Issue/Re-issue Certificate

  • 1Select certificates
  • 2Confirm the user concerned
  • 3Enter security means
  • 4Enter account information
  • 5Password and saving location

notice

  • Select the type of certificate to be issued/reissued.

Select certificate types

Certificate type Fee Usage
Free
  • Internet banking, credit card settlement and insurance
  • National Tax Service year-end settlement, and e-government civil services
KRW 4,400/year
  • For all e-business transactions
  • Internet banking, credit cards, insurance, stocks and e-bidding

[Notice] Collection and use of personal information for KFTC’s certificate issuance

[Notice] Collection and use of personal information for KFTC’s certificate issuance

In relation to its certificate issuance through online identification or non-face-to-face real-name verification, KFTC collects and uses personal information to perform the contract concluded with the data subject without the consent of the data subject as follows.
□ Details of collection and use of personal information
Items Grounds for processing Purpose Period of retention and use
Individual CInote 1) Performance of the contract
(Article 15(1)(4) of the Personal Information Protection Act)
To verify CI when a certificate is issued through non-face-to-face real-name verification Disposed immediately after non-face-to-face real-name verification is completed
Personally identifiable information
(resident registration number or foreign resident registration number)
Legislation
(Article 24-2(1)(1) and Article 24(1)(2) of the Personal Information Protection Act, and Article 13 of the Enforcement Decree of the Digital Signature Act)
To issue and manage certificates, to give notifications of authentication services, to detect unlawful issuance and prevent illegal use of certificates, to allow device designation or additional authentication, to handle customer complaints about authentication services 10 years from the date the certificate becomes invalidnote 3)

(According to the YesKey Certification Practice Statement, personal information is securely kept for 10 years from the date the certificate becomes invalid and immediately disposed when the retention period ends.)
Personal information of certificate owner
(name, email, Tel/mobile number)
Performance of the contract
(Article 15(1)(4) of the Personal Information Protection Act)
Certificate informationnote 2)(DN and serial number of the certificate, subscriber ID)
Business Information of certificate manager
(name, fax number, email, Tel/mobile number)
Performance of the contract
(Article 15(1)(4) of the Personal Information Protection Act)
To issue and manage certificates, to give notifications of authentication services, to detect unlawful issuance and prevent illegal use of certificates, to allow device designation or additional authentication, to handle customer complaints about authentication services
Common Device information
(IP and MAC address, OS and web browser information, HDD Serial, USB Serial)
Performance of the contract
(Article 15(1)(4) of the Personal Information Protection Act)
To detect unlawful issuance of certificates, to prevent illegal use of certificates and fraudulent electronic financial transactions
Note 1) CI is collected and used only when the certificate is issued through non-face-to-face real-name verification.
Note 2) Personal identification is unavailable only with certificate and device information, but becomes available by combining additional information with the aforementioned data.
Note 3) However, when the certificate issuance is stopped before entering the certificate password or registering the account for financial authentication during KFTC’s certificate issuance process, personal information is disposed immediately after 7 days.


