Korean banks starting cross-browser services

Just a quick note to those who are interested in a status update from Korea. Kim Tong-hyung writes in the Korea Times that a number of major Korean banks are moving towards e-banking systems that will be cross-browser compatible vs. what is available today, which is IE.

The short story is that online banking with Firefox or Chrome is still a long-way off, but we can now foresee such a future, whereas before the changes by the Korea Communication Commission (KCC), such a future was impossible to consider.

“There have been complaints from computer users with non-IE browsers and our goal is to provide our Internet banking services to those with any browser,’’ said an IBK [Industrial Bank of Korea] official.

Existing local regulations require all encrypted online communications to be based on electronic signatures that are enabled through public-key infrastructures. And since the fall of Netscape in the early 2000s, Microsoft’s Active-X technology, used on its Internet Explorer (IE) Web browsers, remains the only plug-in tool used to download public-key certificates onto computers.

This prevented users of non-Microsoft browsers such as Firefox and Chrome from banking and purchasing products online. And computer security experts have also claimed that public-key certificates don’t add anything to security beyond a simple password gateway, which make them worse than useless as they create the illusion of safety where there is none.

and

Pressured by the calls to provide more flexibility in Internet security technologies, the Korea Communication Commission (KCC) announced it would allow other verification methods besides public-key certificates for protecting encrypted communication, which motivated companies like Woori Bank to differentiate.

Woori Bank’s new Internet banking system appears to be well-received, with the bank garnering 40,000 new customers just a month into the changes. And with a variety of banks, including IBK, Shinhan, Kookmin and SC First Bank, already providing non-Microsoft online banking services for smartphones, the transition toward an open Internet banking structure appears to be gaining pace.

Online banking wiggles out of Microsoft chokehold (The Korea Times)

3 Responses to Korean banks starting cross-browser services

  1. This is a very promising news for Korean users! And probably a future increase of Firefox users in Korea.

  2. Brian Behlendorf

    This is good news, but it seems a bit off; there’s no issue with client-side certs in these other browsers. The problem was that officials mandated the use of ActiveX-based certificates – a Microsoft-only technology (effectively). Unless I have it wrong? Or is “ActiveX client certs” so hardwired in the Korean peninsula that it’s best just to give up, and pursue secure comms in other ways?

  3. Brian, you have it right. Korea mandated a system that required the Active-X plugin. That requirement is now dropped but it is unclear exactly what the alternative options are so there is some confusion at this time (detailed in the Korea Times piece.)

    I expect the alternative options to become clear, but user education will take many, many years. What was a technical and de jure monopoly is now not, but getting to a place where all browsers can effectively compete naturally is years away, I’m afraid.