The telecommunication and banking industries are competing with each other to upgrade an accredited certificate with a safer platform. They are seeking to remedy the security hole in the accredited certificate, but they are actually fighting to take the initiative in a banking platform.
On July 15, three mobile carriers announced that they will jointly commercialize a smart authentication service by inserting an accredited certificate in the Universal Subscriber Identity Module (USIM). The banking platform is expected to be safer and more convenient, given that the certificate is stored in a mobile phone, and a large number of people carry their smartphone whenever and wherever they go.
However, the banking industry seems to be uncomfortable with the smart authentication service. Even though SKT, KT, and LG U+ are saying that their service is aimed at improving the security of the accredited certificate, the industry believes that they are striving to take the initiative in the banking platform sector.
“It is true that the method to store an accredited certificate inside a USIM is much safer,” said an official high in the banking industry, who spoke on the condition of anonymity. The official added, “But if this service becomes mainstream, consumers will be totally dependent on the platform. Furthermore, it is possible that banks or credit card companies will be required to consult with carriers about their own payment services.”
The banking industry is working to upgrade the security of the accredited certificate, together with the Korea Financial Telecommunications & Clearings Institute, Koscom, and a certificate authority. Currently, the method to store an accredited certificate inside an app is under consideration. At first, the industry pushed forward with a plan to store an accredited certificate in a micro SD card. Nevertheless, the plan died in the end, due to evolving mobile operating systems in a way that do not recognize Micro SD cards. Hence, the industry came up with an idea to prove a user's identity and facilitate financial transactions by storing an accredited certificate in mobile banking apps or credit card apps.
It will be meaningless to evaluate the technical superiority of the two methods. If users can freely choose a more secure and convenient platform, developers will compete and technological advances will follow.
However, if they are just trying to take the initiative in the banking platform, it will be a different story. Owing to developers' tendency to keep users at all costs, so-called “lock-in effects” are more likely to occur. If mobile carriers allow people to use all kinds of banking services with USIM, regardless of carriers or phones, the method will be desirable.
Fees that mobile carriers collect are also controversial. Users are required to pay 990 won (US$0.87) per month for the smart authentication service. It will also be possible for carriers to collect transaction fees from the banking industry and to get profits from apps that are chosen.