Service agreements and identification

e-finance transaction service agreement

< Electronic Banking Transaction Agreement >

Electronic Financial Transactions Basic Terms and Conditions
Article 1 (Purpose)
The purpose of these Terms and Conditions is to set out basic matters concerning electronic financial transactions between Woori Bank (“the Bank”) and users to carry out transactions promptly and efficiently and coordinate interests of the parties engaging in transactions.
Article 2 (Definitions of Terms)
  1. ① The terms used in these Terms and Conditions shall have the following meaning:
    1. 1. “Electronic financial transactions” means users’ use of financial products and services provided by the Bank through an electronic device in a non-face-to-face transaction and automated method.
    2. 2. “Users” mean customers using electronic financial transactions under a contract signed with the Bank for electronic financial transactions (“an electronic financial transaction contract”).
    3. 3. “Payer” means the holder of the withdrawal account ("withdrawal account") from which the funds are withdrawn through electronic financial transaction method.
    4. 4. “Payee” means the holder of the deposit account ("deposit account") to which the funds are deposited through electronic financial transaction method.
    5. 5. “Electronic device” means a device used to transmit or handle information on electronic financial transaction, using ATMs, cash dispensers, payment terminals, computers, telephones or other electronic methods.
    6. 6. “Access medium” means one of the following means or information used to give a transaction order or secure the veracity of users or transaction contents in electronic financial transactions.
      1. a. The Bank-provided electronic card and electronic information corresponding to the said card;
      2. b. Electronic signature generation information or authenticated certification under The Digital Signature Act;
      3. c. User number registered with the Bank;
      4. d. Users’ registered biometric information;
      5. e. Password required using the means or information stated in the foregoing “a” or “b”
    7. 7. "Electronic Document(s)" shall mean the information prepared, transmitted, received or stored pursuant to Article 2, subparagraph 1 of the Framework Act on Electronic Commerce.
    8. 8. "Transaction Request" shall mean the request by which the User asks the Bank to process an individual Electronic Financial Transaction pursuant to the Electronic Financial Transactions Agreement.
    9. 9. "Error" shall mean the case where an Electronic Financial Transaction has not been effected in accordance with these Terms and Conditions (including any individual terms and conditions), the agreement on Electronic Financial Transactions or the Transaction Request of the User, in absence of the intention or negligence of the User.
    10. 10. "Transfer Services" shall mean the transactions whereby the Bank withdraws funds from the Withdrawal Account of the Payer and transfers them to another account opened at the same bank or another bank pursuant to the Transaction Request made by the Payer through the Electronic Means.
    11. 11. "Collection Transfer Services" shall mean the transactions whereby the Bank withdraws funds from the Withdrawal Account of the Payer and transfers them to another account opened at the same bank or another bank pursuant to the collection request made by the Recipient through the Electronic Means.
    12. 12. "Reserved Transfer Services" shall mean the transactions whereby the User makes a Transaction Request in advance designating a future date as the date on which Transfer Services are to take place, and the Bank executes the requested Transfer Services on such date.
    13. 13. "Remittance Services" shall mean the transactions whereby the User makes a deposit of funds into his/her own account or another's account through an ATM.
    14. 14. "Reserved Collection Transfer Services" shall mean the transactions whereby the User makes a Transaction Request in advance designating a future date as the date on which Collection Transfer Services are to take place, and the Bank executes the requested Collection Transfer Services on such date.
    15. 15. "Business Day" shall mean days on which the Banks are open for normal business operation at its business offices.
  2. ② The terms not defined herein shall be in accordance with the Electronic Financial Transactions Act and other relevant laws.
Article 3 (Applicable Transactions)
These General Terms and Conditions shall apply to the Electronic Financial Transactions, such the Transfer Services (this term hereinafter shall include the Reserved Transfer Services), the Collection Transfer Services (this term hereinafter shall include the Reserved Collection Transfer Services), the inquiry related to the Remittance Services and the deposit or withdrawal between the Bank and the User through any of the following Electronic Means:
  1. 1. Transactions using cash dispensers, ATM's or debit terminals;
  2. 2. Transactions using computers;
  3. 3. Transactions using telephones;
  4. 4. Transactions using debit card terminals; and
  5. 5. Transactions using other Electronic Means.
Article 4 (Execution and Termination of Agreements for Transactions)
  1. ① The User shall enter into a separate Electronic Financial Transactions Agreement with the Bank before he/she could use the Electronic Financial Transactions, except in the following cases:
    1. 1. Simple inquiries (e.g., account balances, records of deposits and withdrawals made, etc.);
    2. 2. Simple transactions which are processed with payment of service fees;
    3. 3. Transactions using cash dispensers, ATM's or debit terminals; and
    4. 4. Other transactions designated by the Bank.
  2. ② The User may terminate the Electronic Financial Transactions Agreement by application therefor to the Bank in writing or through the Electronic Means in accordance with the individual terms and conditions regarding the electronic financial transactions.
Article 5 (Issuance and Registration of Means of Access)
  1. ① The Bank may issue the Means of Access to the User at his/her request and after the personal certification of the User.
  2. ② Notwithstanding paragraph ①, in any of the following events, the Bank may issue the Means of Access with the consent of the User for renewal or replacement of the Means of Access, in absence of request or personal certification of the User.
    1. 1. With respect to the Means of Access, which have not been used within six (6) months prior to the scheduled date of renewal or replacement, if the Bank has obtained the consent of the User in writing (including the Electronic Document containing the authorized digital signature (the "Authorized Digital Signature") pursuant to Article 2(3) of the Digital Signature Act) for renewal or replacement; or
    2. 2. With respect to the Means of Access, which have been used within six (6) months prior to the scheduled date of renewal or replacement, if the Bank notified the User of the scheduled issuance not later than one (1) month prior to such scheduled date and the Bank has not received any objection from the User.
  3. ③ If the User desires to directly register the passwords, etc. through the Electronic Means after the execution of Electronic Financial Transactions Agreement, the User shall register so within three (3) Business Days including the date of execution of agreement.
Article 6 (Management of Means of Access)
Unless otherwise provided in the applicable laws, the User shall not lend, entrust, assign or encumber to a third party the Means of Access necessary for the Electronic Financial Transactions. The User shall not disclose the Means of Access to a third party, and shall take good care in safeguarding the Means of Access to prevent stealing, forgery or alteration of the same.
Article 7 (Use of Authorized Certificate)
The User shall use the authorized certificate under the Digital Signature Act for use of the Electronic Financial Transactions, to which these Terms and Conditions apply, except in any of the following cases:
  1. 1. In case of inquiry to the account of the User;
  2. 2. In case of the Electronic Financial Transactions using the Electronic Means, such as ARS, ATM or debit terminals, etc., for which it is impossible to install and operate the authorized certificate;
  3. 3. In case of payment of tuition fees, admission application fees, etc., wherein the personal certification of the User is possible and the Deposit Account is designated;
  4. 4. In case of settlement by credit card for payment in electronic commerce transaction, or on-line Transfer Services of amount less than 300,000 Won;
  5. 5. In case where electronic currency or electronic prepayment means are used on line; or
  6. 6. Other cases that are deemed necessary and approved by the Governor of the Financial Supervisory Service.
Article 8 (Service Hours)
  1. ① The User may use the Electronic Financial Transactions during the service hours set by the Bank.
  2. ② The service hours may be subject to change depending on the circumstances of the Bank. If the Bank wishes to change the service hours, it shall post such changes one (1) month in advance both at its head office and branches and over Electronic Means, which are amenable to posting of notice or to which the User may easily access, except in the cases of inevitable circumstances, such as system recovery, urgent program repair works, external causes, etc.
Article 9 (Service Fees)
  1. ① The Bank may collect service fees for Electronic Financial Transactions either by withdrawing the fees from the User's account or by receiving cash directly from the User. The payment method of the service fees shall be determined in accordance with the individual terms and conditions.
  2. ② Service fees shall be determined in accordance with the Bank's method of calculating the service fees. In the event the Bank wishes to change the service fees, it shall post the proposed changes both at its head office and branches and over Electronic Means, to which the User may easily access, for one (1) month starting from one (1) month prior to the effective date of the changes.
Article 10 (Ceiling Amount for Transfer Services)
The User shall set his/her own ceiling amount for Transfer Services, Collection Transfer Services and Remittance Services in accordance with the method designated by the Bank.
Article 11 (Constitution of Transactions)
When the User wishes to use Electronic Financial Transactions, the transactions shall be constituted at the following point in time:
  1. 1. In case of Transfer Services and Collection Transfer Services, at the time when the Bank confirms the contents of the Transaction Request entered by the User and records the withdrawing of the "withdrawal amount" (this term hereinafter shall include service fees, if any) on the ledger of the Withdrawal Account;
  2. 2. In case of cash withdrawals, at the time when the Bank confirms the contents of the Transaction Request entered by the User and records the withdrawing of the "withdrawal amount" on the ledger of the Withdrawal Account;
  3. 3. In case of Remittance Services, at the time when the Bank confirms both the contents of the Transaction Request entered by the User and the amount to be deposited; and
