Goodbye Public Certificate 'D-1'... How Will Bank Transactions Change?
Instead of complex passwords over 10 characters, use iris or fingerprint recognition
Only one issuance needed, no need to get separate ones from each bank
![[Image source=Yonhap News]](http://www.asiae.co.kr/news/img_view.htm?img=2020120308441044728_1606952650.jpg)
[Asia Economy Reporter Park Sun-mi] With the amendment of the Electronic Signature Act, the public certification system will be abolished starting from the 10th. From now on, public institutions will be able to verify identities using various private companies' authentication services instead of the public certification system.
For banking services, the Financial Authentication Service can be used. The Financial Authentication Service is a private authentication service jointly operated by the Korea Financial Telecommunications & Clearings Institute (KFTC) and the banking sector. The KFTC, which previously managed the public certification system, will implement the Financial Authentication Service in line with the enforcement of the amended Electronic Signature Act.
The Financial Authentication Service issues and stores financial certificates securely in KFTC's cloud, allowing users to access the cloud anytime and anywhere via PC or mobile devices. Once a financial certificate is issued, it can be used at 22 banks, card companies, and others. Based on the full-scale implementation in the banking sector on the 10th, KFTC plans to continuously expand the institutions where it can be used, including Government24, the National Petition Service, Subscription Home, and Hometax.
The Financial Authentication Service is implemented using web standards (HTML5), providing convenience as there is no need to install separate applications or plugins. Financial certificates are issued after thorough identity verification either face-to-face or non-face-to-face at banks, ensuring the same reliability as the public certification system. Additionally, instead of complex passwords of 10 or more characters, biometric information such as iris or fingerprint or simple passwords (PIN) can be used. Financial certificates are encrypted and stored in the cloud, and movement or copying of the certificates is prohibited, enhancing security.
There is no need to obtain a financial certificate from each bank separately; only one certificate is required. Public certificates issued before the 10th can also be used.
The existing public certification system faced criticism for requiring annual renewal and being difficult to manage. It was also criticized for being hard to use on various devices or abroad. In 2014, the so-called 'Cheon Song-yi Coat' became very popular due to a drama, but foreigners accessing Korean shopping malls could not purchase the coat because they could not obtain a public certificate. Furthermore, the dominant position of the public certification system was said to hinder the development of the private electronic authentication market.
With the abolition of the public certification system, the variety of certificates available for use will increase.
Public institutions and financial institutions will be able to choose from several private companies' certificates such as KakaoPay, PASS, and NHN PAYCO. Already, various private companies including Kakao, Naver, and the three major telecom companies have launched private certificates. Among them, the PASS certificate jointly launched by the three telecom companies recorded a cumulative issuance of 20 million as of the end of last month. IT companies like Naver and Toss have also entered the electronic signature market by launching private certificates.
The financial sector is also actively developing and launching authentication services. The competition among financial institutions to be recognized as the national certificate by emphasizing convenience and security is becoming increasingly fierce. With the abolition of the public certification system after 21 years, consumers' choices are expected to greatly expand.
In the banking sector, KB Kookmin Bank has relatively quickly entered the market so far. KB Kookmin Bank launched 'KB Mobile Authentication' in July last year, and it is known to have nearly 5.5 million subscribers. Users can log in using biometric recognition or pattern recognition and conduct financial transactions without one-time password generators (OTP) or security cards. It has no expiration date, so renewal is not required.
Hana Bank introduced a facial recognition service usable regardless of phone model in August, and NH Nonghyup Bank launched a simple authentication service called 'NH One Pass' earlier this month. IBK Industrial Bank is also applying 'IBK Mobile Certificate' to 'i-ONE Bank.' Other banks are expected to release new authentication services soon.
The card industry is also pushing to enter the private authentication market.
Hot Picks Today
Taking Annual Leave and Adding "Strike" to Profiles, "It Feels Like Samsung Has Collapsed"... Unsettled Internal Atmosphere
- There Is a Distinct Age When Physical Abilities Decline Rapidly... From What Age Do Strength and Endurance Drop?
- "One Comment Could Lead to a Report": 86% of Elementary Teachers Feel Anxious; Half Consider Resignation or Career Change
- "After Vowing to Become No. 1 Globally, Sudden Policy Brake Puts Companies’ Massive Investments at Risk"
- On Teacher's Day, a Student's Gifted Cake Had to Be Cut into 32 Pieces... Why?
Shinhan Card is developing a private certificate aiming for release in the first quarter of next year. Shinhan Card believes it can secure versatility based on its 26.8 million customers. KB Kookmin Card plans to focus on expanding the authentication service launched by KB Kookmin Bank first. Hana Card has a similar strategy. Woori Card currently provides its own authentication services such as biometric authentication and card touch authentication and plans to secure additional authentication services in the future.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
