S'pore welcomes NAF, 2FA token

SINGAPORE--Assurity Trusted Solutions has launched the national authentication framework (NAF), and the accompanying OneKey physical authentication token, which will help increase the security of online transactions between governments, businesses and citizens. It will also be conducting a year-long public education program in 2012 to guide consumers on how to use the token.

Lim Hup Seng, executive chairman at Assurity Trusted Solutions, said the new framework took four years to construct and another four months to develop the physical token, with the end goal of safeguarding online transactions for consumers. The chairman of the Infocomm Development Authority of Singapore (IDA) subsidiary was speaking at the launch event here on Monday.

Elaborating on the token, Lim said OneKey is the world's "first national two-factor (2FA) authentication device" and is integral to the NAF. The token is palm-sized and has separate buttons to generate one-time passwords (OTPs), challenge-response technology and transaction signing capability.

Users will be allowed to request for the token via their service providers and the token will be mailed to them. Once received, users will have to activate it using a PIN code sent separately, he explained.

Education to up awareness, adoption
Starting January 2012, Assurity will also be embarking on a year-long public education program, which includes talks and exhibitions, to teach consumers on how to make use of the OneKey token, Lim said. Currently, there is an OneKey Facebook page that features videos developed to guide people on using the token, he added.

"We are in the era of the Internet and e-transactions will be the way of life. We envisage that in time to come, the majority of people will transact online," the chairman said in a statement.

"The national two-factor authentication system is now live. Service providers can now protect their end-users' online transactions and OneKey offers security with convenience."

Lim pointed out that three companies have already signed up with Assurity to deploy OneKey, namely Philips Securities, Kim Eng Securities, and ST Electronics. Both Philips and Kim Eng have started integration testing and will pilot the token among their workforce, while ST Electronics' employees are already using it for VPN access, he added.

Assurity Trusted Solutions COO Chai Chee Loon also told ZDNet Asia that the company is currently working with approximately 30 to 50 companies in the finance, government and healthcare industries to get them started with the token deployment.

Speaking at the sidelines of the event, Chai said the NAF and OneKey project has a five-year timeframe and expressed his hope that more organizations, as well as users that need to conduct transactions online, will come onboard in the future.

For now, one of the main reasons why companies are not more receptive is that the NAF system and OneKey are still "undergoing testing". However, he believed that as the system stabilizes, companies will become interested in adopting these capabilities.