Government-verified identity for anybody or any company. Protect yourself from future scam.
One-time process — takes about 5 minutes.
Takes under 60 seconds from start to finish.
Visit verify.homeauto.sg/onboard and enter your name, official registered mobile number and email.
You must confirm your organization complies with Singapore's Personal Data Protection Act. Even a masked name and mobile number are personal data — this acknowledgment is legally required before you can run verifications.
Log in with Singpass to confirm who you are — takes 10 seconds with Face ID or fingerprint.
Complete Stripe onboarding to save a credit or debit card. You are only charged when you use the service — $0.20 per verification, invoiced monthly.
After setup, your account is ready. You can start verifying customers immediately — no additional steps needed.
Log in via Singpass or WhatsApp OTP, generate a link, share it. Your customer authenticates with Singpass. Results appear on WhatsApp and your dashboard instantly.
Visit verify.homeauto.sg/portal and log in with your registered WhatsApp number (receive an OTP) or with Singpass. Session lasts 1 hour.
The system generates a secure one-time Singpass verification link tied to that number. Expires after 30 minutes.
Send via WhatsApp, email or SMS. You control the customer relationship.
They tap the link, log in with Singpass (app, face, or fingerprint). The government verifies their identity in seconds. The system cross-checks their registered Singpass mobile against the number you provided — if it doesn't match, verification is rejected.
WhatsApp: instant push notification with masked identity data.
/check dashboard: log in anytime to look up past verifications by customer phone number.
| Field | Example |
|---|---|
| Full Name (masked) | T** A* K** |
| Mobile Number | +65 9123 4567 |
| Status | ✅ Verified via Singpass |
VerifySG confirms the person is a real, Singpass-verified individual. You receive a masked name, Singpass-registered mobile and email — enough to confirm who you're dealing with, without holding sensitive personal data in the clear. Under Singapore's Personal Data Protection Act (PDPA), this minimises your organisation's data liability.
This is not self-reported. The person authenticates with the government's Singpass — the same login used by banks, government agencies, and regulated institutions. A forged NRIC can't pass.
Sometimes a customer can't or won't complete Singpass authentication. Here's what happens:
If Singpass is unavailable, the customer sees: "Singpass is currently experiencing issues. We'll resume automatically." If they cancel or the link has expired (after 30 minutes), they see: "This link has expired — please contact the business for a new one." No raw errors. No confusion.
If the customer doesn't authenticate or the phone doesn't match, you receive no message. No identity data is delivered. Log in to the portal anytime to generate a fresh link.
Every verification attempt costs $0.20 — whether the customer completes Singpass or not. The Singpass API was called, the link was generated, and the system did its work. Failed attempts appear on your monthly invoice just like successful ones.
| Item | Rate |
|---|---|
| Per verification | $0.20 (GST-exclusive) |
| GST | 9% on subtotal |
| Stripe processing | 3.4% + $0.50 per invoice |
Invoiced on the 1st of each month. Auto-charged to your saved card. Minimum invoice: $5.00 — verifications carry forward until this threshold is reached.
Sample invoice (10 verifications):
Each verification link generated costs $0.20 regardless of outcome. The Singpass OIDC API call is made when the link is created — whether the customer completes authentication or not, the system has done its work.
| Protection | How |
|---|---|
| Business access | Portal login via WhatsApp OTP or Singpass — only registered numbers can receive an OTP. Session expires after 1 hour. |
| Phone cross-check | Singpass-registered mobile number must match the phone the business provided. Mismatches are automatically rejected. |
| Personal data | Only a masked name, mobile and email are returned. Your organization must acknowledge PDPA compliance before use. |
| Identity source | Singpass login, Government Technology Agency of Singapore. Not self-reported. |
| Customer authentication | Singpass FAPI 2.0 OIDC — the same protocol used by Singapore banks. |
| Payment | Stripe — PCI DSS Level 1 compliant. Card details never touch our servers. |
| Data retention | Verification records stored for billing and audit. All identity fields are masked in display. |