SHAH ALAM - Easily accessible via smartphones, lower risk of losing physical cards and more efficient online transactions are among the benefits citizens can enjoy if the government implements a digital identification system.
Cybersecurity expert Aaron Ikram Mokhtar said the use of digital identification cards, as introduced in advanced countries like Singapore, Japan, and Canada, facilitates users' daily affairs.
However, he acknowledged that there were risks or weaknesses with the implementation of digital identification systems, such as cyberattacks, personal data breaches and dependence on high technology.
"From a cybersecurity perspective, hackers may target digital identity systems to steal personal and sensitive information.
"Breaches in centralised databases could compromise millions of digital identities, and phishing could deceive users into sharing information through fake websites or applications.
"Moreover, centralised storage of identity data could lead to misuse of personal information. Anyone could potentially misuse the digital identity system for tracking or surveillance purposes without the owner’s consent,” he said.
He said this to Sinar when commenting on a special report regarding the National Registration Department (NRD) detecting a syndicate offering fake MyKad for RM4,500 each through social media, specifically targeting foreigners.
Previously, NRD Director-General Badrul Hisham Alias revealed that some syndicates demand RM500 as a deposit before the full payment was made through internet banking.
Following that, Home Minister Datuk Seri Saifuddin Nasution Ismail said the authorities are tracking the syndicate and the NRD is also working on a nationwide outreach programme to address the possession of fake MyKad.
Commenting further, Aaron noted that not everyone has access to the technology needed to use a digital identity system.
He explained that older individuals or those who are ‘not tech-savvy’ might struggle to understand and use digital identification cards, making them highly vulnerable to online fraud.
HE said the government must implement robust cybersecurity measures, such as decentralising identity storage using blockchain.
"Ensure privacy by design, provide offline access methods or physical backups and educate users on security practices and phishing threats.
"There are indeed many benefits to introducing society to digital identification cards, but being cautious is crucial,” he added.
DIGITAL IDENTIFICATION INFORMATION IN OTHER COUNTRIES
SINGAPORE
- SingPass Launched in 2003; upgraded in 2016.
Eligibility: Citizens, permanent residents (PRs), foreign identification number (FIN) holders aged 15 and above.
Uses biometric methods like fingerprint and facial recognition and two-factor authentication (2FA) for login.
INDONESIA
- INA Digital Launched by former Indonesian President Joko Widodo.
Developed by 400 local digital entrepreneurs under the GovTech Indonesia project.
Utilises Single Sign-On and Multi-Factor Authentication (MFA).
KENYA
- Maisha Launched in 2023.
Managed by the Directorate of Civil Registration Services (CRS) and the National Registration Bureau (NRB).
Concept initiated in 1991.
Requires biometric verification such as fingerprints and photos.
SOMALIA
- eAqoonsi Launched in 2023.
Developed by the National Identification and Registration Authority (NIRA).
Requires one-time password (OTP) for login verification.
INDIA
- e-Aadhaar Launched in 2010.
Managed by the Unique Identification Authority of India (UIDAI).
Authentication through fingerprints, retina scans, and OTP.
ESTONIA
- e-ID Launched in 2002.
Nearly 98 per cent of residents use e-ID for digital signatures, i-Voting, bank account logins, and more.
Offers over 1,000 online public services.
Mandatory for all local residents.
GERMANY
- e-ID Developed in 2010.
Overseen by the Certification Authority (VfB) of the Federal Administration Office.
Requires a PIN for login.
JAPAN
- My Number Launched in 2015.
Overseen by the Transport Ministry.
To be integrated and function as a driver's license by March 2025.
CANADA
- eID-Me Launched in 2020.
Developed by Bluink.
Uses facial recognition, PIN, MFA, and other advanced security features.