Public frustration with digital security systems often stems from low awareness of cyber risks and protections: Cyber group
PETALING JAYA: The mandatory shift to MyDigital ID for MyJPJ access has triggered login disruptions for some users, with cybersecurity experts attributing the glitches to high traffic, expired credentials and incomplete authentication during the early phase of implementation.
Malaysia Cyber Consumer Association president Sirajuddin Jalil said while the association has not received specific consumer complaints on MyDigital ID, issues such as failed logins, “Unknown Error 302”, session timeouts and unsuccessful registration attempts should not be dismissed.
He said such disruptions are commonly seen when a major digital system change coincides with heavy user demand.
“Perhaps it happened because there were too many users.
The average registration is more than 100,000 a day. So, if we are talking about registration errors, maybe some people have experienced that.
“We cannot deny it. But we have not received any specific consumer reports about problems with MyDigital ID.”
The issue surfaced after MyDigital ID became the sole login method for MyJPJ from May 1, requiring users to authenticate their identity via the national digital identity platform before accessing Road Transport Department services.
A local English daily recently reported that some users encountered login problems after the switch, including one case in which an account could not be accessed after prolonged inactivity.
The user was reportedly advised by customer service to revoke the MyDigital ID and re-register through the app.
Sirajuddin, who is also a National Cyber Security Agency committee member, emphasised that such cases could be linked to expired digital credentials as the system requires annual renewal.
“MyDigital ID has to be renewed once a year. If customer service told him to cancel or revoke his MyDigital ID and register again, then yes, that is because when it has expired, that is what needs to be done.”
On the “Unknown Error 302” message, he said it could point to a failed or incomplete authentication session during login.
He explained that the system may have attempted to redirect users during verification but the process could have broken down due to congestion, expired sessions or temporary technical interruptions.
“Since that was the first day, I am not surprised if there were teething issues. People who are not used to logging in to MyJPJ may have also tried to test it at the same time, leading to high traffic.”
Sirajuddin said public frustration with digital security systems often stems from low awareness of cyber risks and protections.
“When the public does not understand the threat, any security effort made by cybersecurity agencies becomes difficult for them to accept.
“Any initiative involving digital security is meant to improve user and national security, whether for government digital services, private platforms or the digital safety of users.”
He added that users often resort to weak passwords due to convenience, particularly during urgent transactions.
He also said MyDigital ID strengthens protection by linking a digital key stored in the user’s device with biometric verification such as facial recognition or fingerprint authentication.
“With digital ID, the key is in your phone. When you want to log in using MyDigital ID, the digital key is combined with your biometrics.
“Usually, we have a password and then two-factor authentication. MyDigital ID is an advanced security method for this.”
