Revealed: Singapore’s plans for digital identity

Who are you? In the modern age, it is harder than ever for governments to know when you access services online. But that shouldn’t affect your convenience.

People want to access government services on their phone, and the Singapore Government is trialling a new system to allow secure log-in via a smartphone.

The Infocomm Development Authority has published tender documents to build a single mobile identity system, mirroring similar actions taken by governments across the world.

The government “would like to trial the use of a digital ID solution (Mobile Digital ID) as a unique and secured identifier of an individual”, tender documents announced this month.

The service will apply not only to government, it adds, but has potential to be a “common digital identity and authentication infrastructure that can be leveraged by service providers.”

The system will allow people to sign for documents using their phones, and log-in to secure online systems with a single digital ID stored on their smartphone.

A trial project will be led by the Infocomm Development Authority of Singapore (IDA), and will run for four months, testing services from the Monetary Authority of Singapore (MAS) and the Ministry of Health (MOH).

Forty people will be involved in testing the system, tender documents reveal. The system will have two key functions: authentication and authorisation, the tenders state.

They will be able to provide digital proof of their identity, and also digitally authorise actions and sign their permission. A person’s SIM card will store personal credentials and serve as an identity tool, the document suggest.

Compared to ID cards, this alternative has the advantage of not requiring a card reader - for the phone itself already acts as one.

To log on, each user will have to provide two sets of different certificates - a 5 digit PIN for authentication, and a 6 digit one for digital signing.

The system must work on all mobile phones, including low-end phones that have limited multimedia and internet access capabilities, the tenders state.

Once the tender is awarded, the mobile digital ID will be set up within a month, the tender documents state. Currently, Singapore’s equivalent of a national digital identity is Singpass.

It was set up in 2003 for people to access over hundreds of government e-services. However, this platform isn’t fool-proof: over 1,500 accounts were hacked in 2014.

Just this year, an administrative assistant was arrested for selling 293 Singpass account details to a Chinese syndicate in 2011. He managed to guess passwords that were the same as their log-in ID.

The mobile digital solution serves as a more secure alternative. But this tech isn’t new. Estonia launched its mobile ID system in 2007 to allow residents to digitally sign documents.

All service providers use a standardised file format that is accepted by everyone, even the court of law.

In some legal cases such as the establishment of companies, “digital signatures are considered ‘better’ than handwritten ones”, a research finds.

New Zealand launched its own system - RealME - in 2013. It also applies to banks and is supported by the Post Office.

Now read our feature on global digital identity systems