Presentation is loading. Please wait.

Presentation is loading. Please wait.

Government Payment Gateway - Korean PG for e-Government Case Study 2007. 5. 24 Chang-Kang Seol ISGEG.

Similar presentations


Presentation on theme: "Government Payment Gateway - Korean PG for e-Government Case Study 2007. 5. 24 Chang-Kang Seol ISGEG."— Presentation transcript:

1 Government Payment Gateway - Korean PG for e-Government Case Study 2007. 5. 24 Chang-Kang Seol ISGEG

2 Index 1.Background of e-Commerce market 2.Key Issues 3.PG (“BankPay”) service for e-Gov in Korea Briefs on BankPay Operational Feature Technical Feature Security Customer Protection 4.Conclusion

3 Background of e-Commerce market in Korea - Historical background 1.Market Needs for e-Payment, security technology from internet shopping mall in late 1990’s 2.Starting the online bank transfer of Dacom (private co) through X.25 in 1997 3.Establishing PG (“Bankpay”) for the safe public e-Payment in 2000 4.Resulting in growth of e-Commerce in 2000’s Payment Gateway Security Multi e-Payment Solutions Stability & Easiness Internet Shopping Mall, CPs etc. Sales Increase Stable Operation of Shop Cost Effective- ness Growth of e-Commerce + Legal & policy support (Korean Government Support)

4 - Market background 1.Continuous growth of e-Commerce market 2.About 100 in 2002 then now about 50 PG companies with 5 majors of which M/S is over 80% - Inisys, Cyber Payment, Dacom, KCC, Bankpay 3.Competitive market 4.Trend for Users to move into major PGs based on security and low costs ▣ Trend of e-Commerce Transaction (Unit : USD Mil) * Source : Korea National Statistical Office

5 * Source : Bank of Korea “Trend of Payment System” 2005. 4. Electronic based PaymentPaper based Payment ▣ Trend of e-Payment System (Electronic based payment) Movement from paper based payment into electronic based payment * Electronic based payment : payment through data transfer using ICT infra [No. of transaction][Amount]

6 - Legal background for e-Commerce Purpose To define off-line financial transaction To regulate legal relation in Off-Line Financial Transaction Feature (2002.3) To position PG as a legal entity To define regulation on PG To secure On-Line credit card transaction Specialized Credit Financial Business Act Purpose To create institutional basis for customer protection To secure stable transaction for e-Commerce Feature To establish protection device from consumer damage To introduce insurance to protect consumer damage form e- Commerce e-Commerce Consumer Protection Act Purpose To grant Financial Supervisory Service to supervise PG To regulate security Feature To supervise PG To regulate PG for its sound transaction To oblige PG to secure information Regulation for Supervision on Banking Institutions Purpose To define the electric financial transaction To regulate legal relation in FET Feature Enforcing Biz registration on PG To set up the clear legal structure To secure customer using EFT To regulate & supervise healthy development of EFT Electronic Finance Transaction Act 1997.8 2002.32000.12 2006.1

7 Key Issues in Korea - Protection from customer damage (Identification/Reparation) ▣ Legal Risk - Who will identify the faults and take the responsibility of reparation from the damage ▣ Operational Risk - Network hacking, system down ▣ Settlement Risk - Bankrupt - Operational Issue ▣ Operation by Government ▣ Operation by Private Companies - Security Standard Issue ▣ Network Security Encryption Technology Symmetric or Asymmetric Algorism (Public Key Algorism) Message Digest (Hash Function) / Electrical Signature (Private Key) SSL (Secure Socket Layer) / SET (Secure Electronic Transaction) Authentication by third party ▣ Host System Security Firewall Intrusion Detection System

8 BankPay (PG of Korean Government) Service Area e-Payment Method Feature Service for Payment Gateway to government organizations & private commercial operators - Credit Card, Bank Fund Transfer & K-Cash Featured by Most Banks’ Participation, Real Time Transaction & Low Cost Service for most of public organization as e-Procurement, Land Titling, G4C etc. and for commercial entities as on-line shop, internet auction, tuition fee etc. Establishment Founded by Korea Financial Telecommunications & Clearings Institute (KFTCI), incorporated association chaired by the Bank of Korea established in 2000 Sales Increase 20012002200320042005 Sales45275109230 (Unit : U$ Mil) * Source from KFTC 2006

