Two-factor authentication for e-Govt services

It’s CommunicAsia week this week, and the tech reporters here at the newsroom are running around Singapore Expo (where the exhibitions are) and Suntec City (where the conferences are).

At the opening of the yearly trade show today, the Singapore Government said it was looking into stronger, two-factor authentication for gov’t e-services, as part of what it calls the National Authentication Framework.

This means all those far-from-secure transactions that you have been performing on government websites will be a thing of the past. With the security provided by two-factor authentication, like what you use on online banking now, the Government intends to put in more “sensitive” apps in future.

In future, you’d likely have to not just key in a password, but also to key in a second password shown on a cellphone SMS or perhaps on a security token. Maybe, who knows, a fingerprint scan might not be out of order if prices for these scanners drop in future.

In any case, the IDA is to call for tenders in the next six months. But right now, the details are a little sketchy.

The date is not set for rolling out yet. Plus, what transactions can you do on it, for example (IDA said at a press conference today that perhaps you can even transfer CPF funds to pay for your flat – but will CPF allow it!)?

But who knows, when this more secure method for logging in is up, you might just not be feeling that scary feeling when logging in with that SingPass (which someone can sniff or easily guess) any more.