The Economy Ministry has thanked a netizen who found a loophole within its system which allowed third parties to use identity card (IC) numbers to override passwords in the newly launched Central Database Hub (Padu).
"We are constantly monitoring external feedback. We are doing the necessary improvements.
"Thank you for the comment which we view as positive criticism," the ministry said on its official X account.
The minister was responding to an X user who showed how he used Padu's Application Programming Interface (API) to override a third party's password using just the person's IC number.
An API is a software intermediary that allows two applications to talk to each other.
Soon after the social media user - who said he was a developer - made the posting, the API was changed.
Chief statistician Mohd Uzir Mahidin also thanked the netizen.
The Statistics Department is among the agencies responsible for Padu, a system built and maintained entirely by the civil service.
This was among several other complaints on social media, including from former deputy minister Ong Kian Ming, who alleged that he could use the IC number of others to register them on Padu.
After he did so, Ong said, the owners of those IC numbers were unable to register themselves even though he had not undergone the verification process required.
E-KYC
The verification process - known as electronic Know Your Customer (e-KYC) - requires registrants to upload a photograph of their IC to verify their identity.
Ong also claimed it could take up to three days for the e-KYC process to be completed.
As such, he urged Malaysians to swiftly register to avoid the hassle of recovering their account from a third party.
However, Economy Minister Rafizi Ramli said the e-KYC could be completed within minutes and that registrations are not considered complete if the e-KYC process is not done.
Users who are locked out of registering an account can also contact Padu's helpdesk online, through call centres, or at physical counters to regain access.
Padu's objective is to collate all the personal data held in various agencies to provide a profile of households and their disposable incomes with the objective of better targeting subsidies and assistance. - Mkini
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.