With a two-factor authentication (2FA) system where a One-Time Password (OTP) is deployed through a hardware token or SMS, the security of transactions made by Singaporeans are heightened and this will pave the way for a more open government.
More transactions can be done between students and education institutions.
“You could have access to your full transcript and other related information. And if you feel that general access to those information will be quite sustained, then education institutions can open up more information to you by having this 2FA,” said Khoong Hock Yun, Assistant Chief Executive, Infrastructure & Services Development, IDA.
“Even within government, we have a lot of e-transactions in a day. But as long as you are not very sure if you can put more information up there, you tend to hold the information back.
“But with 2FA, you have the assurance of a more secure access and more types of services can then be made available too.”
While Ronnie Tay (pictured), IDA Chief Executive, said he is hopeful that in future, “more government transactions can be done using this 2FA method”, it is still a work in progress and according to Khoong, the government is still “working out the best practices” with regards to 2FA technology.
Apart from opening information to the public — even making electronic health records a greater possibility — this one token for all services mean that Singaporeans will be able to access all their accounts with just one OTP hardware token.
Tay said: “Another aspect of the NAF is really the cross function of this. You could be dealing with health, insurance companies, Medisave [a national medical savings scheme], and you may also be dealing with your own bank. As you perform a transaction, you don’t want to take out four different tokens for authentication.”
When asked whether service providers like banks, who already have their 2FA infrastructures, would adopt the NAF’s 2FA, Lim Hup Seng, Executive Chairman of Assurity Trusted Solutions (a wholly-owned subsidiary of IDA who is the NAF operator) said it was an end-of-life issue.
“They issued the tokens five years ago. At some point in time they have to refresh them. And when you refresh, it is almost like starting anew. The options they have is to continue with their own system, or take advantage of what NAF has to offer.”
It is expected that banks will adopt the NAF within the next two years when the lifespan of their tokens expire.
Towards the second half of 2011, this OTP hardware token will be made available to all Singaporeans and Permanent Residents above the age of 15 who transact online.
---
Autor(en)/Author(s): Xinghui Guo
Quelle/Source: futureGov, 20.01.2011