By Yoon Sung-won



The government will remove the "ActiveX" web browser plug-in from all public organization websites by 2020, according to the State Affairs Planning Advisory Committee, Friday.



To this end, the government will start to investigate public websites this year to set up a plan to remove ActiveX gradually between 2018 and 2020. The presidential policy advisory panel highlighted that its goal was to strengthen security of digitalized government services.



"By scrapping ActiveX from all public organization websites, they will become more easily accessible through more diverse web browsers," the panel said in a statement.



The advisory panel noted that it will make public websites to provide non-ActiveX security programs that are easier to set up.



The ActiveX was created and introduced by Microsoft in 1996 as a software framework for the Windows operating system's basic web browser Internet Explorer to control content downloaded from networks.



When the internet was rapidly introduced in Korea in the late 1990s and early 2000s, government agencies and financial institutions widely adopted ActiveX as a key tool for personal verification and web security.



But it has repeatedly drawn criticism not only because it was vulnerable to cyber attacks and malware but also because it was barely compatible with web browsers other than Internet Explorer.



With the introduction of smart phones, which mostly have non-Microsoft mobile web browsers such as Google's Chrome and Apple's Safari, many private-sector websites ditched ActiveX to help mobile users.



The Korean government has also encouraged public organizations to eliminate ActiveX from their websites. But most public agencies are still using ActiveX, arguing that they do not have a proper alternative to replace it.



Meanwhile, the Ministry of Government Administration and Home Affairs said Friday it had asked public organizations to stop using ActiveX voluntarily.



During the second conference of chief information officers, the ministry also pledged to set up guidelines for public organizations to introduce telecom companies' internet of things services.



Despite the presidential advisory committee's fresh pledge to remove the ActiveX plug-in, the government will need more thorough plans and a stronger push to root it out from public websites because previous administration repeatedly failed to do so, an industry source said.



"The government should do much more than just encouraging public organizations to get rid of ActiveX," the source said.



"It should not believe that the use of non-ActiveX security measures will be the ultimate solution no matter how easy they are to set up because program-based security measures can always be targeted by diverse types of malware."