9 Bank Association Operational Structure KFTC (Incorporated Association) CMS / Giro EDI BankPay (PG) Bank B2B Card VAN K-Cash UBI (Mobile Pay) CD N/W IFT N/W HOFINET K-Cash N/W Bank Line Check Clearing Paper Giro Electric Giro Internet Giro Bank of Korea (Chair) Regular Member (12 Banks) Associate Member (10 Banks) Financial Supervisory Service : Inter Bank Fund Transfer : Inter Bank Home/Firm Banking System Governing Regulating Founded by Korea Financial Telecommunications & Clearings Institute (KFTCI), incorporated association chaired by BOK supervised by FSS (Financial Supervisory Service)

10 Services Administration N/WFinance N/WEducation N/WDefense N/WPolice N/WLogistics N/W Citizens National Assembly Minutes Publishing Sys Internet e-Gov portal / Kiosks Legislative Information System Inter-government Intranet: Inter-agency collaboration e-Library: Library of National Assembly National Assembly Session Broadcasting System Assembly Information / Material Communication National Assembly Operations Support Sys Government / Agency Office Telephony Contact (Voice/Fax/…) Business Civil/Criminal Trial Procedure System Court Knowledge Management System Legislative Information System Electronic Filing System Standard Human Resources System National Finance Information System Integrated Information Infrastructure Vendors/Suppliers Intelligent Transportation System E-Document Shared Information of Local Government 911 / Police Support System Election Process Automation Cadastre Management Information System Land Registration and Information System Court Session/Decision/Patent/ Auction Information Sys Integrated System for Social Insurances e-Healthcare: Hospital Information System National / Home Tax Service e-Citizen / Registration & ID (Family/Employment/...) u-Logistics Postal Service e-Education: Magic School and Campus e-Customs and e-Clearance System e-Procurement Vehicle and Driver License Service System Automatic Fare Collection System Immigration Control System Services requiring payment solution ► ► ► ► ► ► ►► ► ► ► ► ► ► - e-Government Framework (Single window for e-Payment)

11 IT Infra DB Service Public Internet Center Passport & Immigration Control 95.12 Business Registration 91.3 Vehicle Registration / Driver License 90.3 Real Estate Management Information Sys 91.2 e-Citizen / NID (Family/ Employment) 91.1 e-Learning Sys 99.9 e-Gov Portal & Kiosks 02.10 e-Custom e-Clearance Sys 90.4 e-Procurement Sys 02.9 Integrated Social Insurance Sys 02.10 e-Tax (National/Home Tax Service) 00.11 Public Admin & Education N/W Provision PC & ICT Use Education Groupware (e-mail/ e-document) e-Gov EA Planning 9187 ~ BankPay (PG) 00.12 Finance N/W 89.12 Establishment Established in year 2000 for the Public e-payment system in to comply with the market needs due to the rapid growth of the e-Commerce (internet shopping mall) in late 1990’s

12 Position in e-Payment Market in Korea Networ k e-Cash Bank Transfe r Credit Card e-Cash Traffic Card MobileInternet Telephone Line(X.25) Terminal / Kiosk Mobile PG PG VANTraffic PG Infohurb Mobilians Ubi Bankpay Dacom Inisys, KCP Etc. KICC NICE KS-NET Etc. Intec C&C MYBI Telecom Companies Financial N/W Co. e-Cash Co. Transport Companies Banks / Card Companies Electronic Payment Network Service Provider Relevant Co. Financial Institutes Prepaid Card SK / KTF / LGTransport Co.

13 e-Procurement Online appeal Content Shopping mall Optimized Solution Stable & convenient Internet Payment Service Suitable/ flexible payment module to user platform User Interface Payment service secured on the basis of PKI Security Credit Card Bank Transfer K-Cash Payment Method Payment Method Challenges of BankPay

14 System Management NMS SMS Security Firewall IDS Main Server Payment Gateway Backup Internet DB PG Solution e-Payment Call Center (CTI) - Technical Components Technical Feature

15 - Technical Architecture BankPayP/G e-Gov Portal / Web Server Wallet HTML Form Cust omer INTERNET (OpenNetwork) Web server (eGov) TX server P/G server CCIS CMS CARD BANK Internet(TCP/IP) (H/W, S/W) (S/W) (N/W) Technical Feature

