New authentication options for SingPass transactions, including face verification



[ad_1]

SINGAPORE: Two new two-factor authentication (2FA) options will be available to SingPass users transacting with government digital services starting Wednesday (December 16), including an option to use face verification.

The new options will be implemented prior to the decommissioning of the OneKey token option at the end of March, and “will provide more convenience and accessibility to government digital services in a secure manner,” GovTech Singapore said in a press release.

“This is in line with the government’s efforts to build a digitally inclusive society by enabling digital access to government digital services for people of all social classes,” he added.

“Along with SingPass Mobile and SMS-OTP (one-time password), there are now four other 2FA options for current OneKey token users.”

FACIAL VERIFICATION

With the new facial verification option, users can log in with their SingPass ID and password before scanning their face on an internet-enabled computer with a webcam or a mobile device with a front camera.

Those who don’t have such devices can visit select public locations to use this service, GovTech said. The service is available at the IRAS Taxpayer and Business Center, Our Tampines Hub Public Service Center, and the Central Provident Fund Board Bishan Service Center, with more locations to be added progressively.

READ: Digital signature for SingPass users to sign legal documents

There are also security measures to prevent fraud, including activity detection technology, which will detect and block the use of a photograph, video or mask during the verification process.

Data encryption and security incident monitoring are also in place to ensure that personal data is securely protected.

Additional authentication factors such as passwords and SMS-OTP may also be required in addition to biometrics for more sensitive transactions. This is to ensure that someone with similar characteristics, such as an identical twin, does not have access to the account, GovTech said.

“We recognize that there are users who may not be as adept at digital technology or not be able to navigate computers or smartphones,” said Kwok Quek Sin, senior director of National Digital Identity.

Kwok added that the option is “especially useful” as it reduces the need to enter additional information such as one-time passwords, as well as helping Singaporeans abroad who may not have a locally registered number to receive OTP by SMS.

MULTIUSER SMS 2FA

The existing SMS-OTP 2FA method will also be expanded with multi-user SMS 2FA. This option will allow users who need assistance to receive their OTP to the mobile number of another SingPass user when transacting online.

For example, elderly parents can send their OTP to their child’s mobile phone number and ask them to help provide the 2FA to complete the transaction.

The dismantling of the OneKey token was announced in March of this year.

“We are actively facilitating the remaining 120,000 OneKey token users to transition to these alternative 2FA methods, through direct mail, digital clinics and digital ambassadors,” GovTech said.

[ad_2]