  4. 4. In case of Reserved Transfer Services and Reserved Collection Transfer Services, at the time when the Bank confirms the contents of the Transaction Request made by the User, subject to the condition that the Withdrawal Account shall have sufficient funds available at the time of execution of the requested Transfer Services.
Article 12 (Criteria for Processing the Transaction Requests)
  1. ① The Bank shall process a Transaction Request upon verification of the Means of Access, such as identify of the account number, password, user number, etc. stated on the Transaction Request against those reported to the Bank.
  2. ② Each Electronic Document received by the Bank in connection with a Transaction Request of the User shall be deemed independent respectively.
  3. ③ Notwithstanding paragraph ② above, if the Electronic Documents of the same contents are repeatedly received during the time set by the Bank, the Bank may disuse, at its discretion, other Electronic Documents after undergoing the procedures for verification of real intention of the User for a Transaction Request through telephone or other Electronic Means which can be used for immediate notification to the User.
  4. ④ When the Bank withdraws funds from the Withdrawal Account pursuant to the Transaction Request of the User, the Bank may effect such withdrawal without utilizing passbooks, withdrawal request forms or checks, notwithstanding the provisions of the General Terms and Conditions of Deposit Transactions.
  5. ⑤ In case of transactions where the Recipients cannot be confirmed due to the nature of the requested transactions, such as batch Transfer Services and Transfer Services to accounts opened at another bank, etc., the requested transactions shall be processed on the basis of the account numbers of the Recipients.
  6. ⑥ Transfer Services to accounts opened at another bank shall be processed on a same-day basis, provided that in the event the same-day processing is not possible, the requested transactions shall be processed in accordance with paragraph ④ of Article 19.
  7. ⑦ In case of Reserved Transfer Services and Reserved Collection Transfer Services, the requested transactions shall be processed only if the Withdrawal Account has sufficient funds to cover the amount requested by the User on the Transaction Request at the time of execution of the requested transactions.
  8. ⑧ In case of paragraph (7) above, if the requested transfer date falls on a Bank's holiday, then the requested transactions shall be processed on the following Business Day.
Article 13 (Consent on Withdrawal from the Withdrawal Account)
  1. ① The Bank may not effect the Collection Transfer Services without the consent of the Payer on withdrawal from the Withdrawal Account, which shall be obtained by any of the following methods:
    1. 1. Method wherein the Bank receives the written application for withdrawal (this term hereinafter shall include the Electronic Document containing the authorized digital signature) from the Payer; or
    2. 2. Method wherein the Recipient receives the written consent of the Payer on withdrawal and delivers it to the Bank (including the delivery of details of such consent by the Electronic Means).
  2. ② The Payer may request the Bank to cancel his/her consent on withdrawal before the Bank has completely recorded the withdrawing of the "withdrawal amount" on the ledger of the Withdrawal Account pursuant to a Transaction Request of the User.
  3. ③ Notwithstanding paragraph ② above, the Payer may request the Bank to cancel batch transactions or Reserved Collection Transfer Services through written notice to the business place of the Bank by one Business Day immediately preceding the requested transfer date.
Article 14 (Restrictions on Transactions)
  1. ① In any of the following cases, the Electronic Financial Transactions requested on the Transaction Request may be restricted:
    1. 1. In case the balance of the Withdrawal Account is less than the withdrawal amount at the time of execution of the Electronic Financial Transaction, provided, however, that if there are other provisions under individual terms and conditions for the Electronic Financial Transactions, then such other provisions shall apply;
    2. 2. In case the Deposit/Withdrawal Accounts are closed or suspended;
    3. 3. In case a certificate of balance is issued for the Deposit/Withdrawal Accounts on the requested transfer date;
    4. 4. In case the amount requested for Transfer Services on the Transfer Request exceeds the ceiling amount set by the User;
    5. 5. In case the Transfer Request requests Transfer Services to be made to an account other than the designated Deposit Account, when the User has agreed to use only the designated Deposit Accounts for Transfer Services; and
    6. 6. In case the Bank determines that provision of services may not be appropriate for reasons of legal restraints placed on withdrawal, violation of the Electronic Financial Transactions Act and other relevant laws, etc.
  2. ② In any of the following cases, all of Transfer Services conducted through applicable Electronic Means may be restricted:
    1. 1. In case the authorized certificate has expired or is canceled; or
    2. 2. In case no Transfer Services have been used for twelve (12) months or more by the User who has been a user of the Electronic Financial Transactions using computer or telephone.
  3. ③ In the event that the Electronic Financial Transactions are restricted pursuant to the foregoing paragraphs ① and ②, the Bank shall notify the User of the reasons therefor over the same Electronic Means upon receipt of a Transaction Request of the User.
  4. ④ In case of the foregoing paragraph ②, the User may resume the Electronic Financial Transactions by taking appropriate steps, such as re-issuance or extension of the authorized certificate required by the Bank or expression of intent to use, etc.
Article 15 (Effectiveness of Payment)
  1. ① For Transfer Services, Collection Transfer Services and Remittance Services, the payment shall be effective upon recording of the deposit on the ledger of the Recipient's account.
  2. ② For cash withdrawals, the payment shall be effective upon receipt of cash by the User.
  3. ③ For payment made by other electronic payment means such as the electronic currency or electronic debenture, the payment shall be effective upon inputting the information on amount subject on the Transaction Request on the Electronic Means of a bank with which the account of the Recipient is opened.
Article 16 (Revocation of the Transaction Requests)
  1. ① A Transaction Request may be revoked by the User through the Electronic Means used by the User in Electronic Financial Transactions or in accordance with the procedures set by the Bank before the transaction has been completed pursuant to Article 15.
  2. ② Batch transactions, Reserved Transfer Services and Reserved Collection Transfer Services may be revoked if a revocation of the Transaction Request is made through applicable Electronic Means by one Business Day immediately preceding the requested transfer date.
  3. ③ Notwithstanding paragraph ① above, in case of the Electronic Financial Transactions where the Bank cannot immediately confirm the completion of transactions due to the nature of the requested transactions, such as real-time transfer services, the Bank may restrict the cancellation of the Transaction Request made by the User.
  4. ④ When the Withdrawal Account is closed at the request of the User, any Transaction Request for Reserved Transfer Services registered with such Account shall also be terminated.
  5. ⑤ Neither death or adjudication of quasi-incompetency or incompetency of the User nor dissolution, bankruptcy or merger of the User or the Bank by itself will have the effect of revoking or modifying the Transaction Requests or affect the powers of the Bank.
Article 17 (Verification of the Transaction Results)
  1. ① The Bank shall procure that the User may immediately verify the results of processing of transactions completed pursuant to Article 15, through the Electronic Means used by the User in the Electronic Financial Transactions or other alternative electronic means, such as computers. However, in cases of the Transfer Services to other bank and the Reserved Transfer Services, the Bank shall immediately notify the User of the results of receipt through the Electronic Means concerned.
  2. ② Notwithstanding paragraph ① above, if it is difficult to confirm the contents of transactions as requested by the User, through the Electronic Means concerned or other alternative electronic means, the Bank shall print the contents of transactions concerned in the form of writing (except the Electronic Document) and deliver it to the User.
  3. ③ The User shall verify whether the Transaction Request and the processing results mentioned in paragraph ① above correspond to each other.
Article 18 (Correction of Errors)
  1. ① When the User learns that there was an Error in the Electronic Financial Transaction, he/she may request the Bank to immediately correct the Error. In such case, the Bank shall immediately investigate and effect appropriate corrections, such as verification of money transfer course and restriction on withdrawal thereof, and shall notify the User of the results of corrections within two (2) weeks from the receipt of such request.
  2. ② When the Bank learns that there was an Error in the Electronic Financial Transaction, it shall immediately investigate and effect appropriate corrections to the processed transaction, and shall notify the User of the results of corrections within two (2) weeks therefrom.
Article 19 (Handling at the Time of Accident or Impediment)
  1. ① When the User learns of the theft, loss, forgery or alteration of the Means of Access to the transaction accounts or divulgement of other information which is required to be kept confidential for the purpose of transactions, he/she shall promptly notify the Bank of such fact.
  2. ② The reporting made under the foregoing paragraph ① shall take effect upon receipt of the report by the Bank.
  3. ③ In the event that the reporting made under the foregoing paragraph ① is to be revoked, the User himself/herself shall file a written application therefor with the Bank.
  4. ④ In the event that the Electronic Financial Transactions cannot be processed as requested on the Transaction Request due to telecommunications impediment or other causes, the Bank shall deposit the money back to the Withdrawal Account and notify the User of such fact to the reported contact point of the User.
  5. ⑤ At the request of the User, the Bank shall promptly investigate the reasons for any accidents or impediments, and shall notify the User of the results of the investigation.
Article 20 (Indemnification)
  1. ① If the User has suffered any damages from an accident arising out of forgery or alteration of the Means of Access, or an accident arising in the course of execution of agreement or transmitting or processing of the Transaction Request by the electronic means, the Bank shall be liable for amount of such damages together with interests accrued thereon calculated at the rate of a one-year time deposit, provided that if the amount of the damage caused to the account concerned by such wrongful transfer exceeds the amount calculated at the rate of a one-year time deposit, then the Bank shall compensate the actual damage amount.
