• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.3
• /
• pp.63-74
• /
• 2011

Credit cards are more convenient than cash of heavy. Therefore, credit cards are used widely in on_line (internet) and off_line in nowadays. To use credit cards on internet is commonly secure because client identification based security card and authentication certificate. However, to use in off_line as like shop, store, department, restaurant is unsecure because of irregular accident. As client identification is not used in off_line use of credit cards, the irregular use of counterfeit, stolen and lost card have been increasing in number recently. Therefore, client identification is urgently necessary for secure card using in off_line. And the method of client identification must be simple, don't take long time, convenient for client, card affiliate and card company. In this paper, we study a reform measure of the structure and transaction process for the safety improvement of a credit cards. And we propose several authentication method of short-and long-term for client identification. In the proposal, the client authentication method by OTP application of smart-phone is efficient nowadays.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1175-1186
• /
• 2015

Financial fraud has been increasing along with credit card usage. Magnetic stripe cards have vulnerabilities in that credit card information is exposed in plaintext and cardholder verification is untrustworthy. So they have been replaced by a smart card scheme to provide enhanced security. Furthermore, the FinTech that combines the IT with Financial product is being prevalent. For that reason, many mobile device based payment schemes have been proposed for card present transaction. In this paper, we propose a virtual credit card number payment scheme based on public key system for efficient authentication in card present transaction. Our proposed scheme is able to authenticate efficiently in card present transaction by pre-registering virtual credit card number based on cardholder's public key without PKI. And we compare and analyze our proposed scheme with EMV.

• The Journal of the Korea Contents Association
• /
• v.9 no.8
• /
• pp.64-72
• /
• 2009

AMR(Automatic Meter Reading), which means that it reads the meter of electricity, gas, or water, etc at a remote place automatically through wired or wireless communication, has been studied in terms of Power Line Communication method and Local Area Wireless Communication method, etc. In this paper, we designed and implemented JCA(Java Card for AMR) capable of AMR, which is based on java Card technology indispensable to the ubiquitous world. In this paper, JCA follows standard transactional procedures offered by power supply company and manages power usage log and billing data, and is designed in order to satisfy EMV multi-functional specifications. Because JCA is a multi-functional smart card capable of post-issuance applets as an open platform, it is installed into other applications of affiliated concerns as well as credit card and traffic card applications. Not only the proposed JCA is a low cost system, compared to other AMR systems, but is capable of paying rates in advance or later by applying authentication and security function of java Card. In addition the proposed JCA system can create value added services such as affiliated services with corporate alliance.

• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.28 no.11
• /
• pp.49-55
• /
• 2010

• Journal of the Korea Society of Computer and Information
• /
• v.19 no.10
• /
• pp.99-106
• /
• 2014

In this paper, we analyze weaknesses of the biometrics-based user authentication scheme proposed by An. The result of analysis An's authentication scheme by the login success scenario proposed in this paper, if the attacker successes to get user's random number, he/she can pass user authentication phase of the legal server. Also the biometrics guessing scenario proposed in this paper shows the legal user's the biometric information is revealed in lost smart card. Since An's authentication scheme submit user ID and biometrics in plain text to the server, it is very vulnerable to inner attack and it is not provide the user anonymity to the server as well as the one to the third by user ID in plain text. Besides An's authentication scheme is contextual error too, due to this, it has weakness and so on that it did not check the validity of the smart card holder.

• The Journal of the Korea Contents Association
• /
• v.11 no.6
• /
• pp.33-41
• /
• 2011

RFID technology is already used in the various application fields such as identification card, traffic card and etc. Many RFID application systems using UHF have been developed in the field of asset management, logistics and security. Because a human being can make mistakes, we need the system that can efficiently manage the special assets such as small arms, jewelry and medicine and can monitor them in real time. In this paper, we proposed a special assets management system to keep assets in safe custody, to monitor their safety status in real time and to manage distribution channels and history of those assets. The developed system is called Smart Cabinet because it has cabinet's form. Smart Cabinet integrates such technologies as RFID, smart card, fingerprint recognition, several sensors and LCD display in order to provide the functions for special asset management. Those functions include condition monitoring of assets, traceability management, distribution channels and security logs, which are to interact with a management server. The article demonstrated the potentiality of RFID by presenting special asset management solutions dedicated to guns and medicine management, and also showed the effectiveness and possibility of those solutions.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.10
• /
• pp.101-108
• /
• 2021

