• International journal of advanced smart convergence
• /
• v.11 no.4
• /
• pp.20-27
• /
• 2022

In this paper, we propose to improve the designation examination criteria of agencies that provide personal identity proofing based on the resident registration number (RRN), a 13-digit number uniquely assigned by the government to identify Korean citizens. In online commerce, etc., the personal identity proofing agency (PIPA) is a place where online users can prove their personal identity by presenting an alternative means instead of their RRN. The designation examination criteria for PIPAs established in 2012 is a revision of the relevant current laws, and there is a problem in applying the designation examination for alternative means of RRN as the current examination standard. Therefore, in this paper, we propose a method to make the current examination criteria applicable to the newly designated examination of the personal identity proofing service provider based on the current RRN alternative method. According to the current designation examination criteria, only those who satisfy all the examination criteria are designated as the PIPA. However, in reality, it is not in line with the purpose of regulatory reform to require that all examination criteria be satisfied. In the proposed method, it is proposed to apply the standard score system for designation of PIPAs, to make the law current, to secure legal compliance, and to establish a new examination standard to provide a new alternative means of personal identity proofing service. By applying the proposed method to the PIPA designation examination, various alternative means of RRN can be utilized in the online commerce service market.

• International Journal of Internet, Broadcasting and Communication
• /
• v.15 no.4
• /
• pp.1-8
• /
• 2023

This paper analyzes the trends of identification proofing services(PIPSs) to identify and authenticate users online and proposes a method to improve PIPS based on alternative means of resident registration numbers in Korea. Digital identity proofing services play an important role in modern society, but there are some problems. Since they handle sensitive personal information, there is a risk of information leakage, hacking, or inappropriate access. Additionally, online service providers may incur additional costs by applying different PIPSs, which results in online service users bearing the costs. In particular, in these days of globalization, different PIPSs are being used in various countries, which can cause difficulties in international activities due to lack of global consistency. Overseas online PIPSs include expansion of biometric authentication, increase in mobile identity proofing, and distributed identity proofing using blockchain. This paper analyzes the trend of PIPSs that prove themselves when identifying users of online services in non-face-to-face overseas situations, and proposes improvements by comparing them with alternative means of Korean resident registration numbers. Through the proposed method, it will be possible to strengthen the safety of Korea's PIPS and expand the provision of more reliable identification services.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.20 no.2
• /
• pp.201-208
• /
• 2020

Recently, the application of personal proofing service based on social security number(SSN) replacement means for verifying identity in non-face-to-face transactions is increasing. In this paper, we propose a method of applying differentiated personal proofing service on whether identity verification is necessary in the online service provided by ISP and if it is appropriate to apply a certain level of assurance. By analyzing the requirements related to personal proofing required by current ISPs, we analyze the risks for each of the requirements and propose a method of applying differentiated personal proofing service according to the level of identity assurance guarantee to minimize the risks. In applying the proposed method to online service provision, it is possible to reduce user's unnecessary authentication cost by minimizing the application of personal proofing service based on alternative means, and to help protect user personal information by minimizing excessively collected personal information.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.3
• /
• pp.453-462
• /
• 2021

As the status of public certificates expired due to the recent revision of the Electronic Signature Act, electronic signature-based public certificates were also lost in the means of replacing resident registration numbers(RRN). As a result, public certification institutions have recently been designated by the Korea Communications Commission as identity verification service providers through a review of the designation of personal identity proofing agency based on alternative means of RRN. However, unlike existing RRN replacements such as i-PIN, mobile phones, and credit cards, the personal identity proofing process for applicants for certificates is different from existing alternatives. The proposed method shows that it is possible to protect users' personal information and provide universal, reasonable, and safe identification services by applying improvements to electronic signature-based personal identity proofing services.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.2
• /
• pp.29-42
• /
• 2019

As online services become more and more popular due to the development of IT, non-face-to-face transactions are continuously increasing rather than face-to-face transactions. The personal identity proofing service(PIPS) based on the alternative method of the resident registration number is used for the purpose of confirming the identity of the other party on the Internet. However, in the case of the current PIPS, the personal information of the PIPS user is excessively provided to the online service provider. As a result, privacy problems of online users, shortage of choice of information providing options, and lack of differentiation of authentication methods are becoming problems. Therefore, this paper proposes a method to improve the PIPS based on the current resident registration number alternative method and to provide a method to differentiate the provision of excessive personal information. In the proposed method, we analyze trends and current status of overseas online PIPS in order to provide a method of providing differentiation of personal information and proposes an effective improvement method applicable to domestic.

