E-banking scams are on the rise.
Unauthorized withdrawal of 100 million won at the Nonghyup is also estimated to be damage caused by pharming.
moon_and_james-11
There are probably many readers who are anxious after reading related news and articles.
So this time, when using e-banking, the safer OTP (One Time Password)
We would like to guide you on how to issue it and how to use it.
OTP (One Time Password) is an electronic banking (Internet banking, telebanking, mobile banking) transaction that replaces a security card.
It is a portable security medium that generates a one-time password for each transaction.
The key here is to replace the security card used as a security medium in the existing electronic finance.
A security card is a card in which the serial number of the security card and 30 or 35 passwords are statically recorded.
Once issued, the number is static until it is reissued.
< Example of security card stealing pharming site > 이베이스매뉴얼
However, OTP is literally meaningless even if the generated value of OTP is leaked to the one-time password machine.
Therefore, you can use electronic financial transactions that are safer than security cards. 농협 모바일 otp 사용법
※ If the OTP generator device itself is lost, it must be reported immediately through the call center of the financial company.
< Token type OTP (one-time password) generator >
< Card type OTP (one-time password) generator >
OTP is also very easy to use.
Just press the button of the OTP generator at the time of electronic financial transaction and input the generated number. Shinnam Dongle
In addition, when using an existing security card, each financial company had a different security card, so they had to carry multiple security cards.
In the case of OTP, OTP issued by one financial institution through OTP integrated authentication service
It can be used publicly by other financial institutions.
If you use OTP with security level 1, the Internet banking transfer limit will also increase.
Conversely, the transfer limit for transactions using security cards is being reduced.
< Based on Hana Bank,
OTP issuance can be obtained by visiting each bank branch with identification documents.
(Applications for OTP issuance cannot be issued online because face-to-face confirmation is required.)
This time, I also got OTP issued. Cute
I only came with my ID.
When applying for services related to electronic financial services, the bankbook was also reissued because it was necessary.
Be sure to bring your bankbook with you when you go for issuance!
The issuance process required only one simple document to fill out.
The issuance cost was about 5,000 won for the token type and 14,000 won for the card type, which is more expensive.
(The OTP issuance fee is discussed with each financial company.)
In my case, the first 50,000 people for the free OTP issuance event held by Hana Bank have not yet been filled.
Token-type OTP was issued for free. smile dongle
Each financial company is holding a free issuance event to promote OTP dissemination.
I think you can use it if you look for it.
moon_and_james-4
As mentioned above, OTP is an integrated authentication service.
If it is issued in one place, other financial institutions can use the same OTP generator.
OTP is valid for 5 years
The battery life is said to be 2-4 years.
In the case of the battery of the OTP generator, it is impossible for the user to arbitrarily replace it.
When the battery runs out, the bank will have to reissue it as a new device.
This is because when the OTP is decomposed, the internal secret key is damaged and the security is lost.
When you receive an OTP as a secure medium for electronic financial services from a bank
OTP will replace all additional authentication procedures performed through the existing security card.
OTP password authentication is required for reissuance of public certificates and transfer of funds.
< Enter OTP password when reissuing public certificate >
Creating an OTP password is simple.
When entering the OTP password, press the button on the generator and enter the generated number.
< Create OTP password >
You will also need to enter your OTP password when transferring funds.
< Create and enter OTP password for account transfer >
In the same way in smartphone mobile banking, you must create and enter a password through the OTP generator.
< Smartphone mobile banking OTP authentication >
As a result of using OTP directly, it felt much more convenient than a security card that had to find and enter numbers.
However, in the case of token-type OTP generator, portability is poor.
If you are a person who uses online banking a lot,
Considering portability, I would like to recommend issuing a card-type OTP that fits into a wallet.
As seen above, OTP is a convenient and secure authentication method.
Financial authorities and financial institutions are working hard to spread the spread of OTP to replace security cards.
(1) Implementation of voice OTP for the visually impaired
Recently, the Financial Supervisory Service has prepared a way for even the visually impaired to conduct safe electronic financial transactions using OTP.
< Photo of the voice OTP demonstration event for the visually impaired by the Financial Supervisory Service >
Until now, the visually impaired had to use internet banking only with a braille security card, but there were many inconveniences.
However, from now on, it has become easier and safer to use Internet banking through voice OTP.
Voice OTP service is provided by Woori Bank, Shinhan Bank, Kookmin Bank, Hana Bank, Citibank, IBK, and Postal Service Headquarters.
Blind people who want voice OTP can apply at each bank call center and receive it at a branch near their residence.
(When applying for voice OTP issuance, documents proving that you are visually impaired are required.)
I hope there will be more such services that consider the socially disadvantaged in the future!
(2) Implementation of electronic financial fraud prevention service
In addition, in order to prevent the damage of illegal funds transfer from customer accounts through fraudsters stealing personal customer information from the past,
We are implementing 『Electronic Financial Fraud Prevention Service』.
Electronic financial fraud prevention service is provided by individual customers by (re)issuing an accredited certificate or using online.
When transferring more than 3 million won per day (accumulated per day)
It is necessary to use a designated terminal (PC, etc.) and to go through additional authentication (phone or SMS) when using it from an unspecified terminal.
< KEB KEB Electronic Financial Fraud Prevention Service >
Although the service name is slightly different for each financial company, the big concept is the same.
The terminal (PC) designation service provides services related to accreditation and a computer (PC, laptop) that can transfer funds of 3 million won or more per day.
This is a predefined service.
This uses a method to identify the terminal with a unique number on the computer’s network LAN card called MAC.
Through this, even if a hacker steals the user’s financial information,
It has the effect of preventing the transfer of large sums of more than 3 million won.
This is because, if it is not a designated terminal, you must go through the identity verification process through additional authentication by phone or SMS.
In addition, each financial company provides various electronic financial fraud prevention services.
There are secure transfer service (set to require customers to go through SMS authentication on their mobile phone when transferring money through internet banking) and two-channel authentication service.
< Hana Bank Electronic Financial Fraud Prevention Service >
For safer financial transactions, visit your bank’s website or customer center.
Why not check out the additional security steps our readers can take?
(3) Transaction-linked OTP
In addition, through the Financial Security Research Institute, we are striving to develop an authentication system with superior security than OTP.
This is to respond to hacking threats such as voice phishing and pharming, which are increasing day by day.
One of the things we are currently promoting is transaction-linked OTP, which further strengthens security based on OTP.
OTP is known as the most powerful security device in existence.
It is an authentication method that still exposes risks to memory hacking, such as directly manipulating the account number by bypassing the authentication method.
Transaction-linked OTP is easy to explain.
Rather than simply entering a one-time password in the OTP generator.
By using information such as account number and transfer amount at the time of transfer transaction,
This is to create a One Time Password.
Therefore, even if the remittance account number is altered due to memory hacking, etc., the generated OTP password becomes impossible to pay in dollars.
As such, financial authorities are discussing various methods to counter the ever-evolving electronic financial fraud methods.
However, the most important thing is to prevent electronic financial fraud.
It’s your own effort.
Stop telebanking that is not in use immediately, and do not store any financial information on terminals (PCs, smartphones, etc.).
In addition, the use of a vaccine program is essential, avoiding unnecessary increase of the transfer transaction limit, and changing the password frequently
If you do this yourself, I think the risk of being attacked will be lowered.
Lastly, many people know what OTP is, but not many people actually get it and use it.
How about using this opportunity to get a more secure OTP and try it?
I hope that it will be of some help in disseminating and activating OTP.