Step-up Authentication using Push Notifications
Client-Initiated Backchannel Authentication (CIBA)
Introduction
This guide illustrates the Step-up Authentication (Push Notifications) Flow and the APIs that Relying Parties (RP) need to integrate with.
The Step-up authentication feature can be employed in use-cases where RPs require their users to perform an additional layer of authentication before proceeding on with a high-risk transaction. This kind of authentication is done by triggering a push notification to the user’s Singpass Mobile Application.
RPs who are looking to opt-in for Step-up Authentication are required to integrate with Singpass operating in the Client-initiated Backchannel Authentication (CIBA) Poll Mode (see CIBA specs). Refer to this diagram for an overview of the CIBA authentication flow between an RP, Singpass and its dependencies.

Last updated
Was this helpful?