Have a new system for public? Test it rigorously first

All my attempts to apply for a SingPass two-factor authentication (2FA) have disappeared into a black hole.

Late last year, I was instructed to obtain a 2FA to make government transactions more secure.

But none of the options on the relevant website applied to me, as I live overseas.

After several e-mails and submitting scans of various documents, my application ground to a halt. I could not proceed with the registration online.

I called the helpline, whereupon a robotic voice took me from one option to another and landed me back at square one.

When I finally spoke to a human officer, I discovered that Assurity, the private company charged with dishing out 2FAs, has no records of my London address to which a token is supposed to be sent, and it insisted that it could not send one to my Singapore address.

I had to go down in person, I was told, and at least this helped resolve the matter.

If I did not happen to be back in Singapore, I would forever be locked out of the Singapore system. I could not even renew my passport.

This is not a complaint about personal inefficiency or individual unpleasantness.

It is a reminder that if the authorities wish to attempt such an onerous exercise, then the system should first be piloted with a group of disparate potential users.

Why allow only users of Singapore-registered mobile phones?

Call in some user-experience experts, test every scenario, and note that Singaporeans living overseas are as varied as they can get.

If the authorities cannot exhaust the ways of dealing with anomalies, then at least have an option within the protocol to deal with such matters satisfactorily.

Lee Siew Peng (Dr)

A version of this article appeared in the print edition of The Straits Times on July 07, 2017, with the headline 'Have a new system for public? Test it rigorously first'. Print Edition | Subscribe