Efficient & Standardized

Centralized gateway for efficient data sharing based on common data and API standards.

Secure Infrastructure

A Singapore government-owned and operated infrastructure that uses National Digital Identity (SingPass) authentication and consent framework.

Consent-driven Retrievals

Financial data can be retrieved only through the individual’s explicit consent, whose identity must be verified through SingPass.

Data Privacy

Designed to ensure data protection and privacy of personal financial information. SGFinDex will only transmit but neither store nor read the user’s financial data.

Data Encryption

Users’ personal financial data is encrypted when it is retrieved through SGFinDex. Only the site that the user has authorized to receive the data can decrypt it.

Authentication and Authorization Needs of SGFinDex

i-Sprint provides products to help companies that want to implement SGFinDex with the authentication and authorization integration needs. i-Sprint’s AccessMatrix Universal Access Management (UAM) supports OAuth 2.0, OpenID Connect (OIDC), and it stores user granted scope/consent. UAM also provides endpoints to handle or support SGFinDex specific enhancements on top of the standard OAuth 2.0/ OIDC, such as:

• Provides Access Token in SGFinDex JSON Web Token (JWT) format
• Provides Token and revocation endpoints to support SGFinDex payload
• Provides Application Programming Interfaces (APIs) to web service
• API Gateway to validate Signature parameter (JWT)
• Sign and encrypt the response

With i-Sprint expertise, we could help your organization roll out SGFinDex usage in your projects faster and more securely.

If your organizations require more stringent security measures, i-Sprint’s AccessMatrix suite of solutions also support

• End-To-End-Encryption Authentication (E2EEA) – protecting pins and sensitive data at every stage of the data’s lifecycle
• Multi-factors Authentication – providing a second layer of authentication to verify user/ access, such as One-time-Password (OTP)