중앙데일리

Internet users tangled up in the ActiveX web

[NEWS IN FOCUS] ‘The discussion over whether using ActiveX is proper is underway.’
MS도 안 쓰는 보안 시스템 … 외국 가면 은행 업무도 못 봐

Mar 16,2010
Most people who have attempted to pay a bill, transfer money between accounts or purchase concert tickets online in Korea have likely had to download a number of security programs before completing their transactions.

These programs are often grouped together in something called ActiveX, which is a framework for defining reusable software components that perform a variety of functions in Web browsers and helps ensure that hackers can’t access private information. Users often are greeted with a pop-up panel that asks them to “install ActiveX controls” by clicking a link before continuing.

ActiveX is primarily used as a security precaution, and aside from the online banking world is commonly used for various Internet transactions and to access everything from games to music clips. ActiveX works specifically with Internet Explorer, which the lion’s share of Koreans use to surf the Web.

But some observers consider it quite costly, saying that Internet users waste an untold amount of time downloading these programs, which in turn saps productivity.

It can take around five to 10 minutes to install all the programs that are needed for a user to access a certain Web page or complete an online transaction at a banking or shopping site for the first time. At the same time, banks and card companies often require users to download different versions of security programs when accessing their Web pages.

If a program is installed once a year on 10 million PCs in Korea, for instance, that can amount to 1 million hours of lost time, assuming an average installation time of 10 minutes. Since Korea’s minimum wage is 4,000 won ($3.52), annual losses would total around 4 billion won in that scenario.

Another problem is cropping up with smartphones, high-tech devices that offer portable Internet, mobile phone services and other features.

The number of smartphone users in Korea neared 1 million at the end of last year, with Apple’s iPhone and Samsung’s Omnia 2 gaining popularity. However, smartphone users are having trouble whenever they try to use mobile banking services or shopping sites, since the browsers designed for smartphones are not equipped to handle ActiveX.

With the installment of ActiveX emerging as a problem domestically, experts are proposing alternatives. A team headed by researcher Kim Hyung-sik at Cambridge University recently released a study saying Korea’s Internet banking industry should allow users to choose whether to install the programs.

Local officials are looking into the issue as well.

“The discussion over whether using ActiveX is proper is underway at the Financial Supervisory Service as we look to resolve the problem of restricting electronic transactions on smartphones,” Choi Si-joong, chairman of the Korea Communications Commission, said on Feb. 22 in the National Assembly.

In some foreign countries it’s much easier to perform electronic transactions. The Web site of HSBC bank in Britain, for instance, doesn’t require users to install security programs or store digital certificates in their PCs. Users can simply punch in their 12-digit ID codes. 

But the trade-offs could be worse if security is breached, some say. “Would hackers just sit there and watch local Internet banking transactions if it were easy to decode passwords or hack into servers?” said a former hacker who asked to remain anonymous.


By Kim Chang-woo [jyj222@joongang.co.kr]
Related Korean Article

액티브X가 죽어야 ‘IT 코리아’가 산다


통신 부품을 개발하는 엔지니어인 임형준씨는 지난해 말 미국 캘리포니아 출장길에서 낭패를 당했다. 깜박하고 못 낸 공과금을 내기 위해 노트북으로 온라인 뱅킹을 시도했다. 30여 분간 보안 프로그램을 설치하느라 진땀을 뺐으나 실패했다. 암호 입력 단계에서 몇 차례 브라우저가 멈춰 버리더니 끝내는 노트북이 먹통이 됐다. 부랴부랴 지사 사무실의 PC로 다시 접속했지만 ‘비밀번호 3회 오류로 계정이 잠겼다’는 안내문만 나왔다. 일주일 후 귀국해 은행에 가서야 동결된 계좌를 풀 수 있었다. 그는 “이번에는 연체 과태료 몇만 원 내는 정도의 손해에 그쳤지만 거래처 대금 이체라도 막혔으면 어쩔 뻔 했는지 아찔하다”고 말했다.

1990년대 일본 정보기술(IT) 업체들은 국내 시장에만 맞춘 제품을 고집한 결과 세계 시장에서 고립됐다. 이를 두고 업계에선 ‘갈라파고스 일본’이라고 비아냥거렸다. 남태평양에 자리 잡은 갈라파고스 섬이 대륙과 동떨어져 별도의 생태계가 만들어졌던 것에 빗댄 얘기다. 최근엔 한국의 온라인 시장이 갈라파고스화되고 있다는 비판이 나온다. 문제의 핵심에 액티브X가 있다.


  • 한글 기사 보기



    dictionary dictionary | 프린트 메일로보내기 내블로그에 저장