IT_tip250t012826 4MB
IT_tip250t012826 4MB

Milipass

Milipass’s MyData Authentication service for the Republic of Korea Army HQ

MILIPASS

‘Milipass’ is Korea's first military data collection & management platform for the Army headquarters and active-duty soldiers. This platform started as a part of ‘MyData Service Project for Public Experience’ supported by the Army HQ, the Ministry of Science and ICT, and the Korea Data Agency. Soldiers who are on active duty or have been discharged from the military service and their family members can download this pass to their mobile wallet and use it for identification, authentication, and payment purposes. The goal of the project is to utilise the high-quality military data obtained from more than 250,000 new soldiers every year and help them with self-development, employment, finance as well as quarantine management during the COVID-pandemic.

 

Challenge

Milipass was launched to resolve the inconvenience of using personal data, separately generated from different sources throughout the military service, such as military service record, finance, access, and quarantine data of the active-duty soldiers, addressing the importance of managing the data of both active-duty soldiers and professional soldiers altogether through one MyData platform for efficient business process. However, an easy access of data increased the risk of leakage of personal information and the confidential military information, and a stronger security authentication technology was in need accordingly. In addition, most of the military units were based in rural areas with limited communication signals. Therefore, a technology that could identify and authenticate an individual even in off-the-network environment but at the same time generate a variety of personal information in the form of a dynamic authentication code with zero redundancy was also required.

 

The solution

The authentication of Milipass was designed with Fast Identity Online (FIDO) and One-Time Authentication Code (OTAC). In addition, three layers of security systems including data encryption, access control, and smartphone security were added to protect personal information used in military service, finance, access, and quarantine management.

OTAC technology has been embedded in the access management system of Milipass. As all soldiers have been officially allowed to use their mobile phones since 2019 to control Covid-19 more efficiently, they can easily generate their personal access code in the form of an OTAC by simply using the Near Field Communication (NFC) function on the smartphone. Once the OTAC has been generated, the access control system can immediately verify the code. Further, the OTAC QR code displayed on the Milipass app on each user’s smartphones is used for access control for military facilities as well as recording data on the entry and exit to the facilities.

[JPG] Case Study_Milipass 1 Weak and predictable passwords

OTAC technology has also been applied to ID cards and passes in the form of a QR code for identification and access verification. Users can simply scan a QR code with camera or barcode scanner but may also use a SMS-delivered code if there is no device to read a QR code. Or, in the case that the access control device includes an NFC reader, the NFC function on the mobile phone can easily verify OTAC code.

[JPG] Case Study_Milipass 2 Weak and predictable passwords

Expected outcomes

OTAC can help establish a non-face-to-face access control system to improve safety in the prevention of COVID-19 pandemic. To use OTAC-embedded-QR code entry logs, users simply answer a questionnaire on their mobiles and scan the generated OTAC QR code for each entrance gate. With enhanced user experience, this system is suitable for military units with a large number of soldiers.

Also, given that many military facilities often experience failure to send a code from the server to a mobile phone due to an unstable network connection, OTAC can provide a safer yet more efficient authentication without requiring any network connection for communication between the systems. Whilst preventing the llegal use of Milipass, users can easily register and manage multiple facilities to which they have access through the OTAC-embedded Milipass. OTAC, the award-winning technology that generates a unique code with no chance of duplication at any given time, not only it can provide a high level of security and user convenience, but it can also save costs compared to existing authentication methods.

Why swIDch

OTAC, developed by swIDch, is the original technology
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Why swIDch
DYNAMIC CODE that is
Sufficient to IDENTIFY user
DYNAMIC Authentication code
that does NOT duplicate
Uni-directional authentication
in off-the-network environment

OTAC is a dynamic code, which means the code keeps changing. As a result, you don’t need to worry about any leak of your personal information, such as
your card details, because the codes must have already been changed when others try to use them.

The network connection is NOT necessary at all for generating OTAC.

Reducing an authentication stage that requires the network connection directly means there are fewer gateways forthe hackers to access our personal information.

Moreover, this feature enables usersto authenticate even when they arein networkless environments, suchas on the plane, underground, rural or foreign areas.

swIDch can guarantee that the code never duplicates with anyone
at any given moment.

There is NO chance of someone else having the same code.

The users or their devices can be identified with the code alone.

Once OTAC has been generated, providing OTAC alone is already fully sufficient to identify the user as the code is unique.

It means, you can forget about the bundles of static information including IDs and passwords.