News summary regarding announcement from Korea Government (No more public certificates for PKI authe
On Jan. 22, the proposal to abolish the use of public certificates for PKI authentication in Korea was reported by the Ministry of Science and ICT as part of the ‘regulatory reform debate’ originating from President Moon.
The government decided to discontinue Korea’s public certificate authority system and will expand the use of various new technologies related to online and electronic authentication methods such as biometric authentication or blockchain authentication solutions.
Hwan jung Yang, Director of the Ministry of Science and ICT, said “If the differentiation between public and private certificate authentication is eliminated, various innovations in authentication methods such as blockchain and biometric authentication will be allowed to expand. Moreover, the business of Fintech and digital transactions can be invigorated and convenient and secure Internet access without relying on outmoded technologies like ActiveX will be possible.
He added that “We will also transfer management of the top certificates, which are operated by the Korea Internet & Security Agency (KISA) to a private organization.”
If public institutions and financial institutions are equally accredited with private sector authorities, this semi-monopoly will no longer hinder valuable innovation in the authentication space.
The industry expects private certification methods using various new technologies such as blockchain and private certificate systems to expand.
The most anticipated area is the field of Biometric authentication. In its current form, biometric authentication technology alone cannot replace the role electronic signatures provided by existing public certificates. Currently, the services offered in the financial sector in place of public certificate managers are a combination of FIDO, an international standard for biometric authentication, and public authority certificate PKI (public key infrastructure) technology. However, biometric authentication is considered one of the most popular alternatives for the future, since it not only increases security but also eliminates the use of ActiveX or security patches known as “digital disease.”
The spread of this effect is also expected. Previously, each financial institution separately registered public certificates issued by the Korea Financial Telecommunications Clearings and Information Institute, but sharing new types of certificates using private implementations and with blockchain eliminates the need for a centralized registration, so it can be more efficient. Eleven Korean stock firms began to provide trial services using blockchain technology in October 2017, and Korean banks will begin offering trial services in July 2018.
Founder & CEO, Global PD, Inc (Consulting firm for Biometrics, Fintech, and IoT)
Vice Chairman, FIDO Korea Working Group