콘텐츠 바로가기
로그인
컨텐츠

Category Open

Resources

tutorial

Collection of research papers and materials on development issues

home

Resources
Economy Trade
Industry and Technology IT
Industry and Technology Science/Technology

Print

Recent changes in the regulatory landscatpe for E-Commerce in South Korea

Related Document
Frame of Image
  • Recent changes in the regulatory landscatpe for E-Commerce in South Korea
  • Kim,Keechang
  • The Legal Research Institute of Korea University


link
Title Recent changes in the regulatory landscatpe for E-Commerce in South Korea
Similar Titles
Material Type Articles
Author(English)

Kim,Keechang

Publisher

Seoul,South Korea : The Legal Research Institute of Korea University

Date 2015
Journal Title; Vol./Issue The Asian Business Lawyer:vol.16
Pages 18
Subject Country South Korea(Asia and Pacific)
Language English
File Type Link
Subject Economy < Trade
Industry and Technology < IT
Industry and Technology < Science/Technology
Holding The Legal Research Institute of Korea University
License

Abstract

South Korea was in the fore-front of the encryption technology in the late 90’s. South Korea’s enactment of Electronic Signature Act (“ESA”) in 1999 was among the earliest legislative recognitions of the validity of electronic signature. However, the South Korean ESA purported to set up a ‘national’ PKI trust chain which depended on the governmental authority. It was and is an anachronism in the context of the Internet, where the question of trust does not depend on any particular government’s authority. South Korean national root CA moreover insists on non-standard technical specs for the client certificates issued by the National PKI (“NPKI”) service providers. As a result, service providers must acquire and deploy (and users have to install) proprietary plugin software to use the NPKI digital certificate. This posed serious security risks as the users accumulate the dangerous habit of clicking “OK” to install the additional plugin software (especially for sensitive transactions). To complicate the matter even further, the Financial Supervisory Service (which has the regulatory power over banks and credit card companies) began in September 2002 to require that all online financial transactions must be secured with NPKI digital certificate. Ever since, the South Korean market was closed to newer and more sophisticated authentication technology. Development of online transaction security technology stalled. Massive scale data breach affecting tens of millions of users took place rather frequently.