"Low Risk of Hacked USIMs Being Used for Financial Transactions"
Proactive Monitoring Enhanced... Additional Authentication Such as Facial Recognition Expanded
Surge in Safe Block Service Sign-Ups... Tenfold Increase in a Single Day
As concerns among financial consumers grow following the USIM hacking incident at SK Telecom, the financial sector has taken preemptive action. While the industry believes that the likelihood of identity theft account openings or illegal loans occurring solely through USIM cloning is low, banks are strengthening authentication procedures and monitoring to prepare for any unforeseen circumstances. Applications for the "Safe Block" service offered by banks have also surged more than tenfold in a single day as customers rush to sign up.
As of April 30, according to the financial sector, there have been no reported cases of financial damage at the five major commercial banks (KB Kookmin, Shinhan, Hana, Woori, and NH Nonghyup) related to the USIM hacking incident.
The industry believes that with only the leaked information, it is impossible to log in to mobile apps, change information, or conduct financial transactions. This is because USIMs do not store bank account numbers or passwords, and additional authentication steps are required beyond telecom company verification during various authentication processes.
For example, at Nonghyup Bank, when a customer installs a mobile app on a new phone, the bank verifies the account password in addition to telecom authentication. When a non-transactional customer opens an account, a facial recognition authentication method is also used. A representative from the Financial Security Institute explained, "SIM swapping, which involves USIM cloning followed by device change, is possible, but since additional authentication such as a password is required for financial transactions after the device change, fraudulent transactions are difficult to carry out with USIM cloning alone."
However, banks have proactively strengthened monitoring and expanded additional authentication measures to prepare for any potential financial damage. The introduction of facial recognition procedures is a representative example. KB Kookmin Bank now requires SK Telecom customers to undergo facial recognition when issuing certificates or opening non-face-to-face accounts. Shinhan Bank has enhanced its verification process by switching from the existing ARS method to mobile facial recognition when customers attempt financial transactions using a different mobile device. Hana Bank also introduced additional authentication procedures, including facial recognition, for SK Telecom customers opening non-face-to-face accounts starting the previous day. Woori Bank has already required customers to reissue certificates through facial recognition when conducting financial transactions from a different mobile phone. NH Nonghyup Bank is considering expanding the use of facial recognition authentication.
Monitoring through the Fraud Detection System (FDS) has also been strengthened to continuously monitor for suspicious transactions. Hana Bank has upgraded its monitoring system scenarios to detect abnormal financial transactions involving mobile device changes and SK Telecom users. Kookmin Bank is preparing a task force (TF) to activate an emergency response system in the event of a personal information leak. Woori Bank has also raised its cyber security threat response level and enhanced security monitoring.
Reflecting the anxiety of financial consumers, applications for the "Safe Block" services provided by banks are rapidly increasing. Shinhan Bank's non-face-to-face account opening Safe Block service jumped from around 300 applications on April 21-22 to 656 on April 23, after the USIM hacking incident became public, doubling in a single day. The number further surged to 1,263 on April 25, 5,931 on April 26, and 40,784 on April 28. The loan transaction Safe Block service, introduced in August last year, also increased from a daily average of 284 applications by the end of March to 957 on April 25, 4,653 on April 26, and 48,495 on April 28. The other four major banks also saw a sharp increase in applications starting April 28.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