  2. ② Notwithstanding paragraph (1) above, the Bank shall not be held liable for all or any part of the damages suffered by the User in any of the following cases:
    1. 1. In case of (i) acts of God, war or terror or (ii) force majeure such as stoppage of power supply, fire, destruction of building, or other events that is not attributable to the Bank;
    2. 2. In case that the User lends, entrusts, assigns or encumbers to a third party the Means of Access;
    3. 3. In case that the User divulges or discloses his/her Means of Access to a third party, or permits such divulgement or disclosure even though the User knew or could easily know that such third party could do, without authorization, the Electronic Financial Transactions by using the Means of Access of the User; or
    4. 4. In case that the User, which is a juristic person (except the small enterprises as set forth in Article 2(2) of the Framework Act on Small and Medium Enterprises), has suffered the damages but the Bank has fulfilled its obligations of due care as reasonably requested, such as establishment of, and thorough compliance with, the security proceedings in order to prevent any accident.
  3. ③ In case that the Bank is notified from the User of the theft or loss of the Means of Access, the Bank shall compensate the amount of damages suffered by the User out of use of the Means of Access by a third party from the time of receipt of such notice.
Article 21 (Provision of Transaction Records and Data)
  1. ① At the request of the User, the Bank shall provide the User with relevant records and data maintained and managed by it concerning the Electronic Financial Transactions to the extent that it does not violate the "Act on Real Name Financial Transactions and Guarantee of Secrecy" and any other laws and regulations.
  2. ② The scope of transaction records, of which the User may request the provision, and the subject period thereof shall be the same as those set forth in paragraphs ① and ② of Article 22.
  3. ③ If the User requests the Bank to provide the transaction records and data in the form of writing (except the Electronic Document; hereinafter the same shall apply), the User shall submit the written application form to the business place of the Bank. The Bank shall post, over the internet, etc., the address, telephone number, etc. of the business places, to which the User may submit such written application form.
  4. ④ The Bank shall deliver the statement of transaction to the User within two (2) weeks after the receipt of request for such statement by the User pursuant to paragraph ③ above.
  5. ⑤ If the Bank is unable to provide the transaction records and data (including the statement of transaction) due to any unavoidable cause, the Bank shall immediately notify the User of such cause. Upon the termination of such cause, the Bank shall confirm or provide the statement of transaction within the period set forth in any of the following subparagraphs:
    1. 1. Immediately in case of provision through the Electronic Means; and
    2. 2. Within two (2) weeks in case of provision in writing pursuant to paragraph ③ above.
Article 22 (Maintenance of Transaction Records)
  1. ① The Bank shall keep and maintain transaction records relating to the Electronic Financial Transactions (except the inquiries) as referred to in any of the following subparagraphs for five (5) years:
    1. 1. Name and number of transaction account;
    2. 2. Type and amount of transaction, and information identifying the counterparty;
    3. 3. Transaction date, type of the Electronic Means, and information identifying the type of the Electronic Means;
    4. 4. Fees relating to the Electronic Financial Transactions, which have been received by the Bank;
    5. 5. Details of consent on withdrawal by the Payer in case of the Collection Transfer Services;
    6. 6. Details of application for Electronic Financial Transactions and the application for change thereof; and
    7. 7. Access log data generated by the Electronic Means related to the relevant Electronic Financial Transactions.
  2. ② The Bank shall keep and maintain transaction records relating to the Electronic Financial Transactions as referred to in any of the following subparagraphs for one (1) year:
    1. 1. Records regarding the transactions of small amount not more than 10,000 Won per case of transaction;
    2. 2. Records regarding the approval of transactions; and
    3. 3. Request for correction of Error, and records of correction.
Article 23 (Method and Effect of Notice)
  1. ① In notifying matters in the process of the Electronic Financial Transactions under paragraph ② of Article 17 and paragraphs ④ and ⑤ of Article 19, the Bank shall provide notice either by phone, in writing or through other Electronic Means to the contact point reported by the User.
  2. ② When the Bank provides a notice in writing, it shall be deemed delivered upon passage of normal time required for such delivery, except in cases of acts of God and other force majeure events.
  3. ③ In the event that the written notice sent by the Bank under the foregoing paragraph ② does not reach or is delayed in reaching the User due to the User's negligence in notifying any changes pursuant to Article 24, the notice shall be deemed delivered upon passage of normal time required for such delivery.
Article 24 (Amendment of Reported Items)
  1. ① If the User wishes to make changes to any of the items reported to the Bank, such as the account number, password, user number, company name, address, telephone number, etc., the User shall report to the Bank on such changes in accordance with the provisions of the individual terms and conditions for Electronic Financial Transactions.
  2. ② The amendments to the reported items shall take effect upon passage of reasonable time required for computer entry after receipt of the report under the foregoing paragraph (1).
  3. ③ The User may give any notices, other than the reported items as set forth in paragraph (1) above, to an electronic financial assistant operator of the Bank. In such case, any notice given to such assistant operator shall be deemed given to the Bank.
Article 25 (Matters to be Complied with, etc.)
In order to conduct the secure Electronic Financial Transactions, the User shall comply with the following matters as determined by the Bank:
  1. 1. Measures and management method in order to prevent the leaking of the password or the hacking;
  2. 2. Procedure and method provided by the Bank in order to protect the interests of the Users; and
  3. 3. Other matters as determined by the Bank.
Article 26 (Recording of the Transactions)
In order to ensure accuracy of transactions, the Bank may record the telephone communications of transactions between the User and the Bank's employees, provided that such recording shall be used only as evidence for the relevant transaction in the event of a dispute, in which case the User may request disclosure of the contents of the recording.
Article 27 (Confidentiality)
Except as provided by laws and regulations, the Bank shall neither disclose to any third party, nor use for any purpose other than its business, the information regarding the personal matter and account of the User, and information or data regarding the contents and records of the Means of Access and the Electronic Financial Transactions acquired by it in connection with performing the Electronic Financial Transactions without consent of the User himself/herself. The Bank, however, shall be held liable when the User-related information is stolen or divulged due to the Bank's negligence in managing the information.
Article 28 (Amendment of General Terms and Conditions)
  1. ① If the Bank wishes to amend these General Terms and Conditions, it shall post the proposed amendment at its head office and business places and over Electronic Means through which the relevant Electronic Financial Transactions are conducted (in case that such Electronic Means are not amenable for posting the notice, the Electronic Means to which the User may easily access) and give notice to the User at the e-mail address, prior to one (1) month from the amendment date. Should the User protest against the amendment, the Bank must confirm that the User had been notified of the amendment of Terms and Conditions in an adequate manner. However, if these General Terms and Conditions need to be urgently amended due to changes in laws and regulations or systems, then the Bank shall immediately post such fact over the Electronic Means (for at least one (1) month) and shall notify the User through e-mail.
  2. ② The User may terminate the Electronic Financial Transactions not later than one Business Day immediately preceding the effective date of the amendment after posting or notification of the proposed amendment pursuant to paragraph (1) above. If no objection of the User is received by the Bank by such one Business Day immediately preceding the effective date of the amendment, the User shall be deemed to have consented thereto.
Article 29 (Priority of Application)
  1. ① In the event that any individual agreements made by the Bank and the User conflict with the provisions of these General Terms and Conditions, then such individual agreements shall take precedence over these General Terms and Conditions.
  2. ② Those matters regarding the Electronic Financial Transactions not provided for by these General Terms and Conditions shall be determined in accordance with the individual terms and conditions of the transactions.
  3. ③ Those matters not provided for by these General Terms and Conditions nor by individual agreements for Electronic Financial Transactions shall be, in absence of other agreements, governed by the Electronic Financial Transactions Act, other relevant laws and regulations, the Bank's General Terms and Conditions of Deposit-Taking Transaction and General Terms and Conditions of Credit Transactions.
Article 30 (Raising of Objections and Cooperation)
  1. ① In the event that the User has any objection concerning the processing of the Electronic Financial Transactions, he/she may refer the matter to the Bank's grievance board for settlement of the dispute, or may file an application for mediation of the dispute with the Financial Dispute Mediation Committee of the Financial Supervisory Service or with the Consumer Dispute Mediation Committee of the Korea Consumer Protection Board.
  2. ② If the User raises any objection to the head office, business place or grievance board of the Bank, the Bank shall investigate and notify the User of the results of investigation or disposition within fifteen (15) days therefrom.
  3. ③ The Bank shall designate the manager and staff, who shall be responsible for settlement of the dispute, and post their contact information over internet website.
  4. ④ The User shall cooperate for the examination of the Bank and the examination or investigation procedures of the relevant authority relating to the settlement of the dispute, such as indemnification for damages arising out of the accident set forth in paragraph ① of Article 20.
Article 31 (Governing Law)
These General Terms and Conditions shall be governed and construed in accordance with the laws of Republic of Korea.
Additional Rule
  1. 1. These Terms and Conditions shall be implemented on January 1, 2007.
  2. 2. These Terms and Conditions shall be implemented on March 1, 2008.
  3. 3. These Terms and Conditions shall be implemented on , 2012.

