The safest payment system is one that doesn't exist on the card
Malaysia's redesigned national identity card marks a deliberate retreat from convenience in the name of security — a choice that reveals how much modern governance must weigh the risks embedded in everyday utility. The National Registration Department has stripped the MyKad of its Touch 'n Go contactless payment function, replacing a dual-purpose card with one hardened by 53 security features, nearly double its predecessor's protections. The move acknowledges a quiet truth: that the more a single object is asked to do, the more ways it can be exploited. In trading a tap at the toll booth for laser engraving and high-encryption chips, Malaysia is betting that safety, in the long run, is worth the friction.
- A redesigned national ID card quietly erased a payment feature millions of Malaysians had woven into their daily commutes, and the public noticed immediately.
- The National Registration Department confirmed the removal was intentional — Touch 'n Go functionality had become a recurring vulnerability in fraud discussions, and officials chose to eliminate the risk rather than patch it.
- In its place, the new MyKad carries 53 security layers — laser engraving, holograms, microtext, QR codes for law enforcement, and a high-encryption chip — more than doubling the protections of the current version.
- Reaction has divided sharply: those wary of identity theft welcomed the overhaul, while daily commuters mourned the loss of a single-swipe convenience that had quietly simplified thousands of journeys.
- The card now asks Malaysians to carry a separate payment device again — a small but real inconvenience that will test whether the public accepts security as a fair trade for lost ease.
Images of Malaysia's redesigned MyKad spread quickly across social media, and one absence drew immediate attention: the card no longer supports Touch 'n Go contactless payments. For years, Malaysians had relied on the dual-purpose document for both official identification and seamless toll and transit payments. That era is over.
The National Registration Department confirmed the change was intentional. Director-General Datuk Badrul Hisham Alias cited fraud prevention as the driving rationale — the payment feature had long been flagged in online discussions as a vulnerability to unauthorized transactions. Rather than reinforce it, officials removed it entirely. What replaced it is a substantially more fortified card: 53 security features compared to the current version's 23, including laser-engraved details, ultraviolet detection, holograms, guilloche patterns, microtext, a law enforcement QR code, and a high-encryption chip.
Public response has followed a familiar fault line. Those concerned about identity theft welcomed the overhaul as overdue. But for commuters who had come to rely on a single tap at a bus terminal or toll booth, the loss registered as genuine inconvenience — a small daily friction multiplied across countless journeys, now requiring a separate payment card once again.
The decision captures a deeper tension in identity design: a card that does more also risks more. By narrowing the MyKad's purpose and layering in advanced protections, the department has placed authentication above convenience. Whether that trade-off holds up will depend on how the new features perform in practice — and whether Malaysians come to see the inconvenience as a reasonable price for greater security.
Images and videos of Malaysia's redesigned MyKad began spreading across social media in recent weeks, and one detail stopped people mid-scroll: the card no longer works for contactless payments. For years, Malaysians had carried the dual-purpose identity card in their wallets, using it both as official identification and as a Touch 'n Go payment device for tolls and transit. That convenience is gone.
The National Registration Department confirmed the change was deliberate. Datuk Badrul Hisham Alias, the department's director-general, acknowledged that Touch 'n Go functionality had been removed entirely from the new card. The decision was made to reduce the potential for misuse and fraud—concerns that had circulated repeatedly in online discussions about the old system's vulnerability to unauthorized transactions. In place of that single payment feature, the new MyKad arrives with 53 security enhancements, a substantial jump from the 23 protective measures embedded in the current version.
The upgrades read like a catalog of modern identity security: laser-engraved details, ultraviolet detection capabilities, holographic elements, intricate guilloche patterns, microtext so small it requires magnification, a QR code designed for law enforcement verification, and a high-encryption chip to shield personal data from unauthorized access. Each layer adds friction to counterfeiting and tampering. Badrul Hisham offered little elaboration beyond noting that the security features were "better than what exists now," but the numbers alone signal a significant technical overhaul.
Public reaction has split along predictable lines. Many Malaysians welcomed the security improvements, particularly those concerned about identity theft and fraud. The removal of a payment function that had been a recurring target of crime discussions online struck some as overdue. Yet others registered genuine loss. The Touch 'n Go card had become woven into daily life—a single swipe at a toll booth, a tap at a bus terminal. Removing it means carrying a separate payment card again, a small friction that accumulates across thousands of commutes. For regular travelers and those who relied on the convenience, the trade-off felt steep.
The decision reflects a broader tension in identity security: the more features a card carries, the more potential vulnerabilities it presents. By stripping away the payment function and consolidating the card's purpose, the National Registration Department has chosen to prioritize authentication and fraud prevention over convenience. Whether that calculation proves correct will depend partly on how well the new security features actually perform in the field, and partly on whether Malaysians accept the inconvenience as a reasonable price for protection.
Citações Notáveis
What is certain is that it has security features that are better than what exists now— Datuk Badrul Hisham Alias, National Registration Department director-general
A Conversa do Hearth Outra perspectiva sobre a história
Why remove Touch 'n Go entirely instead of just making it more secure?
Because adding more security layers to a payment function still leaves it exposed. The safest payment system is one that doesn't exist on the card at all. They're separating concerns—identity verification on one device, payments on another.
But that's a real loss for people who used it every day.
It is. And the government seems to acknowledge that implicitly by not claiming the new card is better overall—just more secure. They're asking people to accept less convenience for more protection.
Do the 53 new features actually matter to an average person?
Most won't notice them directly. They're anti-counterfeiting measures, encryption standards, things that matter if someone tries to forge your identity or hack your data. You'll never see the ultraviolet features unless you're checking the card under a lamp.
So this is really about stopping fraud, not about improving the card for users.
Exactly. It's a security decision dressed up as a card redesign. The user experience actually gets worse—you lose a feature. But the card becomes harder to fake and your data becomes harder to steal.
Will people actually carry a separate payment card now?
They'll have to. Whether they like it or not is another question. But that's the trade-off the government has decided to make on their behalf.