IT_tip250t012826 4MB
IT_tip250t012826 4MB

Milipass: MyData Authentication Service

Securely combining civilian and military data for the first time for the Republic of Korea Army

MILIPASS

‘Milipass’ is Korea's first military data collection & management platform for the Army headquarters and active-duty soldiers. This platform started as a part of ‘MyData Service Project for Public Experience’ supported by the Army HQ, the Ministry of Science and ICT, and the Korea Data Agency. Soldiers who are on active duty or have been discharged from the military service and their family members can download this pass to their mobile wallet and use it for identification, authentication, and payment purposes. The goal of the project is to utilise the high-quality military data obtained from more than 250,000 new soldiers every year and help them with self-development, employment, finance as well as quarantine management during the COVID-pandemic.

 

Challenge

Milipass was launched to resolve the inconvenience of using personal data, separately generated from different sources throughout the military service, such as military service record, finance, access, and quarantine data of the active-duty soldiers, addressing the importance of managing the data of both active-duty soldiers and professional soldiers altogether through one MyData platform for efficient business process. However, an easy access of data increased the risk of leakage of personal information and the confidential military information, and a stronger security authentication technology was in need accordingly. In addition, most of the military units were based in rural areas with limited communication signals. Therefore, a technology that could identify and authenticate an individual even in off-the-network environment but at the same time generate a variety of personal information in the form of a dynamic authentication code with zero redundancy was also required.

 

The solution

The authentication of Milipass was designed with Fast Identity Online (FIDO) and One-Time Authentication Code (OTAC). In addition, three layers of security systems including data encryption, access control, and smartphone security were added to protect personal information used in military service, finance, access, and quarantine management.

OTAC technology has been embedded in the access management system of Milipass. As all soldiers have been officially allowed to use their mobile phones since 2019 to control Covid-19 more efficiently, they can easily generate their personal access code in the form of an OTAC by simply using the Near Field Communication (NFC) function on the smartphone. Once the OTAC has been generated, the access control system can immediately verify the code. Further, the OTAC QR code displayed on the Milipass app on each user’s smartphones is used for access control for military facilities as well as recording data on the entry and exit to the facilities.

[JPG] Case Study_Milipass 1 Weak and predictable passwords

OTAC technology has also been applied to ID cards and passes in the form of a QR code for identification and access verification. Users can simply scan a QR code with camera or barcode scanner but may also use a SMS-delivered code if there is no device to read a QR code. Or, in the case that the access control device includes an NFC reader, the NFC function on the mobile phone can easily verify OTAC code.

[JPG] Case Study_Milipass 2 Weak and predictable passwords

Expected outcomes

OTAC can help establish a non-face-to-face access control system to improve safety in the prevention of COVID-19 pandemic. To use OTAC-embedded-QR code entry logs, users simply answer a questionnaire on their mobiles and scan the generated OTAC QR code for each entrance gate. With enhanced user experience, this system is suitable for military units with a large number of soldiers.

Also, given that many military facilities often experience failure to send a code from the server to a mobile phone due to an unstable network connection, OTAC can provide a safer yet more efficient authentication without requiring any network connection for communication between the systems. Whilst preventing the llegal use of Milipass, users can easily register and manage multiple facilities to which they have access through the OTAC-embedded Milipass. OTAC, the award-winning technology that generates a unique code with no chance of duplication at any given time, not only it can provide a high level of security and user convenience, but it can also save costs compared to existing authentication methods.

Why swIDch

OTAC, developed by swIDch, is the original technology
that provides all of the following features, tested and substantiated
by the University of Surrey technical report
Why swIDch
DYNAMIC CODE that is
sufficient to IDENTIFY user
Single-step IDENTIFICATION
and AUTHENTICATION
Uni-directional authentication in
off-the-network environment

Single-step identification and authentication with the code alone. Include our biometric option and get single-step MFA. Vastly improved UX by removing steps.

OTAC is a dynamic code, which means the code is constantly changing. Eliminates all use of static information. Forget usernames and passwords forever. Vastly reduced workload for IT helpdesks. 

No network connection required for generating OTAC, enabling uninterrupted use no matter where you are. No more waiting for additional tokens/OTPs and no need for heavy public key infrastructure (PKI). 

 

Highly configurable code parameters and lightweight SDK/applet means wide range of deployment options on many devices across multiple sectors.