.jpg) An employee from the Industrial Bank of Korea (IBK) poses to promote the company’s Internet banking service for the Apple iPhone. The popularity of data-enabled smartphones such as the iPhone is prompting calls for Korea to allow more flexibility in Internet security technologies. / Korea Times |
By Kim Tong-hyung
Staff reporter
The Korean computing experience is dictated by Microsoft, which was gift-wrapped a monopoly in security programs for Internet banking and electronic commerce.
Now, after computer users have endured a frustrating decade epitomized by outdated technologies and weightier security woes, the government is finally admitting that the current Internet framework was a mistake.
Existing local regulations require all encrypted online communications to be based on electronic signatures that are enabled through public-key infrastructures. And since the fall of Netscape in the early 2000s, Microsoft's Active-X technology, used on its Internet Explorer (IE) Web browsers, remains the only plug-in tool used to download public-key certificates onto computers.
This prevented users of non-Microsoft browsers such as Firefox and Chrome from banking and purchasing products online. And computer security experts have also claimed that public-key certificates don't add anything to security beyond a simple password gateway, which make them worse than useless as they create the illusion of safety where there is none.
So the recent government decision to allow other verification methods besides public-key certificates could prove to be a turning point in the rebuilding of the country's system for electronic transactions.
But critics, disillusioned after years of circular debate, aren't uncorking the champagne just yet.
The new government rules state that the alternative security technologies should ensure ``matching'' the level of security provided by public-key certificates. It remains to be seen whether this means that financial service firms will be required to pick from a limited set of approved tools instead of having the freedom to choose any technology they see best.
Should the government opt to mandate specific technologies as in protocol, applications or software, critics fear this would recreate a situation similar to the Active-X farce all over again. Although a predetermined set of technologies will relieve companies from the pressure to innovate their security environment, critics say it may double as a blueprint for cyber criminals to find ways to breach them.
``In the big picture, we are moving toward the right direction,'' said Lee Min-wha from the Office of the Small and Medium Business Ombudsman, which has been serving as an amp for the voices resisting the overwhelming use of Active-X.
``However, the really important part of the process is how the specific provisions of the new legal frameworks are written. If the government tries again to mandate specific technologies to companies, despite the fact that it would be in their best interest to find and implement for themselves the best solutions available, we can predict that the same kind of problems will reoccur.''
The renewed legal framework for encrypted online communications allows financial services firms to rely on other methods other than public-key certificates to enable online banking and e-commerce, according to the Korea Communications Commission (KCC), the country's broadcasting and telecommunications regulator.
Payment systems based on non-public key certificates had been previously allowed for small purchases. From the second-half of the year, the KCC said, alternative methods will be allowed for Internet banking and online purchases of more than 300,000 won ($249).
A special committee will be created under the Financial Supervisory Service (FSS) to discuss the technology requirements for the new verification methods, before the government finalizes the detailed provisions of the new legal framework, KCC officials said.
![[INTERVIEW] Ex-NIS chief urges politicians to stop misusing spy agency](https://img.koreatimes.co.kr/upload/thumbnailV2/59da8df88faa4a50ad42945501b03bca.jpg/dims/resize/178/optimize)
![[REVIEW] Musical 'Monte Cristo' returns with riveting tale of vengeance, love](https://img.koreatimes.co.kr/upload/thumbnailV2/3934be1fa6844478b619a015d610bc5b.jpg/dims/resize/178/optimize)
![[INTERVIEW] Meet the man behind giant rubber ducks that once took over Seoul](https://img.koreatimes.co.kr/upload/thumbnailV2/df32c60c8204448e98ccdb9841366bec.jpg/dims/resize/178/optimize)
