Why CPF is turning to blockchain and APIs

By Nurfilzah Rohaidi and Poon Yun Xuan

CIO Ng Hock Keong shares how Singapore’s retirement savings board is safeguarding its data using APIs, blockchain, and stringent data sharing policies.

Image: CIO Academy Asia

Singapore’s retirement savings fund is using an increasing amount of data to improve its services, but it wants to make sure the data is secure throughout this journey, its tech chief says.

To achieve this, Singapore's Central Provident Fund Board (CPFB) is turning to new ways of sharing and securing the data it uses on citizens - while at the same time, creating better digital services. “We can leverage a lot more APIs,” says Ng Hock Keong, Chief Information Officer of CPFB.

With APIs, only relevant information is exchanged between service partners. This means that the entirety of any server’s data is never exposed to an external party. “We don't need a big file exchange and we can do away with keeping large amounts of data in each other's repositories,” he remarks on the sidelines of the recent ConnectGov Leaders Summit in Edinburgh, Scotland.
 

Better UX through blockchain


Ng previously told GovInsider about using blockchain to make it as easy as possible for customers to use CPFB’s services. Earlier this year, he spoke about blockchain trials to validate CPF statements. He also has a vision for creating a ‘citizen digital journal’ powered by blockchain, which authorities can authenticate and contribute to, while individuals own the data in full.

This journal could save time for both the citizen and the government agency that needs their data. “You authorise whoever is processing the request, read his journal, and actually you can get a very complete picture of the person,” Ng had said previously. This eliminates the need to fill up forms repeatedly when the information is already available, he pointed out.

Ng continues to envision a future where, through blockchain, CPF data is used to shorten processes to apply for credit cards, get housing loans, and pay for medical bills. With the increasing amount of data being exchanged, security is critical. “Maintaining data integrity is always the greatest challenge in my job,” he notes.

Before sharing citizens’ data outside of government, CPFB assesses the extent of the data request, and how the data will be used, Ng continues. For instance: is it data concerning a sample, or is it for one individual? Could the data be provided in a range, or as an indicator, or must it be of exact value? “The private sector has to be able to put up the details of their use cases,” he says.
 

What’s next?


Meanwhile, the agency is continuing its work to simplify its services, like the withdrawal of retirement savings. The waiting time to withdraw money from a CPFB account has already been shortened from days to seconds, thanks to the board’s 2018 collaboration with instant digital payment service PayNow.

Now, customers can also easily transfer funds to their family's accounts. But there is more to be done; API trials have begun, and there are up to eight new initiatives lined up for the next year, according to Ng.

For government agencies such as CPFB, improved data security is three-sided: a combination of blockchain, API and stringent data sharing guidelines. This is just one approach in the never-ending quest to secure citizens’ sensitive information, while providing services they need most.

Ng was speaking at the ConnectGov Leaders Summit in Edinburgh, Scotland on 8-10 July, organised by CIO Academy Asia.