-Securing standard technology capabilities through the Korea Internet & Security Agency's integrated module distribution project.
Accelerate business expansion by securing standard technologies for simple authentication, electronic signatures, and identity verification.
Data platform service company NexoneSoft (CEO Choi Deok-hoon) announced on the 5th that it has expanded the scope of application of standard technology through the Korea Internet & Security Agency's 'Safe Identity Verification Service Integrated Module Distribution Project'.
Through this project, NexoneSoft developed a standard identity verification technology and secured all the standard technologies for simple authentication, electronic signatures, and identity verification provided by Nexvisign, its integrated authentication service. Previously, through the Korea Internet & Security Agency's (KISA) Digital Authentication Expansion Center project, NexoneSoft secured standard technologies in simple authentication and electronic signatures. Building on this foundation, the company is expanding its business into areas such as healthcare, telecommunications MyData, and financial institution digital services.
The Secure Identity Verification Service Integrated Module Distribution Project strengthened service security and convenience by developing identity verification service standardization technology, improving authentication procedures, and examining vulnerabilities at user organizations. The Integrated Identity Verification Service Module provides all identity verification methods—certificates, mobile phones, credit cards, and i-PIN—in one place, enhancing user convenience and accessibility. It also unifies the authentication structure, which previously operated differently across organizations, thereby strengthening service stability and security. This standardized authentication model is designed to enhance service stability and security.
In particular, the authentication process has been changed so that the results are transmitted directly from the identity verification agency to the service provider's server without passing through the user's terminal, eliminating the risk of personal information exposure and theft. Furthermore, to ensure smooth distribution of the integrated identity verification service module, we conducted a vulnerability inspection of the websites of approximately 100 organizations and companies using the identity verification service. Through this, we checked for ▲ personal information (CI/DI values) exposure ▲ parameter tampering ▲ data reuse ▲ encryption key/module exposure ▲ omission of process verification ▲ use of secure communication protocols, and identified necessary improvements.
Additionally, the standard technology for the integrated module for the identity verification service is currently undergoing standardization review by the Telecommunications Technology Association (TTA) of Korea. Through standardization registration, the plan is to define technical standards for the API specifications, communication and authentication methods, and transmission data protection methods used for integration between identity verification agencies and user organizations. This will enhance security and facilitate the expansion of various alternative resident registration methods for user organizations. The final standardization review and registration are expected to be completed by the end of this year.
NexoneSoft CEO Choi Deok-hoon expressed his ambition, saying, “Through this project, NexoneSoft has strengthened its expertise in standard technologies in the areas of identity verification, simple authentication, and electronic signatures, and secured capabilities to respond to security vulnerabilities in the authentication field.” He continued, “Based on this, we will expand security vulnerability inspections and consulting beyond simple service provision to user organizations and customers in the future, and build a differentiated business model for implementing a secure integrated authentication service.”
You must be logged in to post a comment.