THINK! è un think tank non profit internazionale che ha lo scopo di diffondere la conoscenza su come le tecnologie digitali possano attivare processi di innovazione e sviluppo sostenibile
CATEGORIA: eGovernment (Vedi tutti)
TAGLINE: Strong authentication by public-facing online services that handle sensitive information, and/or facilitate transactions
KEYWORDS: Authentication system
Internet users in Singapore can expect to transfer savings funds, access health records and carry out other online transactions more easily with a single token from the second half of this year, as a government-backed authentication service goes live.
This so-called two-factor authentication (2FA) service works like existing online banking services, which require users to log in with a password on a PC followed by another one that is displayed on a small token or sent to them over SMS.
But with this new service, they will only need one token for multiple transactions in Singapore, as organisations start tapping on it.
This government project called the National Authentication Framework (NAF) has been in the works for the past two to three years, and promises to make it easy and cheap for both users and organisations such as government agencies and private companies to enjoy secure online transactions by having a common platform for all.
The National Authentication Framework (NAF), a key programme under the iN2015 Masterplan, aims to deploy a nationwide platform for strong authentication to:
Unveiling the NAF operator Assurity Trusted Solutions today, Ronnie Tay, chief executive of Singapore’s Infocomm Development Authority (IDA), said he is hopeful that more government transactions would be done securely using this 2FA method in future.
With it, users may in future access their Central Providend Fund (CPF) savings and transfer funds online, instead of submitting paperwork for it over the counter. Currently, Singaporeans and permanent residents can only access their CPF accounts but not transfer funds through “single-factor” e-government services, which require a simple Singpass password and are not as secure.
As part of the NAF, these users will get a first token free, on request. By having a common offering, economies of scale can be reaped for organisations from government agencies to banks, whose tokens have been issued for close to five years and are near expiry.
One big draw for the NAF: it is free to organisations for two years. Already, Assurity executives say they have approached government, healthcare and financial customers to sign on to the nationwide service, though they did not reveal any confirmed deals.
One secure token for all transactions would be welcome to users here, where the percentage of people transacting online has gone up from 17 per cent in 2003 to 40 per cent in 2009, according to the IDA.
Its main task now would be to get the first e-government services onboard at launch – not a given as agencies in Singapore can be pretty autonomous (the Monetary Authority of Singapore, which regulates banks, was the one that originally pushed banks to introduce 2FA several years ago following several high-profile break-ins).
The National Authentication Framework (NAF) seeks to realise the vision of the iN2015 masterplan for a secure and trusted enabling infocomm infrastructure that can facilitate the delivery of online services offered by the public and private sectors.
With the increased availability of online services offered by key sectors such as banking & finance, Government and healthcare, NAF can safeguard against unauthorised access to sensitive information available online, such as bank account details, securities trading account details or electronic health records. The NAF will be a timely nationwide strong authentication infrastructure that can provide consumers greater assurance when performing online transactions.
The NAF aims to facilitate a nationwide common platform for strong authentication that will: