A Methodology for the Improvement of Accredited Digital Certificate Integrating FIDO Biometric Technology and TrustZone

FIDO 생체기술과 안전영역을 연계한 공인인증서 효율화 방법

  • Cho, Hwa-Gun (Information Security Group, Korea Financial Telecommunications & Clearings Institute) ;
  • Yang, Hae-Sool (Graduate School of Venture, Hoseo University)
  • 조화건 (금융결제원 정보보호본부) ;
  • 양해술 (호서대학교 벤처대학원)
  • Received : 2017.06.21
  • Accepted : 2017.08.20
  • Published : 2017.08.28


Digital accredited certificates issued under the Digital Signature Act provide essential functionalities for online service, so certificates are used for various services such as online banking, e-government. However, certificates can be stolen by hackers and users need to install separate software to use certificates. Recently FIDO, which aims to solve the problems of password-based authentication and the lack of interoperability between authentication methods, is used for biometric authentication and TrustZone, hardware-based secure environment, is used for safe smartphone usage. In this paper, the new service method is suggested which uses FIDO-based biometric authentication and stores certificates in TrustZone. This method can not only improve security and convenience but also be easily applied to the service because it uses built-in functionalities of new smartphones such as biometric sensors and TrustZone. It is expected that people can use certificates in a safe and convenient way with this method.


Accredited Digital Certificate;FIDO;Biometric Technology;TrustZone;Mobile Security


  1. RSA Laboratories, "PKCS #1 v2.2: RSA Cryptography Standard", 2012.
  2. National Law Information Center, "Digital Signature Act", (June, 2017)
  3. Kyung-Hye Park, "A study of the scenario for improvement of NPKI system", Journal of Digital Convergence, Vol. 8, No. 4, pp. 59-71, 2010.
  4. Korea Internet & Security Agency, "Digital Signature Certificate Profile", 2009.
  5. Korea Internet & Security Agency, "Accredited Digital Signature Certificate Revocation List Profile", 2009.
  6. Han-Wook Lee, "Current Status and Future Prospects of FIDO Authentication Technology", KFTC Payments Trends, Vol. 261, 2016.
  7. Jae Jung Kim and Seung Phil Hong, "Design of a Secure Biometric Authentication Framework Using PKI and FIDO in Fintech Environments", International Journal of Security and Its Applications, Vol. 10, No. 12, pp. 69-80, 2016.
  8. Hyun-Joong Kim, Byung-Rae Cha and Sung-Bum Pan, "Technology Trends, Research and Design of AIM Framework for Authentication Information Management", Journal of Digital Convergence, Vol. 14, No. 7, pp. 373-383, 2016.
  9. FIDO Alliance, (June, 2017)
  10. Young-Joon, Choi, "Digital Certificates Usage and Technology Trends in Smartphone", KFTC Payment Systems and Information Technology, Vol. 56, 2014.
  11. GlobalPlatform, "Trusted Execution Environment(TEE) Guide", (June, 2017)
  12. ARM Ltd., (June, 2017)
  13. Jeong Nyeo Kim, "Security Core Technology Implementation for Hardware-based Smart Devices", Journal of Digital Convergence, Vol. 14, No. 11, pp. 501-505, 2016.
  14. Hwi-Min Choi, Chang-Bok Jang and Joo-Man Kim, "Efficient Security Method Using Mobile Virtualization Technology And Trustzone of ARM", Journal of Digital Convergence, Vol. 12, No. 10, pp. 299-308, 2014.
  15. Keyong-Seog Song, "A Study on the Risk Management of e-Finance by Active Internet", Journal of Digital Convergence, Vol. 8, No. 2, pp. 189-202, 2010.
  16. Financial Services Commision, "Electronic Financial Fraud Prevention Service Press Release", 2013.
  17. Korea Internet & Security Agency, "User Interface Specification for the Interoperability between Accredited Certificate Authorities", 2015.
  18. Korea Internet & Security Agency, "Certificate Management in Mobile Device", 2015.
  19. Hyeon-Joon Moon, Min-Hyung Lee and Kang-Hun Jeong, "Authentication Performance Optimization for Smart-phone based Multimodal Biometrics", Journal of Digital Convergence, Vol. 13, No. 6, pp. 151-156, 2015.
  20. Sunghyun Yun, "The Biometric Signature Delegation Method with Undeniable Property", Journal of Digital Convergence, Vol. 12, No. 1, pp. 389-395, 2014.
  21. Korea Internet & Security Agency, "Implementation Guideline for Safe Usage of Accredited Certificate using bio information in Smart phone", 2016.