SingPass two-factor authentication process simplified

THE two-factor authentication (2FA) process of SingPass (Singapore Personal Access), used for a host of e-government services, has been simplified as part of ongoing enhancements to the system.

The SingPass is a gateway to hundreds of e-services provided by more than 60 government agencies. In July last year, the government introduced the 2FA to enhance personal data protection of users.

There are over 3.3 million SingPass users and more than two million of them have updated their SingPass account details. Feedback with the government suggested that users found the initial 2FA process a bit cumbersome. Users needed to register, activate and link their 2FA at three different websites, resulting in many steps to activate enhanced security system.

Under the new simplified system, users need to do the following:

* Log into their SingPass account and click "Set Up 2-Step Verification" under the quick links section.

* Register for SMS or OneKey token via the SingPass website. Once this is done a pin would be delivered via mail to their registered address.

* Once the pin is available, users will have to send the activation pin to 78111 via an SMS or log into Assurity's website to activate the 2FA.

From July 5, more than 100 government e-services provided by agencies such as Ministry of Manpower (MOM), CPF, Iras and Acra will require mandatory 2FA to perform e-transactions. This means in addition to their SingPass username and password, users will need to enter a One-Time Password (OTP) sent via SMS or generated through a OneKey token.

From next month, the government will simplify the system even further whereby users can register for 2FA via an SMS in order to get a pin sent over to them through the postal system. At the same time the government will start to auto register users and send mailers with their pin and details of how to use to their registered addresses.