Internet banking service agreement

< Internet Banking Service Terms and Conditions >

Article 1 (Purpose)
The purpose of these Terms and Conditions is to set out matters concerning the use of the Internet banking service (“the Service”) between Woori Bank (“the Bank”), which is the Service provider, and users based on the Electronic Financial Transactions Basic Terms and Conditions.
Article 2 (Types of Service)
  1. 1. Types of the Service provided by the Bank are Internet banking, Woori Escrow, Woori Cash, Scraping service and the like. Detailed types of the Service will be explained through the media stated in Article 3 (Service Media) hereof.
  2. 2. “Scraping service” is a service that enables customers to make inquiries about or manage their account in a financial institution in one screen, using the information on Internet access media of each financial institution used by them.
Article 3 (Service Media)
Users may use the Service with an electronic device, such as a personal computer (PC), TV, cell phone, or PDA.
Article 4 (Commencement and Termination of Services)
  1. ① Service commences upon the customer submitting a completed electronic banking use request form (hereinafter referred to as "request form") to "the bank", as well as the customer's registration of various required passwords.
  2. ② If the customer needs a separate agreement for a specific business purpose, the customer must terminate other existing individual agreements
  3. ③ If the customer desires to terminate the use of services as outlined in clause ①above, the customer must file a formal request for termination. However, individual customers may terminate the use of services via electronic means without filing a formal request.
Article 5 (Identification)
For each instance of use of any of its services, "the bank" authenticates customer identity by comparing the required fields entered by the customer with the customer's data registered with the bank.
  1. 1. Internet Banking: User ID, user password, account password, fund transfer PIN number, security PIN number, OTP Generator number, electronic authentication password, Bio-authentication, etc
  2. 2. Other Services : User ID, user password, electronic authentication password, password for each service
Article 6 (Service Fees)
  1. 1. Service fees shall follow what is stated in Schedule 1) hereto or in a separate contract, whichever the case may be.
  2. 2. Service fees will be withdrawn automatically from the user’s bank account at the Bank-designated date (the 10th of the following month) or an agreed upon date based on the number of services rendered in a month.
Article 7 (Opening or Closing Accounts)
  1. ① Through internet banking services, customers can open a new account in their name by simply withdrawing funds from their existing withdrawal account.
  2. ② Only after the identity confirmation can an account opened as in clause ① be withdrawn from or terminated at a branch office.
  3. ③ Although withdrawals or account termination through internet banking services do not require the formalities described in clause ②, withdrawals or terminated account funds can only be transferred to an account that has been identity confirmed by "the bank".
  4. ④ The type of deposit, savings, or trust accounts that can be opened shall be determined by "the bank".
Article 8 (Withdrawal or Deposit Accounts)
  1. ① Withdrawal accounts registered under the customer's actual name have unlimited withdrawals and deposits, and can be designated either as Korean Won or Foreign currency deposit. However, certain services may be restricted according to user account type.
  2. ② The customer can designate the withdrawal/deposit status of fund transfer deposit accounts. Note that an account must be designated for deposit status in order to be able to accept deposits.
Article 9 (Limit of Fund Transfer or Oversea Remittance)
  1. ① The customer may set a daily fund transfer limit within a range set by "the bank". If the customer chooses not to designate a limit, "the bank" will automatically set a limit according to pre-designated criteria.
  2. ② If, aside from clause ①, there exist other statutes or regulations governing transfer/remittance amounts, the limit is set according to the statute or regulation.
Article 10 (Scraping Service)
  1. ①Process
    • The customer takes necessary measures such as applying for Internet Banking services in order to access and manage accounts which are opened at "the bank" and other Financial Institutions.
    • The customer uses the Scraping program provided by "the bank" and takes necessary measures to register accounts opened at "the bank" and other Financial Institutions.
  2. ②Obligation and Immunity
    • In case of being unable to make inquiry or bill collection of other banks due to any factor caused by the bank in question, the customer takes the necessary actions at one's own risk and "the bank" has immunity.
Article 11 (Service Limitations)
  1. ① "The bank" cannot provide service in the following cases :
    1. 1. When there are 3 consecutive errors entering customer authentication data (service will be restored after the customer requests an input error cancellation at a branch office)
    2. 2. When payments for deferred service charges are overdue
  2. ② When service is restricted due to the reasons listed under clause ①, electronic notifications will be sent upon customer request.
Article 12 (Transaction Details)
At any of our branch offices, the customer can request details of fund transfers, oversea remittances, or other transactions. Through frequent balance inquiries and bankbook updates, the customer should confirm transactions in order to discover possible irregularities.
Article 13 (Management of Passwords)
  1. ① Users are encouraged to change their passwords from time to time, using service media stated in Article 3 hereof.
    1. 3 The Bank will not respond to a request to check any password. Loss of a security card or leakage of a password shall be reported immediately in writing to a branch. In the case of an emergency or an inevitable situation, it may be reported by phone during business hours and then in writing by the following business day.
Article 14 (Service Hours)
The Bank’s service hours are as stated in Schedule 3) hereto. The Bank will provide information on details of service hours by service type through the Bank’s homepage or service media.
Article 15 (Limits of Foreign Exchange Transactions and Overseas Remittance)
Matters concerning limits of foreign exchange transactions and overseas remittance shall be as stated in Schedule 4) hereto.
Article 16 (Amendment)
In the event of amendment to these Terms and Conditions, the Bank will put up a relevant notice on branches and available electronic devices at least a month in advance for a month and provide the information to users via e-mail addresses provided by them. It shall be deemed that users consented to the amendment unless a written objection is submitted to the Bank by the business day preceding the execution of the amendment after the provision of information on the amendment either by public notice or by individual notice.
Article 17 (Application)
  1. Matters not stipulated in these Terms and Conditions shall follow what is situated in the following: The Electronic Financial Transaction Act, Basic Terms and Conditions of Electronic Financial Transactions, Basic Terms and Conditions of Deposit Transactions, Basic Terms and Conditions of Bank Loan Transactions (for individuals/businesses), Basic Terms and Conditions of Foreign Exchange Transactions, Terms and Conditions of Each Deposit (including Trust), Terms and Conditions of Other Individual Transactions and Agreements, and the rules of the Korea Financial Telecommunications and Clearing Institute (KFTC).
  2. In the event of conflict between these Terms and Conditions and other terms and conditions concerning the use of Internet banking, these Terms and Conditions shall prevail.

