• Journal of Digital Contents Society
• /
• v.15 no.1
• /
• pp.121-128
• /
• 2014

SSE-CMM for security engineering, engineering, assurance, risk is divided into three elements of the process maturity assessment model and the level of information security presented. Maturity measurement of privacy, vulnerability diagnosis and risk analysis methodologies is used in practical field for present a comprehensive conclusion. The common cyber services are internet banking, mobile banking, telephone banking and the like. Transaction structure, a kind of cyber-banking system, information security maturity of the existing measurement methodologies for research purposes, vulnerability diagnosis and risk analysis methodologies to be used in practical field present a comprehensive conclusion. To ensure safety and convenience for the user, convenient to deal with cyber environment is the key to the activation of cyber trading. Particularly by measuring the maturity of cyber banking system to ensure the safety of the practice field much effects are expected as a result.

• Journal of Korea Multimedia Society
• /
• v.18 no.11
• /
• pp.1342-1350
• /
• 2015

Due to rapid development of mobile device technologies, the mobile banking through Internet has become a major service of banking information systems as a security-critical information systems. Recently, lots of mobile banking information systems which handle personal and transaction information have been exposed to security threats in vulnerable security control and management processes, mainly software systems. Therefore, in this paper, we propose a process model for software security improvements in mobile banking information system by application of fault tree analysis(FTA) and failure modes and effects analysis(FMEA) on the most important activities such as 'user authentication' and 'access control' and 'virus detection and control' processes which security control and management of mobile banking information systems are very weak.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.04a
• /
• pp.447-464
• /
• 2000

많은 사람들이 관심을 가지고 급속도로 발전하는 인터넷 환경의 웹 서비스 중에서 인터넷 뱅킹 시스템은 반드시 필요한 서비스 중의 하나지만, 아직까지 많은 보안상의 문제점을 내포하고 있다. 본 논문에서는 이런 보안상의 문제들 중에서 사용자 인증에 관한 부분, 데이터 암호화에 관한 부분, 키 분배 문제에 관한 부분을 해결할 수 있는 방안을 제시하려 한다. 이를 위해 공개적으로 사용이 가능한 암호 라이브러리인 Crypto++3.1을 이용하여 인터넷 환경에서 보안 서비스를 제공할 수 있는 안전한 인터넷 뱅킹 시스템인 SIBS(Secure Internet Banking System)을 설계 및 구현하였다. SIBS는 빠른 데이터 암호화 처리를 위해 IDEA암호 알고리즘을 사용하였다. 데이터 암호화에 사용할 키를 분배하기 위해서 Diffie-Hellaman키 분배 알고리즘을 이용한다. 또한, 사용자의 인증을 위해 X.509형식의 인증서를 이용하기 위해서 SSLeay를 설치하여 인증서(Certificate)를 발급 받는다. 그러므로, 사용자는 인터넷에서 SIBS의 GUI(Graphic User Interface)를 이용해 빠르고 편리한 접근이 용이하고, 암호 알고리즘에 대한 지식이나 특별한 조치가 없이도 빠른 데이터 암호화 처리와 인증서를 이용한 확실한 사용자 인증을 보장 받을 수 있다.

• Management & Information Systems Review
• /
• v.36 no.3
• /
• pp.167-184
• /
• 2017

In this study, we investigated the effect of offline banking trust on smart banking trust. As influencing factors of smart banking trust, this study compared offline banking trust, smart banking's system quality, and information quality. For the empirical study, 186 questionnaire data were collected from smart banking users and the data were analyzed using Smart-PLS 2.0. As results, it was verified that there is trust transfer in FinTech service, by the significant effect of offline banking trust on smart banking trust. And it was proved that the effect of offline banking trust on smart banking trust is lower than that of smart banking itself. The contribution of this study can be seen in both academic and industrial aspects. First, it is the contribution of the academic aspect. Previous studies on banking were focused on either offline banking or smart banking. But this study, focus on the relationship between offline banking and online banking, proved that offline banking trust affects smart banking trust. Next, it is the industrial contribution. This study showed that offline banking characteristics of traditional commercial banks affect the trust of emerging smart banking service. This means that the emerging FinTech companies are not advantageous in the competition of trust building compared to traditional commercial banks. Unlike traditional commercial banks, the emerging FinTech is innovating the convenience of customers by arming them with new technologies such as mobile Internet, social network, cloud technology, and big data. However, these FinTech strengths alone can not guarantee sufficient trust needed for financial transactions, because banking customers do not change a habit or an inertia that they already have during using traditional banks. Therefore, emerging FinTech companies should strive to create destructive value that reflects the connection with various Internet services and the strength of online interaction such as social services, which have an advantage over customer contacts. And emerging FinTech companies should strive to build service trust, focused on young people with low resistance to new services.

