• Proceedings of the Korea Multimedia Society Conference
• /
• 2002.05c
• /
• pp.381-384
• /
• 2002

모바일 통신의 수요가 증가하면서 유선상에서의 상거래 형태가 무선으로 변화하고 있다. 무선 매체를 통한 지불 형태가 다양화되고 있으며 무선 거래의 이용률도 증가하고 있는 추세이다. 그러나 무선 통신은 유선 통신에 비하여 보안적 측면에서 공격의 대상이 되기 쉽다. 따라서 본 논문에서는 무선 통신 상에서의 안전한 전자상거래를 위하여 USIM을 이용한 지불 솔루션을 제안한다. USIM은 모바일 기기에 내장되는 스마트 카드 형태의 개인 인중 정보를 저장할 수 있는 모듈로서, 추가적으로 전자화폐의 기능을 담당한다. 제안한 솔루션의 유용성을 증명하기 위하여 Java 기반의 USIM을 이용하여 J2ME 환경상에서 전자화폐 시스템을 구현하였다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2015.10a
• /
• pp.661-663
• /
• 2015

인터넷의 모바일화에 따른 스마트폰 이용자의 증가는 모바일 기반의 다양한 서비스가 개발 보급되는 환경을 제공하였다. 그 중에서도 모바일 폰을 사용한 결제 서비스는 결제의 편리성이라는 이점으로 활성화 되고 있지만, 편리한 만큼 보안의 취약성을 가질 수 있다는 단점이 있다. 특히, 초기에 모바일 기반 소액결제 서비스가 활성화 되면서, 스미싱으로 인한 이용자 피해가 사회문제로 대두되면서 이를 해결하기 위한 대안들이 제시되었다. 전자금융거래로 인한 금전적 피해는 카드사에서 이미 진행되고 있었으며, 최근에는 이용자의 피해를 최소화하기 위해서 은행, 증권사에도 이상금융거래 탐지 시스템(FDS) 구축을 규제하고 있다. 이에, 논문에서는 모바일 소액결제 서비스 환경에서의 이상금융거래 탐지를 위한 시스템 개발에 대한 연구 방향에 대해서 제시하고자 한다.

• The Journal of Society for e-Business Studies
• /
• v.27 no.2
• /
• pp.193-204
• /
• 2022

Smart card data is representative mobility data and can be used for policy development by analyzing public transportation usage behavior. This paper deals with the problem of classifying metro stations using metro usage patterns as one of these studies. Since the previous papers dealing with clustering of metro stations only considered traffic among usage behaviors, this paper proposes clustering considering traffic time as one of the complementary methods. Passengers at each station were classified into passengers arriving at work time, arriving at quitting time, leaving at work time, and leaving at quitting time, and then the estimated shape parameter was defined as the characteristic value of the station by modeling each transit time to Weibull distribution. And the characteristic vectors were clustered using the K-means clustering technique. As a result of the experiment, it was observed that station clustering considering pass time is not only similar to the clustering results of previous studies, but also enables more granular clustering.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.3
• /
• pp.41-48
• /
• 2017

Recently, there has been a lot of ongoing research regarding financial transactions and payments due to the emergence of financial technology (FinTech). Payments have been processed through cash and credit cards, and payment methods have been simplified and are more convenient, with mobile payment via mobile cards and mobile phones. This study offers a new mobile payment method by using a mobile phone instead of a card reader or terminal. For payments, authentication is processed with the user's biometrics and a built-in fingerprint scanner, and the payment is processed after receiving an authentication code issued by the authorizing institution to confirm the user's identity. User biometrics and payment information is secured from any kind of malicious hacker by saving it in a Fast Identity Online (FIDO) Trusted Execution Environment (TEE) section in a smartphone. Regarding key security, every key is securely created in the FIDO TEE section, providing secure mobile payment by neutralizing various malicious attacks, including sniffing and the man-in-the middle attack.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2009.11a
• /
• pp.651-652
• /
• 2009

온라인에서의 전자 거래가 활성화됨에 따라 생활의 편의성은 높아진 반면에 개인 정보 유출의 위험은 점점 증가하고 있다. OTP(One Time Password)는 고정된 패스워드 사용의 문제점을 보완한 강력한 보안 메커니즘이다. 웹 기반의 어플리케이션 탑재가 가능한 SCWS(Smart Card Web Server)에 OTP 기술의 적용은 보안관점에서 더욱 효과적인 결과를 유도할 수 있다. 본 논문은 차세대 스마트카드의 주요 기능 중 하나인 SCWS에 대해 연구하고 OTP 기술을 탑재하여 사용자 중심의 편의성 증진과 안전성을 강화하는 방법을 모색한다.

