Coverage from Coin Central indicates that Hong Kong's Securities and Futures Commission (SFC) has issued new directives requiring cryptocurrency platforms and online brokers to enhance their client login security measures. This regulatory action aims to combat rising threats such as account takeovers, phishing scams, and the exploitation of stolen client credentials.The SFC has mandated that all virtual asset trading platforms and internet brokers must replace one-time password (OTP) logins, including those sent via SMS and email, with phishing-resistant authentication methods within 12 months. Acceptable alternatives include passkeys and hardware security keys. Large online brokers are expected to implement these stronger controls immediately. In addition to improved login security, firms must enhance their monitoring of login, trading, and withdrawal activities to detect suspicious patterns.The SFC also emphasized that senior management will be held accountable for any control failures that lead to client losses, increasing pressure on firms to bolster their prevention, response, and oversight mechanisms. This move by Hong Kong reflects a broader trend among regulators to address increasing cybersecurity risks in the digital asset markets, particularly in light of significant fraud and phishing incidents reported globally.Source: Coin Central
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds





