Upload
fido-alliance
View
536
Download
0
Embed Size (px)
Citation preview
- 4 -Copyright © 2016 KICA. All Rights Reserved.
Identification Method
Birthday
Gender Birth Area Code
Error Verification Code
Resident Registration Number
NID Card
AccreditedCertificate
MobileAuthentication
internet-Personal Identification Number
• Randomly Generated 13 digit numbers
17 M users(2015)
1. National ID and i-PIN
- 5 -Copyright © 2016 KICA. All Rights Reserved.
2. Type of Offline Identification Methods
• The citizen can use a lot of identification methods such as accredited certificate, mobile, bank account, credit card for internet services that needs non face-to-face identification service .
CitizenInternet Services
Credit Card IssuerBankTelco Company
Non Face-to-Face Identification Service
Accredited Certificate Mobile phone
Credit Card
OnlineIdentification
PassportNID Card Driver License
Face-to-Face Identification
Accredited CA
Bank Account,Check Card
Face-to-Face Identification
- 6 -Copyright © 2016 KICA. All Rights Reserved.
3. Type of Online Identification Methods
Credit CardAuthentication
i-PIN
AccreditedCertificate
MobileAuthentication
• Name• Phone number• Telco name• Birthday• Gender• Citizen or Foreigner
• i-Pin ID• Password1• Password2(image letters)
• Credit card number
• Validity period(Month/Year)
• Password(2digits)
Certificate Password
Identification MethodAccredited CA
i-PIN Service ProviderCredit Card Issuer
Telco Company
- 7 -Copyright © 2016 KICA. All Rights Reserved.
4. Statistic of Identification Method
• The Use Rate of Identification Method in Korea
81% 84%
49%
27%
0%
95%
88%
56%
36%
7%
96%
84%
51%
35%
6%
0%
20%
40%
60%
80%
100%
120%
AccreditedCertificate
MobileAuthentication
i-PIN OTP ETC
2013 2014 2015
(Source: Research on the Actual Condition of Electronic Signature System Usage(in Electronic Signature User)-KISA, December 2015)
- 8 -Copyright © 2016 KICA. All Rights Reserved.
5. User authentication method for various services
Service Function Identification Method
Web portal
Log-in (optional)• ID/Password
• OTP (software)
Registration • Mobile authentication
ID/password retrieval
(one selected)
• Registered mobile phone
• E-mail notification
• i-PIN
E-transaction
Log-in• Accredited certificate
• ID/Password (Inquiry only)
Electronic
payment
Account transfer • Account information + Accredited certificate
Credit card
payment
• PIN (6-digits) + Mobile authentication : Easy Payment
• Credit card information + Accredited certificate
- VISA Anshim Click, Internet Secure Payment (ISP)
Mobile phone Payment • Mobile phone information + resident registration number
Financial
institution
(Internet banking)
Log-in • Accredited certificate, ID/PW(Inquiry only)
Account
transfer
Type 1• Accredited certificate + OTP generator
• PKI token(Accredited certificate) + security card
Type 2 • Accredited certificate + security card (2-channel authentication)
Public Procurement
ServiceElectronic bidding • Accredited certificate + fingerprint security token(Bio-HSM)
• Various user authentication methods used for user authentication for web portals, e-transactions, financial institutions and e-government services are shown.
- 10 -Copyright © 2016 KICA. All Rights Reserved.
5 Accredited CAs issued accredited certificates to subscriber around 33 millions in total.
Major PKI Applications
* Internet Banking, Online Stock, Internet Shopping, e-Procurement, e-Government Services, etc.
-
5,000,000
10,000,000
15,000,000
20,000,000
25,000,000
30,000,000
35,000,000
40,000,000
The annual number of valid accredited certificates (as of December 2015, published by KISA)
1. Statistic of Accredited Certificate in Korea
33M
- 11 -Copyright © 2016 KICA. All Rights Reserved.
Accredited Certificate Applications- Top5
96%83%
65%
36% 32%
95%
65% 70%
32% 34%
97%
74% 71%
39% 37%
0%
20%
40%
60%
80%
100%
120%
Internet Banking Payment ofShopping Mall
E-governmentServices
Online Stocktrading
Internet Insurance
2013 2014 2015
63%
42% 43%
1% 1%
62%
42% 40%
3% 2%
60%
42% 43%
4% 4%
0%
10%
20%
30%
40%
50%
60%
70%
RemovableDisk(USB etc.)
Hard Disk Smart Phone PKI Token Smart Card
2013 2014 2015
Accredited certificate storage utilization rate by media
(Source: Research on the Actual Condition of Electronic Signature System Usage(in Electronic Signature User)-KISA, December 2015)
1. Statistic of Accredited Certificate Usage
- 12 -Copyright © 2016 KICA. All Rights Reserved.
Statistics on Accredited CA’s
NoAccredited CA/
Web siteAccredited
DateCharacteristics
1KICA (CA: SignGATE)http://www.signgate.com
2000. 02. 10 Corporation
2KOSCOM (CA: SignKorea)http://www.signkorea.com
2000. 02. 10Special purpose Corporation
3KFTC (CA: YesSign)http://www.yessign.com
2000. 04. 12Non-commercial Organization
4CrossCert (CA: CrossCert)http://gca.crosscert.com
2001. 11. 24 Corporation
5KTNET (CA: TradeSign)http://www.tradesign.net
2002. 03. 11State-run Corporation with special mission
(As of 2016; published by MSIP)
1. Status of Accredited CAs in Korea
- 13 -Copyright © 2016 KICA. All Rights Reserved.
Status and Problems
SD Card
Internal Memory
(Android)
Storage
Improvements
Accredited certificates stored in Hard Disk(SD Card) are easy to hacking by malicious code.
NPKI Folder Stored in APP
Certificate Password: 10 digits(arphanumeric+1 special character)
Accredited certificates should be stored more secure storages such as HSM, USIM, etc.
User’s Biometric Authentication fingerprint, Face, Voice, Iris, etc.
Smart Authentication
(USIM)
Smart OTP HSM
Too many to remember, difficult to type, and not secure
Better Privacy, Better Experience, Better Security
User Authentication
Secure Storage
2. Problem statements
- 14 -Copyright © 2016 KICA. All Rights Reserved.
3. What is K-FIDO?
K-FIDO : Accredited Certificate + FIDO– K-FIDO stands for biometric accredited certification service that uses accredited certificate
without password using FIDO.
– K-FIDO uses biometric authentication such as fingerprint in smartphone instead of password.
– K-FIDO specification will be published by KISA(Korea Internet Security Agency) in 2016.
Password
AccreditedCertificate
Fingerprint Iris
(Source: Wooribank APP)
- 15 -Copyright © 2016 KICA. All Rights Reserved.
FIDO Authenticator
4. Service Architecture
RP APP
Smartphone(Samsung, LG, APPLE)
FIDO Client
FingerprintSensor
CA
Biometric
API PKI Module
FIDO Server
RP Server
OCSP
PC
CertificateIssuance/
Reissuance/Renewal
Certificate Paste/Move
FIDO UAF Protocol
• Developed by the extension of FIDO UAF Protocol.
• Distribute RP APP with FIDO Client and K-FIDO Authenticator.
• Recommend to use KeyStore, TrustZone, KeyChain as a storage of accredited certificate and private key.
• Any types of authentication method can be added.
K-FIDO
(Source: KISA Technical Specification)
K-FIDO Service Architecture
IrisSensor
CertificateVerification
- 16 -Copyright © 2016 KICA. All Rights Reserved.
4.1 Secure Storage for smartphone(1/2)
<Android 6.0 above (use AES Key)>
1) Android KeyStore
Encryption(AES)
Decryption(AES)
AES key
KeyStore
Encrypted private key1
RSA key pair
KeyStore
Encrypted private key1
Encryption(AES)
Decryption(AES)
Session key
Encryption(RSA)
Decryption(RSA)
Session key
Encrypted private key2
Encrypted Session key
Encrypted private key2
Encrypted private key1
Encrypted private key1
<Android 4.3 above and 5.x below(Use RSA Key)>
(Source: KISA Technical Specification)
- 17 -Copyright © 2016 KICA. All Rights Reserved.
4.1 Secure Storage for smartphone(2/2)
Encryption(AES)
Decryption(AES)
AES key
KeyChain
Encrypted private key1
Encrypted private key2
Encrypted private key1
2) Android TrustZone(Source: www.arm.com)
<iOS 2.0 above (use AES Key)>
3) iOS KeyChain
(Source: KISA Technical Specification)
- 18 -Copyright © 2016 KICA. All Rights Reserved.
5. Logical Architecture
RP Application
FIDO Client
ASM
Authenticator(Iris, Fingerprint)
REE (Normal World)
TEE (Secure World)
Crypto Module
PKI Module
Certificate Management Module(CA)
User (Smartphone)
Service Server
FIDO Server
RP Server
Service Provider(SP)
CA Server
OCSP Server(OCSP)
Accredited CA
Certificate Management
(Issuance, Reissuance,
Renewal,Revocation)
Electronic Signature
Electronic Signature
Biometric Sensors
FIDO Service Provider
FIDO AuthCode
FIDO UAF Protocol
CertificateVerification
Electronic Signature
The K-FIDO system consists of a smartphone, an accredited CA, a FIDO service provider, and a service provider.
- 19 -Copyright © 2016 KICA. All Rights Reserved.
5.1 Registration Process
FIDO Client
Authenticator
Biometric Sensor
Certificate Management Module(CA)
FIDO Server
CA Server
① Request Certificate Issuance
② UAF Registration Request
③ Bio-authentication
④ FIDO signature
⑤ UAF Registration Response
⑥ Request Certificate Issuance
Crypto Module
Secure Element
RP Application
⑦ Generate key pairs
⑧ Request Certificate Issuance
FIDO Registration
⑪ Save the accredited certificate and encrypted private key
The K-FIDO registration process uses FIDO registration protocol and issues the accredited certificate for CA after checked a bio-authentication of user.
⑨ Issue a certificate
⑩ accredited certificate
- 20 -Copyright © 2016 KICA. All Rights Reserved.
5.2 Authentication Process
FIDO Client
Authenticator
Biometric Sensor
PKI Module
FIDO Server
① Request electronic signature
② UAF Authentication Request
③ Bio-authentication
④ FIDO signature
⑤ UAF Authentication Response⑥ Request electronic
signature
Crypto Module
Secure Element
RP Application
⑦ Request electronic signature
⑧ Generate electronic signature
Service Server⑨ Send Signed Data
OCSP Server
FIDO Authentication
⑪ Certificate Verification
RP Server
⑩ Verify Signed Data
⑫ Verify AuthCode
The K-FIDO authentication process uses FIDO authentication protocol and generates an electronic signature by user’s private key. Service provider verifies the signed data from OCSP server.
- 21 -Copyright © 2016 KICA. All Rights Reserved.
6. K-FIDO Service Demo
Settings Lock screen and security Fingerprints
Demo Scenario of K-FIDO Service
PC
Push
Mobile
Mobile
(Source: KICA K-FIDO Demo APP)
- 22 -Copyright © 2016 KICA. All Rights Reserved.
6. Service Demo: ① Registration
The Registration of Accredited Certificate
– Fingerprint match policy is single matching with each accredited certificate and fingerprint.
– User can choose the different biometric authentications if a site provides multiple authenticators.
Execute KICA App Register Fingerprint Verify Password Registration Result
1. Client “Bio-Authentication Center” icon
3. If matched, perform fingerprint authentication
2. Input the password for the selected an accredited
certificate.
4. If succeeded, fingerprint registration for the accredited
certificate will be completed.
(Source: KICA K-FIDO Demo APP)
- 23 -Copyright © 2016 KICA. All Rights Reserved.
6. Service Demo: ② APP Login
Example of Smartphone Login
– The accredited certificates store in user’s smartphone.
– K-FIDO authenticator can connect any FIDO clients and any Service Provide APPs with SDK.
App Execution Select Certificate Complete Login
1. Click “login” icon based on accredited certificate.
2. Select an accredited certificate to use and authenticate with a
registered fingerprint.
3. It matched, login process will be succeed.
(Source: KICA K-FIDO Demo APP)
- 24 -Copyright © 2016 KICA. All Rights Reserved.
6. Service Demo : ③ Web Login
Example of Web page Login
– Web Brower in PC doesn’t install any ActiveX software. (HTML5)
– The User signed up for the web site and registered his/her mobile phone number.
1. Select login based on fingerprint.2. Input an ID and click “Login”
KICA App PushService to the
registered user’s
smartphone
Select Certificate
5. Complete Web page Login
3. Select an accredited certificate to use, touch the fingerprint, and authenticated with a registered fingerprint.
4. Send authentication result to the service provider server.
(Source: KICA K-FIDO Demo APP)
- 26 -Copyright © 2016 KICA. All Rights Reserved.
1. Bio-Authentication Service Model
• Samsung’s payment platform
• Support credit card/account payment, ATM saving /withdrawal, etc.
• Alternative to certificate passwords (KISA)
• Firmware-level support from Samsung Galaxy Note7 (Samsung PASS)
• Cloud-based service (SECaaS)
• Target for small & medium business
• Alternative to Passwords (FIDO Alliance)
• User authentication method with fingerprint, Iris, etc.
CASEStudy
On-Premises Type
Cloud TypeASP Type
?
- 27 -Copyright © 2016 KICA. All Rights Reserved.
2. Bio-authentication Case Study
Name PurposeAuthentication
TypeAuthenticator Service Type FIDO Service Phone Brand Open Date
Samsung Pay
Payment,ATM Saving/Withdrawal, etc
FIDO(Samsung)
Fingerprint, Iris
ASP Type KICA Samsung 2015.08.20
SamsungCard
Login,Payment
FIDO(KICA)
Fingerprint ASP Type KICASamsung, APPLE
2016.08
IBK Bank Money TransferK-FIDO(KICA)
Fingerprint ASP Type KICA Samsung 2016.08.12
KEB Hana bank
Money Transfer FIDO(Samsung PASS)
Iris On-Premise Samsung Samsung 2016.08.19
WooribankLogin,Money Transfer
K-FIDO(Samsung PASS)
Iris ASP TypeSamsung + KICA
Samsung2016.08.19
(Source: Samsung Pay APP, Samsung Card APP, IBK APP, Wooribank APP, KEB Hana bank APP)
- 28 -Copyright © 2016 KICA. All Rights Reserved.
Samsung(FIDO)
FIDO Client
ASM
Authenticator
KICA Library SAMSUNG(Samsung PASS)
Authentication Framework
RP Client SDK
FIDO Client
ASM
Authenticator
FIDOModule
K-FIDOModule
K-FIDO Module
FIDO Module
Crypto Module
Certificate Management
Module
PKI Module
SAMSUNG(Samsung PAY)
Pay Framework
FIDO Module
Pay Module
Sensor
2. Case Study: Device Configuration
FIDO
FIDO Client
ASM
Authenticator
KICA LibraryRP Client SDK
FIDO Client
ASM
Authenticator
FIDOModule
K-FIDOModule
Sensor
- 29 -Copyright © 2016 KICA. All Rights Reserved.
Android
iOS
Windows
Credit Card Payments
Internet Banking
Money TransferAccount Payment
ATM SavingATM Withdraw
AuthenticationLogin
AndroidSamsung
LGOthers
WindowsPCs
Mobile AppStores
Google PlayiOS AppStore
3. CASE1: Samsung Pay
GeneralPurpose Protocols
FIDO(UAF)K-FIDO(UAF)
HardwareARM TrustZone
Secure ElementUSIM
IC Card
SoftwareIn Apps
SecurityFoundations
On DevicePIN
FingerprintIris
VoiceFace
Platforms Distribution
On Premise Type
ASP TypeSamsung Pay
KICASamsung PASS
Cloud TypeSecurity as a Service
Authenticator Use CasesServices Model
Samsung Pay is the new, simple and secure way to pay with your Samsung Galaxy device. Accepted almost anywhere you can swipe or tap your card.
CASE 1
- 30 -Copyright © 2016 KICA. All Rights Reserved.
3.1 Samsung Pay: Overview
Safe and secure mobile payments virtually anywhere you can swipe your card
Everywhere Secure
MST, NFC payment
Offline & online Payment
One hand operation
Easy to setup
Consistent User Experience
Value Added Service
Fingerprint Authentication(FIDO support)
Samsung KNOX
Tokenization
Simple
CASE 1
(Source: Samsung Pay)
- 31 -Copyright © 2016 KICA. All Rights Reserved.
3.2 Samsung Pay: Security
Security & Protection: Designed with our highest level of security available
Fingerprint Authentication Samsung Knox
Each transaction uses a random token instead of your card number, which means
your actual information isn’t shared when you shop and your details stay safe.
TokenizationTransaction are authorized with your fingerprint, so you’re in control of when each payment is made.
With Samsung KNOX, your phone is constantly monitored
for vulnerabilities.Even if your phone is ever compromised, your card information is still safely
encrypted within a separate and secure data vault.
CASE 1
(Source: Samsung Pay)
- 32 -Copyright © 2016 KICA. All Rights Reserved.
