Trusted identity certificates issued by the National Certification Authority
The National Certification Authority (NCA), Assurity Trusted Solutions, is appointed by the Government Technology Agency (as representative of the Government of Singapore). The NCA is to be responsible for the issuance and management of the digital certificates of individuals and companies.
These digital certificates are used as part of Public Key Infrastructure technology, to certify ownership of a public key by the person named in the certificate. Digital certificates can be used as a trusted means of authenticating a person's identity for the purposes of electronic transactions.
Digital certificates are stored in your Singpass app and come with a unique serial number that can be seen in the settings menu of the user's Singpass app, under "Your digital identity details".
There are currently two types of digital certifications issued by the NCA:
The authentication certificate is used with Login with Singpass. When Singpass app users scan the QR code to log in with Singpass, the authentication certificate is checked for the verification of the user's identity.
The signing certificate is used with Sign with Singpass and Authorise with Singpass in the context of transaction signing.
When a Singpass app user uses Sign with Singpass to digitally sign documents with the app, the signing certificate generates a digital signature on the electronic document. This digital signature is cryptographically linked to the signer and can be verified using the signer's public key.
For transaction signing, a Singpass app user can remotely provide transaction-related permissions to authorise a transaction to proceed. When a user successfully authorises the transaction, the transaction will be "signed" with a digital signature generated.