• KIPS Transactions on Computer and Communication Systems
• /
• v.6 no.10
• /
• pp.421-428
• /
• 2017

The need for various approaches to non-face-to-face identification technology for registering and authenticating users online is being required because of the growth of online financial services and the rapid development of financial technology. In general, non-face-to-face approaches can be exposed to a greater number of threats than face-to-face approaches. Therefore, identification policies and technologies to verify users by using various factors and channels are being studied in order to complement the risks and to be more reliable non-face-to-face identification methods. One of these new approaches is to collect and verify a large number of personal information of user. Therefore, we propose a big-data based non-face-to-face Identity Proofing method that verifies identity on online based on various and large amount of information of user. The proposed method also provides an identification information management scheme that collects and verifies only the user information required for the identity verification level required by the service. In addition, we propose an identity information sharing model that can provide the information to other service providers so that user can reuse verified identity information. Finally, we prove by implementing a system that verifies and manages only the identity assurance level required by the service through the enhanced user verification in the non-face-to-face identity proofing process.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.3
• /
• pp.13-23
• /
• 2020

Currently, online means of replacing resident registration numbers(RRN) include I-Pin, mobile phone, credit card, MyPin, and general-purpose certificate. In order to issue alternative means based on the RRN, it must be designated through the designation review by the Korea Communications Commission(KCC) through a designation review by personal proofing agency and be subject to annual management. However, the criteria for designation and follow-up of the designation of the personal proofing agency carried out by KCC have been used in 2010 without revision, and there are problems that do not conform to the evaluation standards of various alternative means. Therefore, in this paper, we propose a method for improving the designation criteria and management system of the personal proofing service agency. The proposed method analyzes the characteristics of the alternative identification-based personal proofing service and proposes a follow-up management standard that can appropriately evaluate the analyzed characteristics and improves the designation criteria according to the emergence of new alternatives. Through the proposed method, it can be seen that it is possible to strengthen the safety of the personal proofing service based on the alternative means of RRN provided online and face-to-face and to protect the user's personal information.

• International Journal of Advanced Culture Technology
• /
• v.10 no.2
• /
• pp.194-200
• /
• 2022

Traditionally, postal services that produce and deliver paper-based notices have been the mainstream. The reason is that it has the function of distribution and proof of delivery in the postal delivery system as well as the advantage of information delivery through postal delivery. After all, for the purpose of distribution and proof of delivery, many organizations use paper-based postal notices. However, in recent years, it has been in the spotlight to produce a paper-based postal notice as an electronic notice and deliver information to a mobile device through the Internet. In this paper, we propose a safe interworking method for user identification information required for private institutions to transmit mobile electronic notices. In order for a private institution to accurately deliver an electronic notice to a mobile service subscriber, a means to confirm whether the private institution and the mobile device subscriber are the same person is required. In the mobile electronic notification service, the connecting information provided by the personal identity proofing agency is used as a means of user identification. Connecting information is called a resident registration number on the Internet and is one-way hash information that can only be created by the personal identity proofing agency designated by the government. In order to transmit a mobile electronic notice, it is necessary to share connecting information for the same user identification between the institution that requests the sending of the electronic notice and the institution that processes the sending of the electronic notice. Connecting information is personal information that can uniquely identify a user, and if it is disclosed, damage such as personal information infringement may occur. As such, it is necessary to prevent problems that may arise from misuse and abuse of connecting information as well as increase in the benefits of sending the mobile electronic notice. In this paper, a safe and effective mobile electronic notification service can be performed by suggesting a method for safe interworking of information related to the mobile electronic notification service.

• Journal of Digital Convergence
• /
• v.14 no.9
• /
• pp.287-299
• /
• 2016

The electronic transactions over the Internet are growing across the world recently. There have been a lot of identity theft incidents during these online transactions nowaday. Therefore, a high level of identity proofing shall be carried out when using online services to deal with these matter. To prevent this kind of incident, i-PIN was introduced in Korea, which is used as an Internet Personal Identification Number. The i-PIN is designated to provide an online identification of the Internet users. As such, the unique identification numbers are provided to the internet service providers. This paper is to analyze the capabilities that the i-PIN provides, to propose the assurance security model for i-PIN. Furthermore, the security analysis results are presented. The result of this paper can be applicable to improve the applicabilities of the i-PIN.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.2
• /
• pp.483-491
• /
• 2023

Due to the spread of mobile devices, the use of mobile electronic notification services is increasing. For the mobile electronic notification service, the connecting information is required to identify the owner of the mobile device and the recipient of the notification. The connecting information is an online resident registration number, and safe management is essential. Therefore, in this paper, the processing flow, interconnecting standard, and management plan are proposed when a mobile electronic notification requesting agency requests the identity verification agency to convert the resident registration number of the recipient of the electronic notification to connecting information. In the proposed method, it is suggested that a safe mobile electronic notification service is possible by defining the process of collective conversion of connecting information between private organizations and personal identity proofing agency, information transmission and reception methods, and interworking standards.