• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.3
• /
• pp.107-117
• /
• 2014

The personal information extrusion accident(hacking, improper maintenance) by the internet has been increased rapidly during the last ten-year period. The personal information includes Korean resident registration number, name, cellphone number, home telephone number, E-mail address, home address, etc. Korean resident registration number is unchangeable from the cradle to the grave. Illegally accessed personal information can be wrongfully resoled or used at phishing scam. In this paper, we propose a alternative means of Korean resident registration number using the authorized certificate. The authorized certificate is in use safely in Internet. The authorized certificate(included Chinese name) is in used in offline service, the authorized certificate(included English name) is used in online(for government service) and the authorized certificate(not included name) is used in online(for private service). The authorized certificates are possible for discard, republication. The method can reduce the possibility of the personal information extrusion.

• International journal of advanced smart convergence
• /
• v.11 no.4
• /
• pp.20-27
• /
• 2022

In this paper, we propose to improve the designation examination criteria of agencies that provide personal identity proofing based on the resident registration number (RRN), a 13-digit number uniquely assigned by the government to identify Korean citizens. In online commerce, etc., the personal identity proofing agency (PIPA) is a place where online users can prove their personal identity by presenting an alternative means instead of their RRN. The designation examination criteria for PIPAs established in 2012 is a revision of the relevant current laws, and there is a problem in applying the designation examination for alternative means of RRN as the current examination standard. Therefore, in this paper, we propose a method to make the current examination criteria applicable to the newly designated examination of the personal identity proofing service provider based on the current RRN alternative method. According to the current designation examination criteria, only those who satisfy all the examination criteria are designated as the PIPA. However, in reality, it is not in line with the purpose of regulatory reform to require that all examination criteria be satisfied. In the proposed method, it is proposed to apply the standard score system for designation of PIPAs, to make the law current, to secure legal compliance, and to establish a new examination standard to provide a new alternative means of personal identity proofing service. By applying the proposed method to the PIPA designation examination, various alternative means of RRN can be utilized in the online commerce service market.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.15 no.2
• /
• pp.29-42
• /
• 2019

As online services become more and more popular due to the development of IT, non-face-to-face transactions are continuously increasing rather than face-to-face transactions. The personal identity proofing service(PIPS) based on the alternative method of the resident registration number is used for the purpose of confirming the identity of the other party on the Internet. However, in the case of the current PIPS, the personal information of the PIPS user is excessively provided to the online service provider. As a result, privacy problems of online users, shortage of choice of information providing options, and lack of differentiation of authentication methods are becoming problems. Therefore, this paper proposes a method to improve the PIPS based on the current resident registration number alternative method and to provide a method to differentiate the provision of excessive personal information. In the proposed method, we analyze trends and current status of overseas online PIPS in order to provide a method of providing differentiation of personal information and proposes an effective improvement method applicable to domestic.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.2
• /
• pp.11-22
• /
• 2015

The almost of Web page has been gathered the personal information(Korean resident registration number, name, cell-phone number, home telephone number, E-mail address, home address, etc.) using the membership and log-in. The all most user of Web page are concerned for gathering of the personal information. I-pin is the alternative means of resident registration number and has been used during the last ten-year period in the internet. The accident of I-pin mass illegal issue was happened by hacker at February, 2015. In this paper, we analysis the problems of I-pin system about I-pin mass illegal issue accident and propose a improvement method of it. First, I-pin issue must be processed by the off-line of face certification in spite of user's inconvenience. Second, I-pin use must be made up through second certification of password or OTP. The third, the notification of I-pin use must be sent to the user by the text messaging service of cell-phone or the E-mail. The forth, I-pin must be used an alternative means of Korean resident registration number in Internet. The methods can reduce the problems of I-pin system.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.16 no.3
• /
• pp.13-23
• /
• 2020

Currently, online means of replacing resident registration numbers(RRN) include I-Pin, mobile phone, credit card, MyPin, and general-purpose certificate. In order to issue alternative means based on the RRN, it must be designated through the designation review by the Korea Communications Commission(KCC) through a designation review by personal proofing agency and be subject to annual management. However, the criteria for designation and follow-up of the designation of the personal proofing agency carried out by KCC have been used in 2010 without revision, and there are problems that do not conform to the evaluation standards of various alternative means. Therefore, in this paper, we propose a method for improving the designation criteria and management system of the personal proofing service agency. The proposed method analyzes the characteristics of the alternative identification-based personal proofing service and proposes a follow-up management standard that can appropriately evaluate the analyzed characteristics and improves the designation criteria according to the emergence of new alternatives. Through the proposed method, it can be seen that it is possible to strengthen the safety of the personal proofing service based on the alternative means of RRN provided online and face-to-face and to protect the user's personal information.

• Journal of Information Technology Services
• /
• v.16 no.2
• /
• pp.97-110
• /
• 2017

Due to development of IT, various Internet services via the non-face-to-face are increasing rapidly. In the past, the resident registration numbers (RRN) was used a mean of personal identification, but the use of RRN is prohibited by the relevant laws, and the personal identification services using alternative means are activated. According to the prohibition policy of RRN, i-PIN service appeared as an alternative means to identify a person. However, the user's knowledge-based i-PIN service continues to cause fraudulent issuance, account hijacking, and fraud attempts due to hacking accidents. Due to these problems, the usage rate of i-PIN service which performs a nationwide free personal identification service, is rapidly decreasing. Therefore, this paper proposes a technical safety enhancement method for security enhancement in the i-PIN-based personal identification service. In order to strengthen the security of i-PIN, this paper analyzes the encryption key exposure, key exchange and i-PIN authentication model problems of i-PIN and suggests countermeasures. Through the proposed paper, the i-PIN can be expected to be used more effectively as a substitution of RRN by suggesting measures to enhance the safety of personal identification information. Secured personal identification services will enable safer online non-face-to-face transactions. By securing the technical, institutional, and administrative safety of the i-PIN service, the usage rate will gradually increase.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.3
• /
• pp.453-462
• /
• 2021

As the status of public certificates expired due to the recent revision of the Electronic Signature Act, electronic signature-based public certificates were also lost in the means of replacing resident registration numbers(RRN). As a result, public certification institutions have recently been designated by the Korea Communications Commission as identity verification service providers through a review of the designation of personal identity proofing agency based on alternative means of RRN. However, unlike existing RRN replacements such as i-PIN, mobile phones, and credit cards, the personal identity proofing process for applicants for certificates is different from existing alternatives. The proposed method shows that it is possible to protect users' personal information and provide universal, reasonable, and safe identification services by applying improvements to electronic signature-based personal identity proofing services.

• The Journal of the Convergence on Culture Technology
• /
• v.7 no.4
• /
• pp.735-743
• /
• 2021

The mobile electronic notice service (MENS) is a service that delivers a mobile electronic notice to a smartphone in the person's name through an authorized electronic document intermediary instead of a bill that was delivered by mail using paper. In order to provide the MENS, information is needed to identify the same user between the sending agency and the authorized electronic document relay. In this paper, we propose a standard for safe conversion and utilization of Connecting Information (CI) used as user identification information for MENS. In the proposed method, it is necessary for the requesting institution to send the electronic notice to provide the resident registration number to the identity verification institution and convert it into the CI. In this case, a safe and efficient MENS will be possible by proposing a review standard and processing method to verify the appropriateness of the conversion of CI. By applying the proposed method to the MENS, it can contribute to service activation and reinforcement of user privacy protection.