TuringSign Enhances Mobile Banking in Korea

Leveraging FIDO to enhance security and user experience

Kookmin Bank Leverages TuringSign FIDO to Provide Easy Biometric Authentication to Its Customers

JANUARY 28, 2019


Grow arrows icon.

Growing Need for
Mobile Authentication


Fingerprint protect secure icon.

Biometric Authentication


Lowest price commerce shopping tag icon.

Higher Security, Better
Experience, Lower Cost

There is a growing need these days for easy mobile-based authentication services in various industries such as finance, public, insurance, and education. TuringSign FIDO® produced by Turing Crypto Gmbh (Berlin, Germany) and CrossCert Inc. (Seoul, South Korea), helps to meet this demand by providing a FIDO-based biometric authentication service. Additionally, TuringSign FIDO® provides an acсredited certificate service that leverage FIDO technology (K-FIDO) for user-friendly digital signing in Korea.


Challenge items.

There are 65 million subscribers who use mobile banking services in Korea- most of whom use password-based authentication. In addition, there are 37 million people who have been issued accredited certificates in Korea. For account transfers, subscribers generate digital signatures of transaction through an accredited certificate and verify it in their bank for user authentication, integrity and non-repudiation.

Like many consumers around the world, Korean mobile banking subscribers who have to remember their unique password feel uncomfortable for many reasons. Firstly, inputting a password in mobile device is very difficult and time consuming. Secondly, passwords are highly susceptibile to theft and misuse such as for account hijacking. Lastly, many Koreans feel uncomfortable using passwords when they use an accredited certificate based on National PKI(NPK) for digital signing.

Hence, many banks in Korea have sought to implement easy and secure user authentication technology in their online mobile banking service for subscribers, with biometric authentication approaches being a preferred model. However, many banks have hesitated to implement biometric autentication systems that rely upon server-side storage and matching of biometric templates as they present a risk to subscribers of having biometric credentials stolen – which unlike passwords cannot be changed.

Solution: KB Bank Case Study

Solution items.

Kookmin Bank (or KB) is Korea’s leading bank in total assets (2018) and National Customer Satisfaction Index (NCSI) (2017). KB has provided a mobile banking service named ‘KBStar Banking’ which supports a variety of authentication mechanisms, but almost all of the subscribers have used password-based authentication and accredited certification in NPKI. Accredited certification is commonly used for digital signing for account transfer and loan applications.


Kookmin Bank has been seeking simpler, stronger authentication for their mobile service due to the fact that many subscribers have expressed displeasure and discomfort with the password-based approach. KB has also needed a solution for accredited certification in NPKI that does not require passwords for funds transfer, loan applications or similar services.


In November of 2016, TuringSign implemented TuringSign FIDO® FIDO client and authenticator which supports fingerprint, iris and voice biometric authentication in the KBStar mobile banking app. TuringSign FIDO® server in CrossCert’s global secure datacenter has passed ISMS and Web Trust Audit, and it has connected and operated a relying server in Kookmin Bank.


KB and TuringSign have also provided subscribers with K-FIDO based authentication and digital signing – which eliminates the need for passwords for loan apllications, account transfer and similar services. The result is that subscribers no longer need to remember and input a password.

The Result

Case study

There are now approximately 3.5 million subscribers who are leveraging simpler, stronger FIDO-based authentication across various KBStar mobile banking apps (KBStar banking, KBStar Mini, Liiv, KB Real Estate, KBStar alarm, KB my money, Liiv TTok TTok). In total there are 16 million FIDO transactions per month and there have been over 260 million total FIDO transactions since the launch of services (as of October 2018).

Many Korean banks including KB have implemented FIDO authentication in their mobile banking apps to provide their subscribers with stronger and more user-friendly authentication. The positive user experiences in banking have set the stage of similar adoption in other industries e.g., insurance, education and government services.

Link to the official case study: FIDO Alliance – Kookmin Bank Leverages TuringSign FIDO to provide easy biometric authentication to its customers.

Note: The official case study was published with the old brand name.

Leap into the Future of
Digitalization with TuringSign FIDO

Get in touch with a TuringSign FIDO security expert to secure your online – and mobile applications

Book an Appointment

Ready to go Passwordless?

Do you want to learn more about TuringSign FIDO? Leave your details and a dedicated partner manager will get in touch with you today.

[contact-form-7 id="6"]
Want to Contact Us Directly?

Contact us at [email protected]

    Your Cart
    Your cart is empty

    Join the Waitlist

    Next Steps

    1. Validate Domain (Authenticate domain depending on which method you choose)

    Check the email that has been sent to you. To confirm the domain ownership rights for your certificate, you need to copy the validation code from the approval email, follow the link in it and paste the validation code into the corresponding field.

    From the email, please click the link to the verification page, Once in the verification page, please enter the code provided in the email for verification.

    That’s it!

    After you have completed verification, a confirmation email will be sent to you. And shortly after, an issue confirmation will be sent to you via email. You can follow the link to the portal to download your newly issued certificate.

    If you have followed the steps above and did not receive an approval email to your mailbox, please click the link to the portal and double check your validation method or contact us for help. 

    Another way of verifying a domain is DNS (TXT record) Verification. If you selected DNS Authentication as your verification method, you will receive a unique TXT record via email consisting of two parts:

    • 1. Name: Name/Host/Alias/TXT: Blank or @
    • 2. Value/Points to/Destination:”wisekey=XXXXXXX”
    • TTL: This is your TTL (Time-To-Live) value. Set it to 3600 or lower.

    Verify by adding a TXT record in your DNS. Please verify and check if you have added the correct record

    Please submit a requestfor support if you face any issues.

    Depending on your DNS provider, You may have to wait for at least an hour for the changes to take effect in the DNS Servers. You will be notified via email when the domain is verified.

    The third method of verifying a domain is HTTP File Upload Verification. After choosing File Authentication as your verification method, you will receive an email and be asked to download a unique verification file (Format: .txt) and upload it to a specific directory on your web server.

    Verify by uploading the attached file fileauth.txt in your web server as follows:

    • 1. Download the text file fileauth.txt (attached with the email).
    • 2. Upload the above file (fileauth.txt) to your host in this EXACT path: http://my-domain.com/.well-known/pki-validation/fileauth.txt

    You may have to wait for at least an hour for the changes to take effect in the validation services. You will be notified via email when the domain is verified.

    Please submit a request for support if you face any issues.

    2. Receive Confirmation (After validation an email will be sent with a link to certificate)

    3. Download certificate and upload to hosting

    Notice: After generating a CSR,
    1. Copy the Private KEY and keep this to yourself for reference.
    2. Copy only the CSR above and use(paste)
    in to request your TS Certificate.
    3. Click the top left button to close.