Now Reading
Padu Has Registration & Security Issues But It’s Getting Fixed One By One

Padu Has Registration & Security Issues But It’s Getting Fixed One By One

Some people encountered registration issues and exposed a security flaw in the Padu system.

Subscribe to our FREE Newsletter, or Telegram and WhatsApp channels for the latest stories and updates.

The registration for Padu, which will last for three months until 31 March 2024, started yesterday (2 January).

READ MORE: Padu Is Live And Open For Registration For 3 Months

To register for a Padu account, members of the public need to provide their full name, NRIC number, a matching passcode, and a valid phone number to receive an OTP (One-time passcode).

Next, users need to perform an eKYC step (uploading a selfie and a photo of their NRIC) to verify their account. There’s an option to skip the eKYC step and the account will be created under the person’s NRIC number.

Once registered, no one can register for a Padu account using your already-registered NRIC number.

Registration issues have arisen

Unfortunately, Malaysians who tried to sign up have encountered several registration issues such as the failure to receive an OTP.

However, what was worrying was the ability to register an account using someone else’s details such as Identification Card number and postcode.

Some Twitter users have tried this and shown that it was a legitimate security oversight in the Padu system.

Former Deputy International Trade and Industry Minister Ong Kian Ming managed to register four separate accounts under the names of his colleagues namely Youth and Sports Minister Hannah Yeoh, Communications Deputy Minister Teo Nie Ching, Deputy International Trade and Industry Minister Liew Chin Tong, and Human Resources Minister Steven Sim.

Ong advised Malaysians to quickly register their Padu account so no one could use their details and effectively prevent them from opening an account.

It’s being fixed one by one

In light of the cybersecurity issues, Economy Minister Rafizi Ramli tweeted to say the issues concerning Padu registration have been fixed as of 5pm yesterday (4 hours after registration opened).

Rafizi said the issues concerning Celcom users failing to receive an OTP were fixed around 3.30pm.

Rafizi explained that registration is only complete and valid if the eKYC step is completed. The eKYC step is the last step of registration to make the account-creating process easier.

He also rubbished the claims that the eKYC approval takes three days. He said the approval only took less than five minutes.

Rafizi advised members of the public to head to the Helpdesk if they discover others have used their identities to register a Padu account.

He added that users cannot see complete data in the Padu system for security and privacy purposes.

READ MORE: Security Audits On PADU Database System Crucial To Protect Personal Data

Share your thoughts with us via TRP’s FacebookTwitterInstagram, or Threads.

Get more stories like this to your inbox by signing up for our newsletter.

© 2024 The Rakyat Post. All Rights Reserved. Owned by 3rd Wave Media Sdn Bhd