The Straits Times reported yesterday (July 4) that the registration for SingPass' two-factor authentication (2FA) for Singapore residents and those living overseas will be extended from the initial July 4 deadline. This is because so far, only 1.6 million out of 3.3 million SingPass users have signed up for it.
From today (July 5), users would be given a one-month period upon log-in to register and activate the service.
This is not to say that the new deadline is August 5. The one-month counter would only begin when a user logs in, so this means that your friend's deadline might be different from yours.
SingPass, which gives users the ability to transact with various Government agencies online (such as the Central Provident Board, Inland Revenue Authority of Singapore and Ministry of Manpower), is said to be currently being actively used by over 2 million Singaporeans.
While the usual login process involved using your NRIC number and a password, the 2FA system was introduced by the Infocomm Development Authority (IDA) in July last year. Working just like how iBanking services do, a one-time password (OTP) is generated via a token or by SMS. This OTP would then be keyed in along with usual log-in details for users to gain access to their SingPass account.
The move for the slightly more tedious process came in a bid to enhance security measures for citizens and their potentially sensitive data on SingPass.
There is no smoke without fire, though, and the warning came in the form of a massive hacking incident of over 1,500 SingPass accounts in 2014.
Issues, issues, and more issues
However, the implementation of the new process has been met with many hiccups, and even with the simplification of the registration process in December last year, numbers revealed yesterday seemed to suggest that Singaporeans still either 1) do not know how to set up the 2FA or 2) are encountering issues that hinder them from it.
A quick look at The Straits Times's Facebook page seems to give us an insight that the reason is the latter:
And these are just scraping the surface of the backlash that the news brought about.
Dude, where's my mailer?
One of the main issues raised is the non-delivery of the SingPass pin mailer (via post) which is the key to activating the 2FA.
Below is an infographic IDA had come up with before the current deadline extension:
While the process seems foolproof (to most, but we'll get to that later), it seems from the comments that there is a good number of Singaporeans stuck at step 2.
An intern in the office also revealed to me that her mother was experiencing the same issue:
"My mum has been trying to get the mailer 3 times already but she still hasn't gotten it. She even went to 2 different places to get it done beyond making phone calls."
As with all instances of troubleshooting, I took a quick look at the FAQ on SingPass' website to see if there were any viable solutions provided that perhaps the commenters were missing out on:
However, it does seem like even with this technique, the mailer still remains stubbornly elusive to some Singaporeans:
It doesn't help that the help hotline also seems similarly elusive.
One can only wonder how many of the non-registrants IDA are trying to get on board are actually just stuck at the 2nd step.
Age gap, knowledge gap
Another issue brought up was that the process was solely done online, which is definitely an issue especially for older Singaporeans who are not IT-savvy.
As seen in the infographic IDA provided, to even get started, one would need to go online to the SingPass website.
While this is not an issue for those of us who use computers on a daily basis, it is definitely a problem for older folks who don't even know how to do a simple search on the Internet.
Going back to the FAQ page, it does seem like they had acknowledged this issue:
There are 2 problems with this.
First of all, the note at the end stating that the locations are subject to change, and that regular checking back is necessary does not address that some old folks (especially those living alone) might not even know that there is an FAQ available.
Next, the FAQ is online. Enough said.
While earlier in January, IDA had announced that they will up the awareness of 2FA via "a range of advertisements, web banners and at public events such as those under the Silver Infocomm Initiative, where seniors can choose to sign up for 2FA on the spot", comments seem to suggest that the outreach efforts might simply not be sufficient.
Older folks that are home-bound due to age or illness would also miss out on these programmes.
We have an ageing population, and with it comes a need for increased consideration of these Singaporeans who are at a disadvantage with the digitisation of various compulsory processes.
While we can do our part to assist those around us (like our grandparents and parents), even more wide-scale efforts should also be made to reach out to those who do not have family or friends to help them.
To get Singaporeans on board, don't just extend the deadline
Judging from the comments and issues raised by frustrated Singaporeans on the news, it does seem like as compared to a deadline extension, a stepping up to address persistent problems and closing knowledge gaps is more relevant and necessary.
What do you think about the extension, and did you have problems with your 2FA set up too? Let us know.