Government to scrap password-based authentication for online bankingMadeinkoreablog
Korean bank customers will soon be able to make online transactions without using security cards or one-time passwords as the government is seeking ways to make online payments easier so as to drive innovation in the sector, financial authorities said Sunday.
“As a part of financial reforms, we plan to abolish the mandatory use of password-based authentication system by revising online financial transaction regulations during the first half of this year,” said an official from the Financial Services Commission.
The move is expected to encourage financial institutions to develop security tools that are more convenient and safer than the OTP and security cards that are currently used in the transfer of money through online and mobile applications.
The Financial Services Commission phased out outdated authentication systems requiring public key certificates or Active-X tools last year, in light of criticism about complicated online banking systems and increasing demand for tougher security measures following a series of data leaks.
Local lenders including KEB Hana Bank have been testing out alternative methods for self-identification such as bio authentication technology to replace the current authentication certificate.
Coupled with the government’s recent preliminary approval to set up the nation’s first Internet-only banks, the deregulation will inject healthy competition in the financial industry for further development of financial technology, experts said.
However, they also pointed out that it will take time to find alternative tools to replace the OTP method which has proven to be effective. Adopting a new method too quickly can lead to data breach cases and other security incidents.
Source : http://www.koreaherald.com/view.php?ud=20160221000365