Wednesday, November 19, 2014

Persistent, excessive regulation: mobile payment problems and Active-X

I've repeatedly noted my astonishment that financial and e-commerce institutions in Korea continue to use Microsoft's Active-X controls, years after Microsoft itself issued public warnings about the dangers of using such controls.  Today The Chosun Ilbo carried an article entitled "Apple pay shows up clunky mobile payment in Korea."  The article notes that "Apple Pay is simple to use by placing a finger on the home button after registering the owner's fingerprint and checking out at the register. There are no spending limits.But in Korea, mobile payment is as usual more complicated. With LG Uplus' Paynow service, users have to go through a five-step process to buy a product at an off-line store. They need to install and run the app on their smartphone, enter a password, choose the type of settlement and show the cashier the bar code that appears on the smart device. On the surface, Bank Wallet Kakao by Daum Kakao is as simple as Apple Pay. But the service is prepaid, which would seem to defeat the object, and users need to sign up via a personal computer in advance. The reason is that it requires a security program like ActiveX, a buggy and antiquated Microsoft program that for some reason still holds sway here, to verify users' ID."
As the article goes on to note, the inescapable conclusion is that excessive regulations are responsible for this situation. "The Financial Supervisory Service and Financial Services Commission are worried about security. One program developer said, "Even the most innovative ideas end up getting axed or modified beyond recognition after they go through the FSS's screening process. Financial authorities are virtually blocking fresh endeavors." But an FSS official rejected the blame, "We are trying to minimize security risks in order to prevent illegal use, leakage of personal financial information and identity theft." The official admitted that the FSS checks a whopping 55 criteria."
The accompanying graphic is a screen capture from Microsoft's web site. (click to see a full size version)  Note the advice given in the last sentence on the graphic. "Here's a good rule to follow: If an ActiveX control is not essential to your computer activity, avoid installing it." When will Korea remedy this situation?

No comments:

Post a Comment