Monday, July 06, 2015

SingPass adopted a sensible approach towards enhanced security

SingPass has launched an enhanced security measure. It is explained as follows:

Users have to go to and log in first to verify their details and sign up for the new SingPass. Under this system, users will log in with their username and SingPass as per usual. When they perform sensitive transactions, they will also have to input a one-time password which will be sent to their mobile phones, or generated through a token.
I like this approach of identifying which are normal transactions, where enhanced security is not required, and sensitive transactions, where a one time password is sent to the mobile phone. I find the mobile phone to be more practical, unlike the use of a bulky token.

SingPass seemed to have got it right. Well done!

No comments:

Blog Archive