KFTC yessign certificate service agreement

Terms & Conditions of Korea Financial Telecommunications & Clearing Institute’s Digital Authentication Service

History of Establishment and Revision


Category Revision Date Enforcement Date
Establishment
Jul. 7, 2000
Jul. 7, 2000
Revision
Dec. 13, 2000
Dec. 13, 2000
Aug. 19, 2002
Aug. 19, 2002
Jan. 18, 2006
Jan. 18, 2006
Jul. 1, 2010
Jul. 1, 2010
Sept. 26, 2013
Sept. 26, 2013
Dec. 21, 2018
Dec. 21, 2018
Dec. 10, 2020
Dec. 10, 2020
Nov. 1, 2021
Nov. 1, 2021
Dec. 10, 2021
Dec. 10, 2021
Aug. 29, 2022
Sept. 30, 2022
Aug. 2, 2023
Sept. 12, 2023


Chapter 1. General Provisions
Article 1. (Purpose)
The purpose of this Terms and Conditions Agreement is to prescribe the rights, obligations, and responsibilities of the Korea Financial Telecommunications and Clearings Institute (hereinafter referred to as “KFTC”), subscribers, applicants for subscription and users regarding the use of the digital authentication service (hereinafter referred to as “YesKey certificate service”) provided by KFTC as the digital signature certification service provider as per the Digital Signature Act and identification service agency pursuant to the Act on Promotion of Information and Communications Network Utilization and Information Protection, etc. (hereinafter referred to as “Information & Communications Network Act”) and Korea Communications Commission’s guidelines on designation and management of the identification service agency.
Article 2. (Definitions)
The terms used herein shall be defined as follows:
  1. 1.“Subscriber” refers to a person who obtains electronic signature certification about his or her electronic signature creation data from KFTC.
  2. 2.The applicant for subscription refers to the person who intends to receive the certificate from KFTC.
  3. 3.“User” refers to a person who uses electronic signature certification services provided by KFTC.
  4. 4.“Registration Agency” refers to an institution which verifies the identity of a subscriber and applicant for subscription and receives and registers applicants for certificate issuance, suspension, or revocation on behalf of KFTC.
  5. 5.“YesKey Digital Signature Certification Practice Statement (hereinafter referred to as “Statement”)” refers to the set of guidelines prepared by KFTC in accordance with rules set up by the Competent authority, covering overall matters related to the YesKey certificate service such as types of certificate authentication service, service methods and procedures, and service conditions and fees, etc.
  6. 6.“Accident Information” refers to the equipment information (IP and MAC addresses and the like) and personal information (name and resident registration number and the like) of which experienced electronic financial accidents or theft of certificate, etc.
  7. 7.“Device designation” refers to the method of registering the device information (e.g., the information of PC, smartphone, etc) with Registration Agency, verifying whether the device was registered by the applicant for subscription for the issuance of certificate.
  8. 8.“Additional certification” refers to verifying the identity of the applicant for subscription by using the method other than that for device designation such as mobile phone SMS certification, 2-channel certification, etc.
  9. 9.“2-channel certification” refers to verifying the identity of the applicant for subscription by using more than two(2) different communication methods.
  10. 10.“Certificate cloud service” refers to the service to save the certificate of Subscriber or other authorities in the cloud storage server of KFTC, and if necessary, provides the service to use the certificate saved on the cloud storage server or move to the facility of Subscriber to use the certificate.
  11. 11.“Financial authentication service” refers to the service that enables the subscribers to have their certificate issued and save it on KFTC’s cloud, which they can access anywhere any time on their cloud-registered devices (PC, mobile, etc.), as well as to manage their authentication history.
  12. 12.“The identification service agency” refers to an organization providing identity verification means without requiring the subscriber to present his/her resident registration number having been designated by the Korea Communications Commission as an identification service agency in accordance with the Article 23-3-1 of the Act on Information and Communications Network.
  13. 13.“The personally identifiable information (PII)” includes:
    1. A. Subscriber’s name, gender, date of birth, and citizenship
    2. B. Connecting Information (CI): encrypted identifiable information that can be used to determine whether the subscriber is identical to the person who has signed up on multiple websites in order for the user to connect membership deals or partner services
    3. C. Duplication Information (DI): encrypted identifiable information that is used to confirm whether the subscriber has already joined (or has been using the service)
    4. D. Other information related to real-time validity of certificate, etc.
  14. 14.“Identity verification service”refers to the service that verifies the subscriber’s identity with a certificate issued by KFTC when it is required to access the User’s offerings. When the subscriber uses the certificate as identity verification means, KFTC provides the User the subscriber’s personal data that the subscriber has consented to the use.
Article 3. (Effect and Amendment of the Agreement)
  1. ① These Provisions become effective as from the date of the notification on KFTC’s Financial Authentication Center website.
  2. ② When KFTC modifies this Agreement, the contents of modification shall be posted on the homepage at least 1 month prior to the date of implementation, and unless any Subscriber raises any objection prior to the date of implementation, the modification of the Agreement shall be considered as approved. Provided, however, in the event that the modified Agreement is not consented, the service use, such as, closure of the certificate, may be suspended.
  3. ③ In the event that the contents of modification under Clause 2 is adverse to Subscriber, KFTC shall individually notified to Subscribers at least 1 month prior to the date of implementation via e-mail and others as provided in advance. Provided, however, in the event that Subscriber expressly indicated its intent not to receive such e-mail, it shall not be the case.
  4. ④ In the event that the notice under Clause 3 is made, KFTC shall include the contents of followings; “in the event that Subscriber fails to consent to the modification, it may request to suspend the service use within 1 month from the date of receiving the notice, and in the event that the intend to suspend the service use is not indicated, it shall be considered as consented to the modification.”
  5. ⑤ In the event that Subscriber fails to indicate its intent to suspend the service use within 1 month from the date of receiving the notice under Clause 3, it shall be considered as consented to the modification.
Article 4. (Application of Law, etc)
  1. ① Other matters that are not stipulated in these provisions shall be governed by the CPS and related acts such as Digital Signature Act, Information and Communications Network Act and Personal Information Protection Act.
  2. ② KFTC shall disclose the CPS to Subscriber, Applicant for Subscription, and User for reference.
Chapter 2. Use of YesKey Certificate Service
Article 5. (Service Types)
The following are the types of YesKey certificate service:
  1. 1. Certificate issuance
  2. 2. Certificate reissuance
  3. 3. Certificate renewal
  4. 4. Updating subscriber information
  5. 5. Certificate revocation
  6. 6. Certificate suspension
  7. 7. Certificate reinstatement
  8. 8. Providing access to Certificate Suspension/Revocation Lists, as well as the entire certificate lists
  9. 9. Real-time Validation of certificates
  10. 10. Time-stamping electronic documents
  11. 11. Certificate Cloud Service
  12. 12. Identity verification service
  13. 13. Other services provided by KFTC in relation to the digital certificate practice
Article 5-2 (Type and purpose of Certificates)
KFTC may issue following certificates and types and purpose of them will be determined by the PCS.
  1. 1. Joint Certificate
  2. 2. Financial Certificate
Article 6. (Issuance and Management of Certificate)
  1. ① The applicant shall request a certificate upon in-person identification (identification includes those deemed to be in compliance with operational standards for electronic signature certification services in the Digital Signature Act) at KFTC or a Registration Agency. However, subscribers to electronic financial transaction whose identity has been verified by the Registration Agency may request issuance of a certificate upon confirming the following online:
    1. 1. Electronic financial transaction subscriber’s login information such as ID and password, or account number and account password
    2. 2. Electronic financial transaction subscriber’s identifiable number such as his/her resident registration number, etc.
    3. 3. One time password (including password of security card) provided by a financial institution to the subscriber or two or more sets of personal information only known to the subscriber
    4. 4. Other information, such as the subscriber’s credit card details, etc., apart from the afore-mentioned items. However, an overseas resident, corporation, organization, foreigner or braille security card user (except braille security card user who has consented to verification of the information) is excluded.
  2. ② The Registration Agency may strengthen the verification process for the applicant for subscription through the designation of device or additional certification process to increase safety.
  3. ③ In accordance with the foregoing, KFTC shall issue a certificate for valid application upon confirming application details of the subscriber with verified identity.
  4. ④ KFTC shall cancel issuance if the subscriber does not get his/her certificate in 7 days from application, including the application date.
  5. ⑤ KFTC and the Registration Agency may restrict the issuance of certificate to the applicant for subscription under any of the following cases:
    1. 1.The application for certificate is submitted or is suspected to be submitted under the name of another person.
    2. 2.False information is entered or is suspected to have been entered in the application, or false documents are attached or are suspected to have been attached.
    3. 3.The certificate is not issued due to the operational or technical problems of Registration Agency
    4. 4.The application for certificate or issuance of certificate was made or is suspected to have been made by using the accident information.
    5. 5.The designation of device or additional certification, etc., fails.
    6. 6.When it has been confirmed that the subscriber can no longer use the certificate due to reasons such as a death, etc.
  6. ⑥ The provisions specified in Clause 1 shall apply to identification for re-issuance or restoration of the subscriber's certificate.
  7. ⑦ The subscriber’s certificate-based digital signature shall be used as an identification method when the subscriber renews or make changes to his/her certificate.
  8. ⑧ When the subscriber’s certificate becomes invalid or is revoked, identification shall be executed in accordance with ① above, or the subscriber’s certificate-based digital signature will be used. However, when online identification stated in ① is used, two or more items shall be verified.
Article 6-2 (Applicability of Certificate and Effect of Digital Signature)
  1. ① Certificate issued by KFTC can be used for the following purposes:
    1. 1. To verify identity of subscribers
    2. 2. To prevent tampering of electronic documents
    3. 3. To serve as proof of transactions, and
    4. 4. Others determined by KFTC
  2. ② Details of each purpose in ① will be subject to instructions on registration agency or user’s service page.
  3. ③ Electronic signature created by certificate issued from KFTC will carry effect stated in the Article 3 of the Digital Signature Act.
Article 7. (Use of certificate cloud service)
  1. ① Subscribers or identification agencies wishing to use certificate cloud service give consent to the use of certificate cloud service as per terms of use set by KFTC and complete application by entering their personal information, such as name, mobile number, etc.
  2. ② When an applicant signs up for certificate cloud service, KFTC may confirm his/her personal information such as mobile number via mobile service carriers.