3.3 Samsung Pay: Credit Card Payment
Settings Lock screen and security
Fingerprints
• NFC : Near Field Communication• MST: Magnetic Secure Transmission
NFC MST+
Payment process of Samsung Pay
CASE 1
(Source: Samsung Pay)
- 33 -Copyright © 2016 KICA. All Rights Reserved.
3.4 Samsung Pay: Add Card Process
Select ‘Add Card’ Add Card Enter card info Agree Term Mobile Authentication
Fingerprint VerificationType Payment Password Enter Signature Complete
1 2 3 4 5
6 7 8 9 10
CASE 1
(Source: Samsung Pay)
- 34 -Copyright © 2016 KICA. All Rights Reserved.
3.5 Samsung Pay: Payment Process
Fingerprint or Iris AuthenticationSelect Card or Bank Account Touch POS Device
1 2 3
Number 1: Samsung Pay(Easy and Secure)
Customer Satisfaction Survey of Easy Payment Service
(August 30, 2016, Korea Consumer Agency)
CASE 1
(Source: Samsung Pay)
- 35 -Copyright © 2016 KICA. All Rights Reserved.
3.6 Samsung Pay: ATM Saving/Withdrawal
Smart Phone(Samsung)
This is a working scenario of FIDO based ATM in Wooribank.
ATM (NFC Reader)
① Select Withdraw from bank account② Enter your bank account PIN③ Type in the withdrawal amount
④ Scan your fingerprint to withdraw your cash
④ Hold your device near the ATM card reader
⑤ Withdraw the money from ATM machine
CASE 1
(Source: Wooribank ATM)
- 36 -Copyright © 2016 KICA. All Rights Reserved.
Android
iOS
Windows
Easy Payments
Credit Card Payments
Internet Banking
AuthenticationLogin
AndroidSamsung
LGOthers
WindowsPCs
Mobile AppStores
Google PlayiOS AppStore
4. CASE2: Samsung Card
GeneralPurpose Protocols
FIDO(UAF)K-FIDO(UAF)
HardwareARM TrustZone
Secure ElementUSIM
IC Card
SoftwareIn Apps
SecurityFoundations
On DevicePIN
FingerprintIris
VoiceFace
Platforms Distribution
On Premise Type
ASP TypeSamsung Pay
KICASamsung PASS
Cloud TypeSecurity as a Service
Authenticator Use CasesServices Model
Fingerprint based FIDO Service Samsung Card: This model provides a fingerprint authentication for login, easy payment
using Samsung, APPLE smartphone.
CASE 2
- 37 -Copyright © 2016 KICA. All Rights Reserved.
4. Samsung Card: Fingerprint Login
Agree Term Mobile Authentication Fingerprint Authentication Registration End
Login Start Fingerprint Authentication Login Success
Step1 : The User registers fingerprint logins
Step2: The user logs in with the fingerprint.
CASE 2
(Source: Samsung Card APP)
- 38 -Copyright © 2016 KICA. All Rights Reserved.
Android
iOS
Windows
Easy Payments
Credit Card Payments
Internet Banking
AuthenticationLogin
AndroidSamsung
LGOthers
WindowsPCs
Mobile AppStores
Google PlayiOS AppStore
5. CASE3: IBK Bank
GeneralPurpose Protocols
FIDO(UAF)K-FIDO(UAF)
HardwareARM TrustZone
Secure ElementUSIM
IC Card
SoftwareIn Apps
SecurityFoundations
On DevicePIN
FingerprintIris
VoiceFace
Platforms Distribution
On Premise Type
ASP TypeSamsung Pay
KICASamsung PASS
Cloud TypeSecurity as a Service
Authenticator Use CasesServices Model
Fingerprint based K-FIDO Service IBK Bank: This model provides a fingerprint authentication instead of accredited certificate
password for site login, money transfer and so on using Samsung smartphone.
CASE 3
- 39 -Copyright © 2016 KICA. All Rights Reserved.
5. IBK Bank: Registration(1/2)
The i-ONE Bank service in IBK Bank provides K-FIDO based smart banking service.
① Click “Authentication Center” menu
② Click “Fingerprint Registration” menu
③ Select Accredited Certificate
④ Type the passwordof selected accredited certificate
Certification Center
Certification List
Certificate Password
Register Fingerprint
CASE 3
(Source: IBK bank APP)
- 40 -Copyright © 2016 KICA. All Rights Reserved.