In this paper, we analyze Shin's proposed dynamic ID-based user authentication scheme for TMIS(Telecare Medicine Information System), and Shin's authentication scheme is vulnerable to smart card loss attacks, allowing attackers to acquire user IDs, which enables user impersonation attack. In 2019, Shin's proposed authentication scheme attempted to generate a strong random number using ECC, claiming that it is safe to lose a smart card because it is impossible to calculate random number r'i due to the difficulty of the ECC algorithm without knowing random number ri. However, after analyzing Shin's authentication scheme in this paper, the use of transmission messages and smart cards makes it easy to calculate random numbers r'i, which also enables attackers to generate session keys. In addition, Shin's authentication scheme were analyzed to have significantly greater overhead than other authentication scheme, including vulnerabilities to safety analysis, the lack of a way to pass the server's ID to users, and the lack of biometric characteristics with slightly different templates.

• Journal of the Korea Computer Industry Society
• /
• v.7 no.5
• /
• pp.481-486
• /
• 2006

Whereas conveniences deriving from the development of information and telecommunication technology increase, information outflow and illegal data use are also rapidly on the rise. Consequently, many studies to prevent illegal information outflow are currently under way, and the use of Smart Card is in steep jump. Recently, Java Card is diffused fast as an alternative to complement the technical problems of the Smart Card. This paper designed and Implementation the system for multi-users authentication and file access control by user through designing a Java Card applet that is used for information protection and in various application fields. For allowing a file access competence, each user's file access competence is processed via drawing up the access condition table in the applet. Therefore, illegal correction exposure and destruction of information, which become the concerns when multi-users have an access, can be prevented. In addition its application becomes possible in the system requiring multi-users certifications.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.27 no.1
• /
• pp.34-40
• /
• 2023

A smart business card printing system that automatically prints business cards requested by customers online is being activated. What matters is that the business card submitted by the customer to the system may be abnormal. This paper deals with the problem of determining whether the image of a business card has been abnormally rotated by adopting artificial intelligence technology. It is assumed that the business card rotates 0 degrees, 90 degrees, 180 degrees, and 270 degrees. Experiments were conducted by applying existing VGG, ResNet, and DenseNet artificial neural networks without designing special artificial neural networks, and they were able to distinguish image rotation with an accuracy of about 97%. DenseNet161 showed 97.9% accuracy and ResNet34 also showed 97.2% precision. This illustrates that if the problem is simple, it can produce sufficiently good results even if the neural network is not a complex one.

• Knowledge Management Research
• /
• v.23 no.2
• /
• pp.277-299
• /
• 2022

The massive card transaction data generated in the tourism industry has become an important resource that implies tourist consumption behaviors and patterns. Based on the transaction data, developing a smart service system becomes one of major goals in both tourism businesses and knowledge management system developer communities. However, the lack of rating scores, which is the basis of traditional recommendation techniques, makes it hard for system designers to evaluate a learning process. In addition, other auxiliary factors such as temporal, spatial, and demographic information are needed to increase the performance of a recommendation system; but, gathering those are not easy in the card transaction context. In this paper, we introduce CTDDTR, a novel approach using card transaction data to recommend tourism services. It consists of two main components: i) Temporal preference Embedding (TE) represents tourist groups and services into vectors through Doc2Vec. And ii) Deep tourism Recommendation (DR) integrates the vectors and the auxiliary factors from a tourism RDF (resource description framework) through MLP (multi-layer perceptron) to provide services to tourist groups. In addition, we adopt RFM analysis from the field of knowledge management to generate explicit feedback (i.e., rating scores) used in the DR part. To evaluate CTDDTR, the card transactions data that happened over eight years on Jeju island is used. Experimental results demonstrate that the proposed method is more positive in effectiveness and efficacies.