The 1Malaysia E-mail Project Revisited
Since I last wrote about The 1Malaysia E-mail Project, Tricubes the company pushing it has come up with a FAQ. It has confirmed some of my thoughts and made me wonder even further how some things are going to work. I’m sitting on a plane now, with not much else to do, so why not write further thoughts…
What’s Possible (and some confirmed with the FAQ)
I initially put forward that I see this as more than just an e-mail project, and believe it to be related to being an ID-based project for one to use government services. I also posited that it would have an API similar to Facebook Connect.
With an ID that is tied to your IC number, you’re going to get single sign on (SSO) across all government services. It only makes sense, considering today to file your taxes, you have one login, to do stuff with the road transport department, you have another and so on. This is now confirmed in the FAQ.
And rather than have an email account that you will probably not use, you will see a floating toolbar, like the Google Friend Connect social bar (that ran on this site before, and was later disabled). When you login to perform your online banking (which may connect via the API), you will see these messages.
Let’s go even further. All Malaysians carry an IC, and its called a MyKad. This MyKad has a smart chip (it is essentially a smart card). Why not give out smart card readers to everyone with a 1Malaysia e-mail account, so that you get two-factor authentication automatically? I have seen smart card readers with fingerprint scanners sell for pretty cheap in bulk, so I doubt this is far-fetched as an idea. This is now generally confirmed in the FAQ.
Will citizens become more civic-minded now that they have easy access to contacting the government? If I see a pothole, am I more likely to send an email now? Will it then go into the correct queue in the customer relationship management (CRM) system that the government is running, and will my problem get fixed? Can I file police reports about break-in’s, and other crimes without spending an hour at the police station? This could be a good thing in a way ;)
Above, I did not address things like: terms of service, privacy policy, and even an ethics policy. If your bank had SSO with the same systems that the tax department had, it could do wonders for revenue collection, but at the same time, is not something people would want. Another thing I have not addressed if this whole two-factor authentication with the smart card reader+MyKad working with all operating systems — this is likely Microsoft technology, and Mac OS X and Linux users might be left out (which would be a step back if this happens).
Remember, all this has to happen by 2020, so Tricubes and their partners have a pretty long future ahead of them.
So while these accounts are not compulsory, the key performance indicators are such that every adult above the age of 18 get on this service by 2015, is quite achievable. If you want to deal with the government, you get an account. Plain and simple. And while you may not be paying taxes yet, you will very likely have an EPF account, and that alone is enough to give you this ID.
Just remember, no one is forcing you to use this for your own personal email.
Its called myemail
I’m glad it’s not called 1Malaysia email and you’re not foo@1malaysia.com.my. You really are using the service called myemail, and you are basically foo@myemail.my. That’s not too bad for an address, no?
There is a “What’s myemail” page which is well worth reading (when the site is up). It claims a lot of storage – 25GB for every user. You also get access to Microsoft Office Live as I initially speculated.
Some pickings from the FAQ
It’s a long read, but here are some quick thoughts:
- “Malaysian Email” means the service is operated and hosted by a Malaysian company. Tricubes is Malaysian, but their partnership with Microsoft means that they’re getting lots of tech from them. Email, ID, possibly the API and more all seem to come from Microsoft, with maybe only the MyKad reader coming from Tricubes. Does this qualify that its operated and hosted by a Malaysian company? Currently its hosted overseas, but will we see data centers here in Malaysia by then?
- Revenues seem to be generated by eating away the pie of POS Malaysia. I cannot imagine the postal service being too happy about this. But we are moving forward, and will this also mean that scanned receipts and documents are now going to be accepted by the government?
- More revenues from advertising it seems. I presume this will be very much like how webmail like Gmail works — comb through your contents and habits and show you the most interesting ads.
- Revenue from creating an online marketplace could be interesting. Today, eBay, Lelong, Mudah and others have no way to say you’re you. eBay has ratings but that doesn’t mean you’re you. Imagine if the API is extended so that your trading ID had a link to your national ID? No more back-out buyers! Again, we come back to security, privacy, ethics though… Elsewhere, imagine social purchasing — your neighbour just installed a water filter
- On security… entire session works via data encryption, which basically is HTTPS/SSL. The end points, access to the server, etc. by administrators is of course possible, but I’m sure there will be checks and balances here (all large services do). Again, no one said you needed to use this for all communication, and let’s give them a chance to come up with a good policy first.
Concluding thoughts for the moment
No mention of how the API will work. Will they allow any agency or even GLC access to the API. Will they charge for access (this is quite likely)? How much data will be exposed? Will the user get to choose what is exposed (Facebook Apps ask you this today for example — users probably blindly click “accept”, but know there’s a choice available)?
I’d advise Tricubes to start getting into using social media a little more. People are liking their Facebook page just so that they could write hate comments on it. Plenty of social media consultants around who can help rehabilitate their image. Also, skip calling it an “email project” and call it an “ID project”. Or a “single-sign-on with two-factor authentication project”.
I’m still wondering where MyEG fits into all of this. There’s a story waiting there. An acquisition? ;-)