Zero Data Retention Mydigital Id Assures Safety Ahead Of Public Debut

---

Ahead of its public debut next month, MyDigital ID Sdn Bhd has reassured that its digital identification platform is secure.
The company’s chief solutions officer Redzuan Abdullah said the service has a zero data retention policy. Any data that is still in transit will be encrypted and therefore useless to would-be eavesdroppers.
“We make sure that we don’t keep data. Whenever data comes to us for processing, we just push them away.
“In a nutshell, it is like a house that is fully secure, but if you have the chance to break in, there is nothing to steal,” he told reporters at a briefing in Kuala Lumpur yesterday.
MyDigital ID chief solutions officer Redzuan AbdullahMyDigital ID is envisaged as a single-sign-on platform that can be used to verify the identity of its users and log them into various online services, particularly government services.
Prime Minister Anwar Ibrahim announced an RM80 million allocation on Nov 21 last year for the national research centre Mimos Bhd to expedite its implementation.
MyDigital ID Sdn Bhd was set up in January as a vehicle for implementing this.
The platform has already been rolled out to civil servants last year and will begin rolling out to the general public in May.
It can already be used to log into the MySejahtera app and the human resource management system by the civil service and will be expanded to both the public and private sectors too.
Big players interested
MyDigital ID acting CEO Mohd Mirza Mohamed Noor said financial institutions and e-wallet services have also shown keen interest during its engagement sessions, who see it as a way to prevent fraudulent transactions and to satisfy know-your-customer requirements when registering new customers.
Some institutions have even expressed interest in integrating their services with MyDigital ID within the next six months.
“In terms of safety standards of any application, banking (apps) hold the highest standard and requirement.
“So, we are tackling it from the top, meaning that if we can convince banking and insurance institutions to adopt MyDigital ID, it will be an easy job for us (to convince the public) moving forward,” he added.
MyDigital ID acting CEO Mohd Mirza Mohamed NoorTo facilitate the integration with services with the private sector, Mirza said a development sandbox will be launched in May so tests can be done to ensure their two services can work together smoothly.
As for the public registration process, Mirza said this will be done online through facial recognition, which will be compared to the National Registration Department’s (NRD) database for verification.
Alternatively, registration kiosks equipped with fingerprint readers will be set up at NRD offices and later expanded to rural and remote areas.
Safety features
Once a user’s identity is confirmed, a digital certificate valid for a year will be issued and tied to the user’s phone. This certificate will be used to represent the user for authenticating various online transactions. 
Only one phone can be linked to each user. Accessing it requires a password.
If the certificate needs to be revoked, such as if the user has lost his phone or is migrating to a new one, the procedure must be done at a kiosk.
Mirza explained this is a safety feature to prevent unauthorised persons from revoking another person’s digital certificate or impersonating them since the process requires fingerprint verification with a MyKad.
While registration is not mandatory and will not replace the MyKad as an identity document, he expressed hope that everyone with a MyKad will sign up by the end of the year. - Mkini

---