"Financial Companies' Identity Verification Should Not Rely Solely on External Sources... Alternative Methods and Security Systems Must Be Secured"
Financial Supervisory Service Urges After Inspecting 269 Financial Companies
The Financial Supervisory Service (FSS) investigated the status of electronic financial services at 269 financial institutions, including banks, securities firms, and insurance companies, and discovered that some are using general communication networks without alternative access methods or with low security levels. The FSS urged these institutions to organize their systems and secure alternative methods.
On the 18th, the FSS held an IT standing consultative meeting targeting all 269 financial institutions engaged in electronic financial operations (32 banks, 67 financial investment firms, 41 insurance companies, 80 savings banks, and 49 specialized credit finance companies, mutual finance, and credit information firms) and guided them to improve the identified issues.
Previously, in October last year, following the fire at Kakao's data center which caused access disruptions for KakaoPay and virtual asset exchanges that relied solely on KakaoTalk as the login authentication method, the FSS conducted an inspection of all financial companies to check for similar problems.
The inspection revealed that some financial institutions depended on external specific companies for mobile phone identity verification without preparing separate alternative access methods. It was also confirmed that in connecting to external companies' networks, some institutions used general communication networks instead of high-security dedicated lines or virtual private networks (VPNs).
Accordingly, the FSS demanded that financial companies accurately identify which external systems affect their core operations and establish a system capable of rapid response in emergencies by preparing alternative methods through service provider redundancy for external systems identified as single points of failure, such as KakaoPay’s sole authentication method via KakaoTalk.
For external systems without alternative methods, the FSS instructed that regular tests be conducted on the service providers’ emergency measures and quality levels, with evaluations of the results, to establish management plans.
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- Bull Market End Signal? Securities Firm Warns: "Sell SK hynix 'At This Moment'"
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
Companies providing services directly linked to electronic financial transactions, such as identity verification, were urged to implement security systems equivalent to those of electronic financial auxiliaries (using dedicated lines or VPNs with equivalent security levels, such as virtual private networks).
![[Image source=Yonhap News]](http://www.asiae.co.kr/news/img_view.htm?img=2022101618184170007_1665911922.jpg)
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
