By Kang Seung-woo
Staff reporter
With smartphone attracting growing buzz, it has pushed up smartphone banking as one of the fastest-rising categories in mobile applications. The cutting-edge service allows consumers to check balances, transfer money and pay bill on a much easier platform than online banking.
Ironically, for banks, rising popularity of smartphone banking has created a new concern. With more people engaged in financial transactions through smartphone, there are growing concerns over the security of the advanced banking service.
Against this backdrop, local banks have stepped up efforts to develop new methods to guard smartphone banking against any financial crimes in order to protect the users from security concerns.
"Like Internet banking, we cannot be free from financial crimes completely. So banks have been preparing for three methods to protect customers, such as public-key certificates, keyboard protector and vaccine program, as we do on personal computer," an official of a local bank said.
As Korea has just taken the first step onto the smartphone banking industry, real damages have not been reported yet, but it witness the first smartphone virus in 'TredDial,' which was designed for Windows Mobile-powered phones and duped the devices into sending random international calls, in April.
"In addition, we are insured against any losses stemming from online transactions according to the law," he added.
Despite the global financial crisis, which swept through the world, there has been a robust demand for smartphone, which enables users to surf the Internet, access e-mail, watch YouTube, enjoy music, play games, let alone financial services.
As a result, most of local commercial lenders have competitively introduced their mobile banking services for the premium handset.
Hana Bank, the nation's fourth-largest bank by assets, led the fashion in December 2009, becoming the first local financial firm to offer the service, followed by Industry Bank of Korea (IBK) and other rivals, including Woori, Kookmin, Shinhan and the National Agricultural Cooperative Federation, or Nonghyup.
According to Telecoms Korea, a local IT website, as of end of March, the number of mobile banking users has recorded 11.85 million people, up 680,000, or 6.1 percent, from 11.17 million people at the end of December. During the span, the number of smartphone users increased from 13,000 to 93,000.
In addition, five provincial banks - Daegu, Busan, Kwangju, Kyongnam Bank and Jeonbuk Bank, have joined the trend of late, as they launched the service in June.
As of mid-June, Kookmin Bank, the nation's largest bank, had drawn 7,567 memberships to its application, despite its latest participation in the surge, while IBK had recruited 34,100 subscriptions.
Woori and Shinhan offered the service to 117,000 and 95,000, respectively.
Amid the increasing jitters over security, experts send a sign of relief to the anxious users.
"Anyhow, security risk is inevitable," Kim Kee-chang, a law professor of Korea University, said.
"But banking service is not too much vulnerable to vicious hacking because smartphone banking is based on web and it need not install any plug-in programs which have been seen as a pipeline of hacking programs."
But he warns of public usage.
"People need to be on alert in using Wi-Fi network in public places, because they can be vulnerable," the professor said.
Hwang Mi-kyung, deputy general manager of communication team at AhnLab, a top Korean cybersecurity company, also said that the current protection is not too weak.
"The risk level has yet to see the red light. Just in case, we need to monitor security more closely," she said.
But she said extra concerns may be a barrier to the full swing.
"Before the service becomes common, over-anxiety can play a bad role in diluting the smartphone banking industry."
In terms of security, smartphone banking users welcomed good news, as the government scrapped rules on online financial transactions, ending its heavy dependence on Microsoft's web browser Internet Explorer (IE) at the end of last month.
In Korea, Internet banking users were required to install public-key certificates in financial transactions and the requirement for public-key certificates was precisely what allowed Microsoft to establish a virtual monopoly in computer operating systems and Web browsers here.
Since early 2000s, Microsoft's Active-X controls on its Internet Explorer (IE) Web browsers remain as the only plug-in tool to download public-key certificates to computers.
The Microsoft-developed tool, introduced in 1996, is designed only to work on its Internet Explorer (IE) web browser and is the key reason the browser cemented its dominance here.
This has prevented the users of non-Microsoft browsers such as Firefox, Chrome and Opera from banking and buying products online, and it led to wild challenges amid high demand for high-tech gadget.
The government took its initial action when the Korea Communications Commission said the online security rules were unfit for a new internet environment involving smartphones.
In addition, after finding that the rules prevented businesses from offering services to smartphones, the Financial Services Commission (FSC) came up with the new regulations allowing the use of other web browsers for financial transactions.
According to FSC spokesman, the financial regulator will experiment with other browsers by late this month.
There were concerns that picking a single software standard to enable financial transactions on smartphone would only expose mobile users to larger security risks, as it could easily be used as a blueprint for cyber criminals to disguise their malicious software, just as they exploit Active-X plug-ins in the desktop computing world.
Users of the iPhone would be less vulnerable, as Apple strictly monitors and controls the programs available on its App Store online applications store, while smartphones powered by more open mobile platforms, such as Android, might be exposed to tech theft.
"Public-key certificates are not a panacea for security. The authorities had absurdly depended on it for a long time," Kim said.
"There are a variety of protecting methods for security and which one to use should be decided by bank."