Who woud trust a state owned SSO?
Here in Italy the government already has the "SPID" system (Sistema Pubblico di IDentità - Public Identity System) to access government services - but when a minister proposed to extend it to the private sector (i.e. banks) received immediate critics - the government would know what private services citizens access when and where. Singaporean may find it acceptable - given what kind of rule they are accustomed to - I believe it will be far more difficult in other counties.
Banks have already good reasons to adopt safe practices because a lot of money are at stake (and can still make the user pay) - while IoT makers race to the bottom to maximize profits, two very different sectors.
Biting the hand that feeds IT