  3. ③ If the subscriber or identification agency does not wish to use certification cloud service, they may cancel the subscription by removing their certificate stored in the storage server.
Article 8. (Use of financial authentication service)
  1. ① Subscribers wishing to use financial authentication service should sign up by agreeing to the terms of service and entering their personal information such as name, mobile number, date of birth, etc.
  2. ② When the applicant signs up for financial authentication service, KFTC may confirm his/her personal information such as mobile number via mobile service carriers.
  3. ③ If the subscriber no longer wishes to use the financial authentication service, he/she may do so by removing his/her cloud account.
  4. ④ With regard to the use of corporate financial certificate service, the financial certificate can be shared only to those who have obtained approval by lawfully from the person who issued the financial certificate.
Article 9. (Use of identity verification service)
  1. ① Subscribers wishing to use the identity verification service should consent to collection and use of personal information on the identity verification service page, select personally identifiable information they agree to provide and complete the application by entering certificate password.
  2. ② When the subscriber signs up for the identity verification service, KFTC provides the personally identifiable information the subscriber has agreed to provide to the User.
  3. ③ KFTC notifies the subscriber details of identity verification service use via his/her email it collected.
  4. ④ The subscriber may unsubscribe identity verification service on KFTC’s Financial Authentication Center website. When the person who has previously unsubscribed signs up for the service in ①, KFTC shall not provide personally identifiable information.
  5. ⑤ The person who has unsubscribed may restart his/ her subscription on KFTC’s Financial Authentication Center website. KFTC will provide personally identifiable information of the person when he/she restarts the subscription to service in ①.
Article 10. (Generation and provision of CI and DI)
  1. ① Based on the resident registration number collected with consent from the subscriber, KFTC will provide CI and DI to the user, while CI and DI provides the value generated by an identification service agency, I-PIN.
  2. ② KFTC connects securely to an identification service agency, I-PIN. via communications network and whenever a subscriber attempts to use the identity verification service it will request CI and DI to I-PIN, which will respond to the request.
  3. ③ Accuracy of the subscriber’s CI and DI can be confirmed at the corresponding identification service agency, I-PIN, and KFTC shall bear no responsibility for the accuracy of the information.
Article 11. (Service Hours)
  1. ① In principle, KFTC shall provide the Yeskey certificate service 24 hours a day. However, KFTC may limit the service hours to maintain and improve security or to inspect servers, etc.
  2. ② In case that KFTC limits the service hours according to the provision of Clause (1) of Article 10, KFTC shall post the corresponding details on its Financial Authentication Center website in advance.
Chapter 3. Obligations of the parties
Article 12. (Obligations of KFTC)
  1. ① KFTC may regularly disclose the list of terminated and revoked certificates in accordance with the Statement to help the subscribers check validity of their certificate. However, until the list of terminated or revoked certificates are publicly made available in response to the request of certificate termination, revocation and reinstatement, KFTC shall not be responsible for any issue arising from one of the certificates to be included in the list.
  2. ② In relation to certificate cloud service and financial authentication service, KFTC shall manage subscribers’ certificates stored in cloud in a secure manner.
  3. ③ In relation to the identity verification service, KFTC shall provide personally identifiable information to the Users with whom the subscriber has agreed to share his/her personal information.
  4. ④ KFTC will not be held liable for services provided by the User and information provided to it will be used, managed and discarded in accordance with the terms and conditions Agreement signed between the User and subscribers.
Article 13. (Obligations of subscribers, applicants and users)
  1. ① The subscriber and applicant are required to provide correct information to registration agencies and KFTC and when there is change to essential information, such as the resident registration number, they shall promptly notify the agencies and KFTC.
  2. ② If the subscriber finds that the content of the certificate issued by KFTC contains incorrect information, he/she shall correct it by themselves on KFTC website or notify KFTC of it by landline, etc.
  3. ③ The subscriber shall securely manage his/her digital-signature-creating key and certificate password.
  4. ④ The subscriber shall not use others’ certificate in an inappropriate manner.
  5. ⑤ Subscribers and applicants shall comply with the CPS and the provisions.
Article 14. (Personal information protection)
KFTC and the registration agencies shall not use the subscriber’s personal information for purposes other than YesKey certificate service, prevention of improper issuance of certificate and financial incidents nor provide it to third parties at their own discretion. They shall compensate for damages caused by personal information leak. However they shall not be held liable in any of the following situations:
  1. 1. When the data subject, (i.e. subscriber) has given consent to the use of his/her personal information for other purposes, and
  2. 2. When information can be used without the consent of the data subject in accordance with related act
Chapter 4. Limitations to the service
Article 15. (Reasons for certificate revocation)
In any of the following circumstances, KFTC and the registration agencies may revoke the certificate:
  1. 1. When a subscriber has requested revocation of his/her certificate
  2. 2. In the event of the death or dissolution of a subscriber
  3. 3. When a person under adult guardianship has his/her certificate issued without consent from legal guardian
  4. 4. When a person under limited guardianship has his/her certificate issued without consent from legal guardian although certificate issuance requires the consent under law
  5. 5. When the valid period for the certificate has expired
  6. 6. When the subscriber has improperly obtained the certificate or is suspicious of doing so
  7. 7. When the subscriber’s digital-signature-creating key has been lost, damaged, or stolen
  8. 8. When the restriction is necessary to maintain and improve security aspects of YesKey certificate service
  9. 9. When the subscriber’s essential information, such as unique identifiable information, does not match with the information registered with KFTC
  10. 10. When mobile phone number linked to the cloud account for a financial certificate is illegally used
  11. 11. When the subscriber has removed his/her personal financial certificate
  12. 12. When the subscriber has not complied with his/her obligations in the Article 13 or under CPS
Article 16. (Restricted use of service)
  1. ① In order to protect the subscriber’s personal information, KFTC may restrict use of YesKey certificate service by limiting login attempts, etc.
Chapter 5. Fees
Article 17. (Certificate Issuance Fees)
  1. ① Registration Authorities shall post the fees and payment method at the counters of branches or through service media and the subscribers shall pay fees at the counters of branches or through service media of registration agencies.
  2. ② KFTC shall post certificate types, valid period, and details of any change in fees on its Financial Authentication Center website.
Article 18. (Other service charges)
KFTC may charge users for services ranging from real-time validity of certificate, timing of electronic documents, identity verification, etc. and the amount to be charged will be subject to a separate agreement between KFTC and the users.
Article 19. (Refund of Certificate Issuance Fees)
  1. ① Subscriber may get a refund of certificate issuance fees under any of the following circumstances. In this case, the relevant certificates shall be revoked.
    1. 1. The application for issuance is canceled within 7 days after the application was submitted.
    2. 2. The issuance of certificate is canceled within 7 days after the issuance.
    3. 3. Although 7 days have elapsed since the application for the issuance or the issuance of certificate, the application for the issuance of certificate or the issuance of certificate can be canceled if there are faults attributable to KFTC or the Registration Agency.
  2. ② KFTC and Registration Agency may deduct the required expenses before returning the fees.
Chapter 6 Compensation for Damages, etc
Article 20. (Compensation for Damage)
KFTC and the Registration Authorities shall compensate the subscribers and/or users for damage caused by the faults of KFTC and/or the Registration Authorities during the performance of the duties related to the authenticated certification in accordance with CPS.
Article 21. (Collection of Information and Use)
  1. ① To provide YesKey certificate service, KFTC and registration agencies collect and use minimum amount of personal information under subscriber’s consent.
  2. ② KFTC may share collected information with Registration Agency to prevent unfair/fraudulent issuance and usage of certificate.
  3. ③ KFTC may request registration agencies to submit following resources and the agencies shall provide them:
    1. 1. Records of certificate application (issuance/ suspension/ reinstatement/ revocation) and processing
    2. 2. Copy of documents and credentials the subscriber has submitted as proof of his/her identity
Article 22. (Announcement and Notification of Information)
  1. ① KFTC and the Registration Authorities may announce or notify the following items to subscribers through KFTC’s Financial Authentication Center website, email, or telephone(including the mobile phone):
    1. 1. Changes in the status of the digital signature service provider, and/or registration agency such as temporary closure, suspension or abolition of the certification service or the termination of the license of the digital signature service provider, etc.
    2. 2. Revocation of certificates without the consent of subscribers due to the loss or theft of KFTC's electronic signature creation data or other reasons that may affect the reliability or effectiveness of certificates
    3. 3. Information on the status of certificates such as Certificate Suspension/Revocation Lists, etc.
    4. 4. Guidance on certificate renewal due to expiration of the certificates
    5. 5. Information deemed necessary by KFTC to promote the utilization of certificates and subscriber's use of the YesKey certificate service including information on applicable use of certificate
    6. 6. Details related to the issuance and revocation of certificate
    7. 7. Changes to subscriber’s personal information
    8. 8. Details of identity verification service use
  2. ② KFTC and/or the Registration Authorities shall not be held liable for any damage sustained by subscribers in case they have not been notified of the details described in Clause (1) of Article 16 due to failure to enter any or incorrect email address and telephone(including the mobile phone) number.
Article 23. (Indemnification)
KFTC and a Registration Agency shall indemnify the subscriber or user against damages they have inflicted in relation to carrying out electronic signature certification service. However, they will be given an indemnity if they prove that they have not acted by intention or negligence as in the Article 20 of the Digital Signature Act.
Article 24. (Court of Jurisdiction)
The court of jurisdiction over any litigation arising in relation to this Agreement shall follow the matters set forth under the Civil Procedure Act.
Addendum (Dec. 21, 2018)
This Terms & Conditions Agreement shall enter into force on December 21, 2018.
Addendum (Dec. 10, 2020)
This Terms & Conditions Agreement shall enter into force on December 10, 2020.
Addendum (Nov. 1, 2021)
This Terms & Conditions Agreement shall enter into force on November 1, 2021.
Addendum (Dec. 10, 2021)
This Terms & Conditions Agreement shall enter into force on December 10, 2021.
Addendum (Sep. 30, 2022)
This Terms & Conditions Agreement shall enter into force on September 30, 2022.
Addendum (Aug. 2, 2023)
This Terms & Conditions Agreement shall enter into force on September 12, 2023.