16 - Service related program Payment Process TX Server Payment Request Communication program between PG with Users Encrypting Payment Information with e-Signature using Authentication Certificate issued by Certification Agency (“Yessign”) Providing the most appropriate TX Server in compliance with User platform Page for Customer to request for payment for products or services Ex) Ordering page of shopping mall Transfer payment request which is compiled by the Service (Windows NT) or Java Class (Unix) to PG DB storage after payment processed by PG Notice final payment result from PG to User with ASP/JSP/CGI Etc. Wallet Payment module on Active-X Control Installation on Customer’s PC downloaded from BankPay Server Encrypting Payment Information with e-Signature Client’s Request to start User’s payment process for payment Payment Cancellation Request Cancellation Request for cancellation to PG Transfer cancellation request which is compiled by the Service (Windows NT) or Java Class (Unix) to PG DB storage after cancellation processed by PG Notice final cancellation result from PG to User with ASP/JSP/CGI Etc. Technical Feature

17 CustomerBankPaye-Gov - Sequence Diagram Wallet (Customer PC) Payment Process TX Server PG Server Payment Request Customer ① Click payment button ② Activating Wallet Software ③ PW / Payment Information ④ Request for Payment ⑥ Encrypting Payment Information (e-Signature) ⑤ Compiling Payment Information ⑦ Result for Payment ⑧ Log storage / Payment Result DB ⑨ Notice Payment Result ⑨ Notice Payment Result Technical Feature

18 Electronic signature using PKI Technique Accredited certificate is a certificate issued by YESSIGN, an accredited certification authority pursuant to "Electronic signature Act“. Certificate has a series of data which include Subscriber's Electronic signature verification data, Serial numbers, Subscriber's name and the term of validity etc. Security

19 - Certificate Agency _ Korea Information Security Agency Below that, there're 6 accredited certification authorities : Korea Financial Telecommunications & Clearings Institute, Koscom Inc., KTNET, National Computerization Agency, Korea Electronic Certificate Authority, Korea Information Certificate Authority Inc. Security

20 Contents No. of FaultAmount (thousand U$) ‘02‘03‘04‘05.7 Tota l ‘02‘03‘04‘05.7Total Bank Internet Banking1-12471-368142 Tele banking-15814-10162262434 Card Forgery ㆍ Reproduction 466-164526626-544 Program Default-18210 0000 Credit Card Card Forgery ㆍ Reproduction -1--1 184-- Program Default-1--1-0--0 Total5102010465232601913301,304 Source : 2005 Inspection of Administration ▣ Financial Troubles in e-Payment in Korea - Protection from customer damage Identification Reparation Customer Protection

21 Principle of liability without fault (Personal user) Principle of liability with fault (Corporate user) Simple negligence rule Contributory negligence rule Comparative negligence rule Liability of identification NoSufferer or harmerPerson himself3 rd Party(Court) Liability of reparation Sufferer’s counter part Harmer Harmer subject to sufferer’s fullness of its obligation Balancing ▣ Liability of reparation and identification of responsibility - Electronic Finance Transaction Act (2006) - Apply the principle of liability without fault to personal users and the principle of liability with fault to companies ▣ Main contents of Electronic Finance Transaction Act (2006) Stability - Responsibility for financial institutes to compensate the user with the damage arising from forgery/reproduction, fault in data transmission and process - Regulated and supervised by Financial Supervisory Committee and provision of the standard for PKI (Clause 20) ­ Mandatory storage of transaction records for 5 years (Clause 21) ­ Limitation of credit (Clause 22) Consumer Protection ­ Damage after notice to loss and theft shall be borne by financial institutes (Clause 9) ­ Protection on user information (Clause 25) ­ Arbitration Clause (Clause 26) Supervision - GAAP & financial standard (capital structure / asset management / liquidity )(Clause 41)

22 One window Legal & policy Support KFS for PG for public service Technical Support Effectiveness Multi e-Payment solutions Cost & Time Effectiveness Legal & Policy Customer Protection e-Payment Promotion ICT Easy Access (N/W expansion) Standard Application (Security) Conclusion 1.Customer Protection backed by Government’s legal & policy support - Electronic Finance Transaction Act - Promotion e-payment by way of deduction of Tax 2.One window PG for most of the public e-Payment - Cost, time effectiveness 3.Technical Support - Standard technical architecture - Easy access (ICT infrastructure)


Download ppt "Government Payment Gateway - Korean PG for e-Government Case Study 2007. 5. 24 Chang-Kang Seol ISGEG."

Similar presentations


Ads by Google