S. Korea financial sector to step up user authentication

Summary:Financial regulator instructs companies to authenticate users through SMS or automated response systems if the requested withdrawal amount exceed US$2,757, amid a rise in cyber fraud in the country.

Previously, users of most financial companies accessed their Web sites for online transactions through an online authentication certificate, and a single password.

Financial companies in South Korea will increase their identification process for online users in a bid to prevent further cyber fraud.

According to regulator the Financial Supervisory Service (FSS), starting September 26 2013, online users of banks, insurers, brokerage firms and savings banks in the country will have to identify themselves through a text message or automated response systems, The Korea Herald reported on Monday.

An online banking user will receive an authentication number from the financial company he or she wishes to log into, and the number must be typed in correctly for the user to get online access to the desired account.

Financial companies must also ask online users to go through the same verification process if the requested withdrawal amount exceed 3 million won (US$2,757) per day, the regulator said.

Previously, most financial companies, other than major banks enabled users to access their Web sites for online transactions through an online authentication certificate, accessible with a single password.

The new measures came amid a rise in cyber fraud such as voice phishing becoming prevalent in the country, the report noted. Hackers would design a malicious code, which is automatically downloaded onto a user's personal computer from the bank's Web site and steal account details from the user to withdraw money.

South Korean regulators have been making efforts to beef up the security of financial institutions. In July, the regulators instructed local financial firms to disclose details in the event of a security breach , including the reason it happened, as part of efforts to beef up network security. Regulators also instructed local banks to separate their network systems into two, for internal and external usage, and pushed for the set up of a consolidated backup center.

Topics: Security, Government : Asia, Korea


Elly grew up on the adrenaline of crime fiction and it spurred her interest in cybercrime, privacy and the terror on the dark side of IT. At ZDNet Asia, she has made it her mission to warn readers of upcoming security threats, while also covering other tech issues.

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.