• The Journal of Information Technology
• /
• v.3 no.3
• /
• pp.77-88
• /
• 2000

Electronic Commerce increased rapidly according to the growing popularity of Internet. but payment system are not changed. Now main payment system of electronic commerce are credit card and cyber banking system. Then credit card has some problems safety, privacy etc, and cyber banking system has some problem also. We need new payment system to Electronic Commerce. The merit of electronic money are more capacity, more secure, more reliable, quick and easy to update, secure off-line processing, enabling technology etc than credit card and cyber banking system. And so many countries began using experiment of electronic money and our country began July KOEX building. But it has some problems (standardization, safety of payment, etc). Therefor we must make nile about electronic money in order to standardization and safety of payment. After then electronic money are used widely in electronic commerce.

• The Journal of Information Technology
• /
• v.2 no.2
• /
• pp.107-125
• /
• 1999

The growing popularity of Internet and the technology revolution of information communication has affected our financial system, and electronic banking has increased its scale and range since '90. Now this changes, deeply and fast, invade the our economical-social environments. Without having to go to a bank, customer and merchants will be able to perform freely complicated financial transactions by accessing online banking network and CD/ATM etc. Customer can use the various payment method - cash, credit card, smart cards, electronic money in real world and cyberspace, and manager the assets more efficiently. They increased their money liquidity yet. Banks need to expand the various baskets of transaction services and methods to satisfy their customer needs and create new participator, Government had to evaluate and forecast the trend of electronic banking, and establish a new rules and standards in the new electronic payment system.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.3
• /
• pp.195-200
• /
• 2012

Smart Phone devices offer convenience for users, but present a new set of security issues due to loss or malicious code. In this paper, a mobile cloud system environment is used with existing smart phones in an attempt to solve the problems in a banking environment. In order to prevent financial damages due to loss or personal information leakage by malicious code, a mobile cloud computing service that provides control and protection of personal information in environment that ensures individual authentication is used. Existing ID / Password with certificate, with the way smart phone dual password authentication scheme using the gyro sensors proposed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.827-835
• /
• 2022

In order to use online financial services, user authentication technology is necessary. Password check through keyboard typing is the most common technique. However, since it became known that key stokes on the keyboard can be intercepted easily, many Internet banking services and easy payment services have adopted the virtual keyboard. However, contrary to the expectation that the virtual keyboard will be safe, there is a risk that key strokes on the virtual keyboard can be leaked. In this paper, we analyzed the possibility of password leaking on the virtual keyboard and presented a password leaking method using mouse event hooking and screen capture in PC operating system. In addition, we inspected the possibility of password leak attacks on several famous Korea Internet banking websites and simple payment services, and as a result, we verified that the password input method through the virtual keyboard in the PC operating system is not secure.

• Journal of Korea Society of Industrial Information Systems
• /
• v.8 no.4
• /
• pp.82-93
• /
• 2003

With the development of the Internet, the behavioral manner of offline world has been introduced into online sites. One of representative areas is the Internet banking. The number of the Internet banking users has continually increased. But researches on the characteristics of online users are not enough to prevent any mistakes in online world. They haven't studied any rules that guarantee safety in the Internet. This paper studies the design of main homepage of banks. It tries to study the web design colors in the homepages of banks and give reliable color system that can be used in homepage design

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.159-168
• /
• 2014

With the advancement of internet and mobile communication devices, mobile banking such as internet banking, internet loan and smart phones related to the people's economic activities using mobile communication devices is becoming increasingly more popular. Various security systems to prevent such new crimes are being introduced and the security system market is anticipated to continuously increase substantially in the future. Accordingly, qualitative advancement of the security systems are also in continuous demand. Therefore, this thesis proposes the method and system for quality evaluation of the network access control system by proposing testing and evaluating method for the relevant system through surveying and analyzing the tend in the foundation technologies and standards in the area of network access control system, which is one of the security systems, in order to cope with the demands for the evaluation of the quality of the security system as the security system product market is anticipated to grow continuously.