• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.20 no.1
• /
• pp.81-86
• /
• 2016

In this paper, we present multi-channel authentication based security card design. Since this security card is written on the transparent paper, security information is extracted by overlaying the card with smartphone screen. This method removes the limitations of physical layout in previous security card and improves the security level. Furthermore, our security card is secure when our card is exposed to malicious users.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.7
• /
• pp.2719-2735
• /
• 2015

In the cloud environment, users pay more attentions to their data security since all of them are stored in the cloud server. Researchers have proposed many mutual authentication schemes for the access control of the cloud server by using the smart card to protect the sensitive data. However, few of them can resist from the smart card lost problem and provide both of the forward security and the backward security. In this paper, we propose a novel authentication scheme for cloud computing which can address these problems and also provide the anonymity for the user. The trick we use is using the password, the smart card and the public key technique to protect the processes of the user's authentication and key exchange. Under the Elliptic Curve Diffie-Hellman (ECDH) assumption, it is provably secure in the random oracle model. Compared with the existing smart card based authentication schemes in the cloud computing, the proposed scheme can provide better security degree.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.3
• /
• pp.501-507
• /
• 2015

The online banking service handles a banking business over the internet, it is necessary to ensure that all financial transactions are processed securely. So, there are various authentication technique for e-banking service : a certificate, a personal identification number(PIN), a security card and a one-time password(OTP). Especially, the security card is most important means including secret information. If the secret information of card is leaked, it means not only loss of security but also easy to attack because security card is a difficult method to get. In this paper, we propose that a multi-channel security card saves an secret information in distributed channel. Proposed multi-channel security card reduces vulnerability of the exposed and has a function to prevent phishing attacks through decreasing the amount of information displayed and generating secret number randomly.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.33-40
• /
• 2016

Credit card is means of payment used like cash in terms of function and its users have increased consistently. With development of Internet and electronic commerce a role as payment method of credit card has been growing. But as the risk which results from centralized information and online increases, credit card fraud is also growing. Card theft and loss are decreasing due to countermeasure of card companies and financial supervisory authorities, while card forge and identity theft are increasing. Recently because of frequent personal information leakage and deregulation of financial security following easy-to-use payment enforcement, customer's anxiety about card fraud is growing. And the increase of card fraud lowers trust on credit system as well as causes social costs. In this paper, the security problems of card operating system are addressed in depth and the measures such as immediate switch to IC card terminals, introduction of new security technology, supervision reinforcement of the authorities are proposed.

• Convergence Security Journal
• /
• v.5 no.2
• /
• pp.57-63
• /
• 2005

According to rapid development of computer and wired-wireless internet, information exchange of networking is growing. Also according as size of industry related e-commerce is bigger, it is Required the necessity of convenient user authentication system. So, the study of new authentication method to have a security and convenience is progressing systematically. Smart card of new authentication method overcome problem of established scheme. So it prospect that will be replaced One Card to have a high security and multi-function. In this papar, we suggest about the implementation of One Card System that the security of smart card and usable in all fields.

• Journal of Computing Science and Engineering
• /
• v.5 no.1
• /
• pp.51-70
• /
• 2011

This paper introduces a new credit card payment scheme called No Number Credit Card that can significantly reduce the possibility of credit card fraud. The proposed payment system is loosely based on Kerberos, a cryptographic framework that has stood the test of time. In No Number Credit Card, instead of card numbers, only payment tokens are exchanged between the customers and merchants. The tokens are generated based on the payment amount, payment type, client information, and merchant information. However, it does not contain the credit card number, so the merchant or a database hacker cannot acquire and illegally use any credit card numbers. The No Number Credit Card system is ideal for online e-commerce transactions and can be used with any credit card that users possess. It can be used with minor modifications to the current card payment system. We provide the principles of its operation through scenario analysis, a sample implementation, and a security analysis

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.4
• /
• pp.125-134
• /
• 2018

Lamport firstly suggested password base authentication scheme and then, similar authentication schemes have been studied. Due to the development of Internet network technology, remote user authentication using smart card has been studied. Li et al. analyzed authentication scheme of Chen et al. and then, Li et al. found out the security weakness of Chen et al.'s scheme such forward secrecy and the wrong password login problem, and proposed an a new smart card based user password authentication scheme. But Liu et al. found out that Li et al.'s scheme still had security problems such an insider attack and man-in-the-middle attack and then Liu et al. proposed an efficient and secure smart card based password authentication scheme. This paper analyzed Liu et al.'s authentication and found out that Liu et al.'s authentication has security weakness such as no perfect forward secrecy, off-line password guessing attack, smart-card loss attack, and no anonymity. And then, this paper proposed security enhanced efficient smart card based password authentication scheme using fuzzy extraction technology.

• The Journal of the Korea Contents Association
• /
• v.16 no.12
• /
• pp.19-26
• /
• 2016

Among the various services for mobile banking, user authentication method using bank security card is still very useful. We can use mobile banking easily and safely in case of saving encoded security codes in smart phone and entering codes automatically whenever user authentication is required without bank security card. In this paper automatic recognition algorithm of security codes of bank security card is proposed in oder to enroll the encoded security codes into smart phone using smart phone camera. Advanced adaptive binarization is used for extracting digit segments from various background image pattern and adaptive 2-dimensional layout analysis method is developed for segmentation and recognition of damaged or touched digits. Experimental results of proposed algorithm using Android and iPhone, show excellent security code recognition results.

• Proceedings of the KIEE Conference
• /
• 2003.07d
• /
• pp.2744-2746
• /
• 2003

ISO/IEC 15408 requires the TOE(Target of Evaluation) Security Environment section of a Protection Profile(PP) or Security Target(ST) to contain a list of assumptions about the TOE security environment or the intended usage of the TOE. This paper presents a specific conditions should be assumed to exist in the smart card environment and the analysis of those conditions developer of smart card PP must consider.

• ETRI Journal
• /
• v.25 no.6
• /
• pp.510-516
• /
• 2003

In this paper, we describe the development of a platform-based SoC of a 32-bit smart card. The smart card uses a 32-bit microprocessor for high performance and two cryptographic processors for high security. It supports both contact and contactless interfaces, which comply with ISO/IEC 7816 and 14496 Type B. It has a Java Card OS to support multiple applications. We modeled smart card readers with a foreign language interface for efficient verification of the smart card SoC. The SoC was implemented using 0.25 ${\mu}m$ technology. To reduce the power consumption of the smart card SoC, we applied power optimization techniques, including clock gating. Experimental results show that the power consumption of the RSA and ECC cryptographic processors can be reduced by 32% and 62%, respectively, without increasing the area.