Major banks and credit companies will introduce a mobile phone application that generates one-time passwords for personal authentication to facilitate transactions for customers.
The smart OTP system will be cheaper and easier to use than the current OTP system, which requires separate equipment. But the move has triggered security concerns.
KB Kookmin Bank said earlier this month it will establish a technology-based financial business platform which will guarantee both convenience and security to customers. Its action plan includes the introduction of a smart OTP application, which generates a one-time password when it is activated and connected to a synchronized credit card.
The new system would mean users will no longer be required to use the two-step process of using their OTP generator for a password and then enter it on their mobile banking applications, according to officials.
Shinhan Bank and Hana Bank are expected to follow suit and launch a similar smart OTP platform within the year.
Woori Card will be the first local credit card operator to adopt the smart OTP as early as the first half of the year, officials said.
The Financial Services Commission revised e-financial supervision regulations earlier this year so as to allow consumers to carry personal identification methods on their mobile phones, which meant smart OTP systems could be used. Under previous rules, authentication systems had remained separate from financial transaction instruments, such as computers and mobiles phones.
Despite the user convenience, however, the smart OTP system has raised concerns about information security. It can be vulnerable to hacking attacks or malicious codes, analysts said, because it is operated through a mobile application. Also, if a user lost their mobile phone and credit card at the same time, it would increase the risk of others getting access to their personal information.
Banks claim the smart OTP is safe as it will only be available in a limited range.
“The smart OTP system is an updated backup system to replace the conventional security card, which had a relatively low level of security,” said a bank official. “It will not completely replace the conventional OTP system.”
By Bae Hyun-jung (
tellme@heraldcorp.com)