2-Factor Authentication: Govt May Tighten Security For E-Services
Fingerprint scans, smartcards may be used to tackle ID theft concerns
By Alfred Siew (The Straits Time, 26 Oct 05, Page 3)
PEOPLE using government e-services could soon be required to log in by scanning their fingerprints or swiping a smartcard, as government agencies tighten up computer security amid growing concerns over identity theft.
The new measures now being considered by the authorities would affect thousands of users who visit government websites for electronic transactions.
Currently, many government e-services, such as those on the Central Provident Fund website, require a user to log in with his IC number and SingPass password. Others, such as a check on a car's Certificate of Entitlement rebate, can be accessed with just an IC number.
Critics say these measures provide inadequate protection against increasingly sophisticated cyberthieves and fraudsters.
Infocomm Development Authority (IDA) spokesman Serene Tan confirmed that some of the 1,600 e-government services currently available could feature added security measures in future. But she declined to say when these might be rolled out or how much they would cost.
It is also unclear whether users would have to pay for personal fingerprint or smartcard readers for their computers.
What is clear is that personal information security is under serious threat.
A recent report in Newsweek magazine says 50 million Americans have recently had their personal data exposed and a quarter of Britons - around 15 million people - know someone whose identity has been stolen.
More and more Singaporeans are now using government e-services, which means more and more personal information is flying around the Internet.
The IDA says three out of five e-services, like checking CPF balances, have achieved 80 per cent utilisation. In other words, 80 per cent of these transactions are now carried out online.
Said a security expert who declined to be named: 'Considering that people are more aware of security these days, this is the right time to implement additional security measures.'
At the moment, the computer gateway that authenticates the identity of government e-services users is run by government agencies. Soon that service will be outsourced: The IDA has received offers from four companies - CrimsonLogic, Green Dot Internet Services, Hewlett-Packard and NCS.
The additional security measures would be implemented as the system was handed over to the private company, creating what is called a 'two-factor authentication' system. This means users will log in with not just a password, but also with a 'token', which could be a fingerprint or smartcard.
Companies may have to provide technical support to users unfamiliar with the new technology. But the extra costs are worth it to some users.
Said IT consultant Vincent Lew, 32: 'I'd also like to see them rolled out for Internet banking, which is a hot target for hackers.'
By Alfred Siew (The Straits Time, 26 Oct 05, Page 3)
PEOPLE using government e-services could soon be required to log in by scanning their fingerprints or swiping a smartcard, as government agencies tighten up computer security amid growing concerns over identity theft.
The new measures now being considered by the authorities would affect thousands of users who visit government websites for electronic transactions.
Currently, many government e-services, such as those on the Central Provident Fund website, require a user to log in with his IC number and SingPass password. Others, such as a check on a car's Certificate of Entitlement rebate, can be accessed with just an IC number.
Critics say these measures provide inadequate protection against increasingly sophisticated cyberthieves and fraudsters.
Infocomm Development Authority (IDA) spokesman Serene Tan confirmed that some of the 1,600 e-government services currently available could feature added security measures in future. But she declined to say when these might be rolled out or how much they would cost.
It is also unclear whether users would have to pay for personal fingerprint or smartcard readers for their computers.
What is clear is that personal information security is under serious threat.
A recent report in Newsweek magazine says 50 million Americans have recently had their personal data exposed and a quarter of Britons - around 15 million people - know someone whose identity has been stolen.
More and more Singaporeans are now using government e-services, which means more and more personal information is flying around the Internet.
The IDA says three out of five e-services, like checking CPF balances, have achieved 80 per cent utilisation. In other words, 80 per cent of these transactions are now carried out online.
Said a security expert who declined to be named: 'Considering that people are more aware of security these days, this is the right time to implement additional security measures.'
At the moment, the computer gateway that authenticates the identity of government e-services users is run by government agencies. Soon that service will be outsourced: The IDA has received offers from four companies - CrimsonLogic, Green Dot Internet Services, Hewlett-Packard and NCS.
The additional security measures would be implemented as the system was handed over to the private company, creating what is called a 'two-factor authentication' system. This means users will log in with not just a password, but also with a 'token', which could be a fingerprint or smartcard.
Companies may have to provide technical support to users unfamiliar with the new technology. But the extra costs are worth it to some users.
Said IT consultant Vincent Lew, 32: 'I'd also like to see them rolled out for Internet banking, which is a hot target for hackers.'
Comments