Tweak SMS system for passwords

I fear that the Government's move to implement two-factor authentication (2FA) for sensitive e-transactions will be fraught with problems ("Signed up yet for new SingPass feature?"; last Saturday).

With the popularity of instant messaging systems, SMS is passe.

I have noticed that now, SMS messages frequently take more time than usual to be sent and received. Several times, the message fails to be sent or received.

Given the rise of instant messaging, I doubt the telcos will put money into upgrading their SMS systems.

However, using SMS is still the more convenient choice, compared with the security token.

There is always the fear of losing the token and the inconvenience of replacing it.

When I applied for the 2FA a few months ago, the SMS containing the one-time password took such a long time to arrive that the transaction timed out. This happened four times and caused much frustration.

Imagine if this happens to hundreds of thousands of users trying to get something done online.

Perhaps the one-time password can be valid for a longer time, to allow for delays in receiving the SMS and to ensure transactions can be completed on the first attempt.

Chong Kek Shin

A version of this article appeared in the print edition of The Straits Times on February 04, 2016, with the headline 'Tweak SMS system for passwords'. Print Edition | Subscribe