MyData Implementation Approaching in August
Only Authorized Certificate Issuers Allowed
Industry Protests "Grant Exclusive Status"
[Asia Economy Reporter Kiho Sung] The government is facing controversy after deciding to allow only the ‘Joint Certificate (formerly Public Certificate)’ as the unified authentication method for the MyData service, which will be implemented starting this August. Although the mandatory use of the Public Certificate has been abolished, consumers who want to use the MyData service may face inconvenience as they will have to reissue the old certificate. Critics argue that this goes against the purpose of MyData, an innovative financial service that gathers scattered personal credit information in one place to provide customized credit and asset management services.
According to the financial sector on the 13th, the Financial Services Commission and the Korea Communications Commission recently agreed through inter-agency consultations to allow only the Joint Certificate as the unified authentication method for MyData. Currently, financial authorities are building the MyData unified authentication system. Before MyData is implemented in August, the unified authentication requires designation as an identity verification agency by the government to collect users’ resident registration numbers and provide alternative authentication methods to information and communication service providers.
The problem is that, so far, only existing Public Certificate issuers such as the Korea Financial Telecommunications & Clearings Institute, Koscom, and Korea Information Certificate Authority hold the authentication status for the MyData service. Previously, mobile carriers (Pass app, SMS authentication) and card companies (card authentication), designated as identity verification agencies by the government, were legally interpreted as not having the authority to issue unified certificates because their identity verification services are not certificate-based.
A Financial Security Institute official said, “Due to the Korea Communications Commission’s process, inter-agency consultations concluded that unified authentication can only be done through the Joint Certificate,” adding, “This does not mean excluding other private authentication providers; they will be able to use it sequentially.” Accordingly, only existing Public Certificate issuers such as the Korea Financial Telecommunications & Clearings Institute, Koscom, and Korea Information Certificate Authority have the authentication status for the MyData service.
Consumer Inconvenience Inevitable... Fintech Industry Faces Setbacks in MyData Business
The issue lies in the significant infringement on consumer convenience. If consumers want to use the MyData service but their existing Public Certificate has expired or been discarded, they must go through the inconvenience of reissuing the certificate and copying it from their bank application to transfer it to the MyData service provider’s app. This raises concerns that the purpose of the MyData project?to promote financial innovation and enhance consumer convenience?will be undermined.
Companies preparing for the MyData service, such as Toss, Naver, and Kakao, applied for Korea Communications Commission review to obtain ‘identity verification agency’ status but were deemed ineligible in March. These companies are preparing to reapply, but the Korea Communications Commission has not yet set a schedule for reexamination. Since the review process is expected to take more than three months, if the reexamination starts late, it is unlikely they will meet the August implementation deadline.
The fintech industry is protesting, saying that granting a monopolistic status again to the Public Certificate, whose mandatory use was abolished after 21 years, is problematic. In fact, after the Electronic Signature Act amendment passed last year, removing the Public Certificate’s monopoly, Kakao and the three mobile carriers’ Pass certificates were used for year-end tax settlements for the first time this year.
A fintech industry insider said, “It is frustrating that there is no news about the additional review schedule,” expressing concern that “the MyData service requires a first-mover advantage, so falling behind in the financial innovation race is a risk.”
Meanwhile, financial authorities will hold a standard specification briefing session for MyData service providers on the 15th. Currently, the financial authorities and the Financial Security Institute are building the MyData unified authentication system.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