• The Journal of Society for e-Business Studies
• /
• v.20 no.3
• /
• pp.11-28
• /
• 2015

Due to the mobil-centered lifestyle following the wider use of Smartphones, Mobile services, including mobile banking and mobile shopping business have increased rapidly. Also with the emergence of "Fintech", which finance combined with technology, IT based financial market is going to be highly promising. In this trend, interests mobile credit cards are increasing. But diffusion of the mobile credit card services is still in the low level. In this situation, to identify factors that influencing satisfaction and continuous usage intention on mobile credit card, this study applied innovation diffusion theory (IDT) and post acceptance model (PAM). To conducting this research, survey data were collected, and we used SmartPLS to analyze survey data. As a result of the study, perceived easy of use, image, compatibility and facilitation positively affect user's satisfaction in mobile credit cards and that such satisfaction have a positive impact on continuous intention to use. The facilitation influences user satisfaction more strongly for those who use mobile credit cards more than plastic credit cards. Also, perceived of use and image influence user satisfaction more strongly for those who use plastic credit cards more than mobile credit cards. It is expected that this study can be a guideline for credit card service providers and policy makers to invigorate mobile credit card business. Also it worths as a early-stage research on Fintech-related studies.

• Journal of Korea Multimedia Society
• /
• v.5 no.2
• /
• pp.231-238
• /
• 2002

As electronic commerce is becoming more popular on the Internet, smart cards have been used for safe transfers and transactions on I-commerce popularly. Especially, Java Card considered as a COS for the next generation must take advantage of the good points of Java Language by using this language and making programs asked for by various demands. In this paper, we proposed efficient management system of mileage on the Internet using Java Card. The system has security for data and the simplicity of application development by Java Card cryptography. The system is an independent program saved un Java Card and can calculate and save mileage, although the characteristic of the mileage is different from others through the calculating Process of the Card. Also, the system is developed to encourage the efficiency of a system after comparing and contrasting between established systems and the newly designed one in simulation.

• Proceedings of the Korea Multimedia Society Conference
• /
• 2004.05a
• /
• pp.126-130
• /
• 2004

본 논문은 인중기관, PKI솔루션 업체, 전자거래기관 위주로 제공되어 온 PKI서비스를 안전성, 편의성, 표준적합성, 이동성, 경제성측면에서 개선된 PKI 클라이언트 S/W 기능과 유저 인터페이스(UI)를 제시한다. 이는 복잡한 PKI기술을 모르는 초보 이용자라 할지라도 USB키, 스마트카드 등 여러 이동형 저장매체를 다양한 운영체제에서 쉽고 안전하게 사용할 수 있게 한다. 특히 제안하는 자동 인증서 업데이트 기능, CD를 활응한 인증서 배포방안, 인증서 공통저장위치 및 파일 명명규칙은 하나의 인중서로 다양한 PKI서비스를 이용할 수 있어 Easy PKI화가 가능하리라 기대 된다.

• The Journal of Society for e-Business Studies
• /
• v.8 no.3
• /
• pp.69-86
• /
• 2003

A Protection Profile(PP) is a common security and assurance requirements for a specific class of Information Technology security products such as firewall and smart card. A PP should be included "TOE(Target of Evaluation) Security Environment", which is consisted of subsections: assumptions, treat, organizational security policies. This paper presents a new threats statement generation method for developing TOE security environment section of PP. Our survey guides the statement of threats in CC(Common Criteria) scheme through collected and analysed hundred of threat statements from certified and published real PPs and CC Tool Box/PKB that is included a class of pre-defined threat and attack statements. From the result of the survey, we present a new asset classification method and propose a threats statement generation model. The former is a new asset classification method, and the later is a production rule for a well formed statement of threats.

• The Journal of Society for e-Business Studies
• /
• v.9 no.1
• /
• pp.285-301
• /
• 2004

Public service provision through internet is one of major parts for e-government implementation. It is essential to link the internal administrative network with internet to provide the services through internet and to support kiosks through internet, which should result in critical issues for security. A relay server, as a front server for the public service processing system and a web server, a control server for kiosks, are placed between the public service processing system and kiosks to solve those security issues. It is the way to solve security issues through protecting direct communication between the public service processing system and a web server and authenticating a relay server and a web server through authentication process. In the implementation of the system this paper provide a design for an architecture model of the public service processing system through internet, which are aiming to develop high level of the quality system effectively, to reduce the risk of initial stage of development, and to reduce the incurring cost due to reworks.