Researchers give Malaysian gov’t lengthy digital ID to-do list

Policy research non-profit the Khazanah Research Institute has noted in a discussion paper that Malaysia’s national digital identity (MyDigital ID) demonstrates significant strengths across key determinant factors for an effective system. However, the Institute argues that further improvements and refinements are needed if authorities aim for long-term effectiveness and impact.

MyDigital ID was launched by the Malaysian government in 2023 as a tool to enable citizens and legal residents to authenticate themselves for access to public services. Today, it is used as a single sign-on (SSO) platform to access more than 80 government and regulated private sector services.

Earlier this year, the government stated that over 8.7 million people had registered for MyDigital ID, approximately halfway toward the target of 15 million registrations set for the end of this year.

According to the paper, titled Assessing and Optimising MyDigital ID, the national identity credential follows several international best practices, including security standards, privacy-by-design, a governance framework that clearly distributes responsibility, and the continuous integration of important public services, which is driving adoption.

Despite these strong points, the research calls on the government to take more decisive action to bring greater clarity to the development and management of the country’s digital ID system.

According to the report, such actions include “strengthening the statutory framework for digital identity, enhancing institutional coordination and accountability, supporting public trust through transparency and engagement, developing a more explicit inclusion and accessibility strategy, and reinforcing technical resilience through open standards, interoperability governance, and sustainable funding.”

Specifically, the publication urges authorities to formalize the long-term credential lifecycle process, push for critical mass adoption, establish an independent oversight body, clarify enforcement mechanisms and user redress pathways, formalize a national inclusion strategy as an ongoing concern rather than a one-time rollout objective, expand eligibility for the digital ID beyond MyKad holders to all legal residents, put in place clearer funding mechanisms, and ensure vendor neutrality by prioritizing open standards.

The paper also analyzes three mature digital ID systems from around the world, namely, e-ID in Estonia, SingPass in Singapore, and Aadhaar in India. It demonstrates how their alignment between governance frameworks and technical systems, and not technology alone, can lead to a digital ID system that effectively meets the needs of the people.

Identity in access management

Meanwhile, an opinion piece published by the New Straits Times, Prabhuraj Patil, senior director of Physical Access Control Solutions for ASEAN and the Indian Subcontinent at HID Global, explores the implications of Malaysia’s evolving digital ID system for enterprise access control. He emphasizes the importance of identity to security, and warns of the risks if investment in that area is deferred due to budgetary constraints or other priorities.

In the piece, Patil makes the case for converged identity systems and cites MyDigital ID as a major regional initiative moving in that direction. The executive highlights the need for integrated, identity-centric access management and the relevance of unified frameworks for access management.

He also praises MyDigital ID’s expansion as a necessary digital infrastructure for Malaysia’s ongoing evolution, notably its role as a modern identity authentication method as physical and logical access converge.

Article Topics

digital ID  |  digital ID infrastructure  |  digital public infrastructure  |  Malaysia  |  MyDigital ID