5. IBK Bank: Registration(1/2)
This is an accredited certificate registration process with fingerprint.
Complete Registration
⑥ Click “User Agreement”
⑦ Mobile Authentication⑧ OTP Authentication
⑨ Perform Fingerprint authentication
⑩ Complete Registration
⑤ Start Fingerprint Registration
OTP Numbers
OTP Numbers
Mobile authentication
Term and Conditions
Next
Fingerprint
CASE 3
(Source: IBK bank APP)
- 41 -Copyright © 2016 KICA. All Rights Reserved.
Android
iOS
Windows
Easy Payments
Credit Card Payments
Internet Banking
AuthenticationLogin
AndroidSamsung
LGOthers
WindowsPCs
Mobile AppStores
Google PlayiOS AppStore
6. CASE4: KEB Hana Bank
GeneralPurpose Protocols
FIDO(UAF)K-FIDO(UAF)
HardwareARM TrustZone
Secure ElementUSIM
IC Card
SoftwareIn Apps
SecurityFoundations
On DevicePIN
FingerprintIris
VoiceFace
Platforms Distribution
On Premise Type
ASP TypeSamsung Pay
KICASamsung PASS
Cloud TypeSecurity as a Service
Authenticator Use CasesServices Model
Iris based FIDO service KEB Hana Bank: This model provides a iris authentication of Samsung Pass for money transfer
and so on using Samsung smartphone. (Alternative of Accredited certificate but ARS authentication and OTP are still used)
CASE 4
- 42 -Copyright © 2016 KICA. All Rights Reserved.
6. KEB Hana Bank: Iris Registration(1/2)
Iris-login Information Agree Term Create Samsung Account
Iris Registration Start Login Select Iris-Login
1 2 3
4 5 6
CASE 4
(Source: KEB Hana Bank APP)
- 43 -Copyright © 2016 KICA. All Rights Reserved.
6. KEB Hana Bank: Iris Registration(2/2)
Check User Info SMS / Security CardAuthentication
Show Iris Info Samsung PASS info Agree S-PASS Term Set S-PASS PIN
Iris Authentication Registration End
7 8 9 10 11 12
13 14
CASE 4
(Source: www.etnews.com)
- 44 -Copyright © 2016 KICA. All Rights Reserved.
6. KEB Hana Bank: Money Transfer
ARS AuthenticationStart Money Transfer Iris Authentication End Money Transfer
1 2 3 4
ARS: 2-channeal authentication(phone, internet)
Withdrawal account informationDeposit account information
CASE 4
(Source: www.etnews.com)
- 45 -Copyright © 2016 KICA. All Rights Reserved.
Android
iOS
Windows
Easy Payments
Credit Card Payments
Internet Banking
AuthenticationLogin
AndroidSamsung
LGOthers
WindowsPCs
Mobile AppStores
Google PlayiOS AppStore
7. CASE5: Wooribank
GeneralPurpose Protocols
FIDO(UAF)K-FIDO(UAF)
HardwareARM TrustZone
Secure ElementUSIM
IC Card
SoftwareIn Apps
SecurityFoundations
On DeviceFingerprint
IrisPIN
VoiceFace
Platforms Distribution
On Premise Type
ASP TypeSamsung Pay
KICASamsung PASS
Cloud TypeSecurity as a Service
Authenticator Use CasesServices Model
Iris based K-FIDO Service Wooribank: This model provides a iris authentication of Samsung Pass instead of accredited
certificate password for site login, money transfer and so on using Samsung smartphone.(No use ARS authentication and security card)
CASE 5
- 46 -Copyright © 2016 KICA. All Rights Reserved.
7. Wooribank: Certificate Registration
Bio-Auth CenterLogin Start Registration User Notification Agree Term
Mobile Authentication Iris Authentication Certificate Issuance Complete Registration
1 2 3 4 5
6 7 8 9
CASE 5
(Source: www.etnews.com)
- 47 -Copyright © 2016 KICA. All Rights Reserved.
7. Wooribank: Login / Money Transfer
Select Money TransferWooribank APP Iris Authentication Iris Verification
Input account info Confirm info Iris Verification Complete Transfer
1 2 3 4Login
1 2 3 4
MoneyTransfer
CASE 5
(Source: wooribank APP)
Dr. Jae Jung Kim([email protected])