Agree to the provision of personal information to third parties in connection with the issuance of yessign certificates

Consent to provision of personal information to third parties for KFTC’s certificate issuance (Required)

To prevent unlawful use of certificates and fraudulent electronic financial transactions, KFTC would like to provide the subscriber’s personal information to third parties as follows.

□ Details of personal information provided to third parties
Recipient Purpose of provision Items to be provided Period of retention and use Grounds for processing
Financial institutions among KFTC’s registration agenciesnote 1) To prevent unlawful use of certificates and fraudulent electronic financial transactions Name, date of birth, device informationnote 2),email, Tel/mobile number 10 years from the date the certificate becomes invalid
(According to the YesKey Certification Practice Statement, personal information is securely kept for 10 years from the date the certificate becomes invalid and immediately disposed when the retention period ends.)
Consent of the data subject
(Article 17(1)(1) of the Personal Information Protection Act)
Note 1) Financial institutions among KFTC’s registration agencies
(https://www.yeskey.or.kr/shortcut/ra-list)
Note 2) IP and MAC address, HDD Serial

You have the right to deny consent to the collection and use of personal information, but you may not have your certificate issued if you do not agree to our privacy policy.

By clicking confirm, you agree to the above conditions for obtaining a certificate.

For your information

close
  • The certificate shall remain effective for one year after its issuance.
  • While a certificate issue/reissue is being processed, if the connection fails, then the issuance is not successful. Before the effective period (one year from the issuing date), please issue (reissue) a certificate and conduct transactions without discarding and transaction.
  • For the issue and renewal of a universal certificate, a fee of KRW 4,400/year will be charged to the entered withdrawal account. If you discard the certificate within 7 days of the discarding, the fee will automatically be refunded. Thereafter, the refund will not be made.

Foreign Exchange Rate

2024/10/30 12:38:14
통화 환율 정보
Currency Buy Sell
USD 1,408.62 1,360.18
JPY 918.33 886.75
EUR 1,526.72 1,467.74

Woori Call Center

  • 1599-2288 (Dedicated Foreigner Call Center) -> 1(English), 2(Chinese), 3(Vietnamese), 4(Uzbek), 5(Russia), 6(Tai), 7(Mongolian), 8(Japanese), 9(Cambodian, Indonesian, Tagalog)
  • 1588-5000, 1599-5000 (Domestic)
  • 82-2-2006-5000 (International)
  • Business hours : 09:00 ~ 18:00, Mon-Fri