements the collision problem and widely applied to finance and various services to increase security level of the services.