Telesign system status

Telesign system status history

This page offers API uptime information for Telesign services, in addition to incident history reports and service issues alerts.

Current status Report incident History

Active events

See more

Operational

Degraded performance

Partial Outage

Major Outage

Under maintenance

📢 Regulatory Update: Singapore PDPC Advisory – NRIC Usage for Authentication (Enforcement from 1 January 2027)

Scheduled for Feb 20, 06:30 PST  -  Jul 20, 07:30 PDT

Scheduled

Dear Customer,

The Personal Data Protection Commission (PDPC) has issued a media release confirming that it will step up enforcement action from 1 January 2027 against private organisations that use full or partial NRIC (National Registration Identity Card) numbers for authentication purposes.

Organisations are expected to move away from the use of NRIC numbers for authentication and transition to more secure alternatives, as outlined in the joint advisory issued by the PDPC and the Cyber Security Agency of Singapore (CSA) in June 2025.

The use of NRIC numbers for authentication increases the risk of unauthorised access. Organisations that continue such practices may be found in breach of their obligations under Singapore’s Personal Data Protection Act (PDPA) for failing to implement reasonable security arrangements to protect personal data.

To support organisations handling personal data, including NRIC numbers, the PDPC has also published an advisory highlighting common data protection lapses and recommended remedial measures.

Organisations operating in regulated sectors should also refer to guidance issued by their respective regulators, including:

• Ministry of Health (MOH) – Healthcare sector
• Monetary Authority of Singapore (MAS) – Finance and Insurance sector
• Infocomm Media Development Authority (IMDA) – Telecommunications sector

Recommended Next Steps

We recommend that organisations:

• Review existing authentication mechanisms to identify any use of full or partial NRIC numbers;
• Transition to more secure authentication methods (e.g., multi-factor authentication, token-based authentication, or other risk-appropriate mechanisms);
• Assess internal policies, systems, and vendor arrangements to ensure alignment with PDPA security obligations;
• Document remediation plans ahead of the 1 January 2027 enforcement timeline.

We will continue to monitor regulatory updates and share further guidance as needed. Please reach out to your account manager or data protection contact should you require assistance in assessing your authentication workflows or compliance posture.
Posted Feb 20, 2026 - 06:03 PST
This scheduled maintenance affects: Regulatory Updates (APAC).
Current Status Powered by Atlassian Statuspage