Identity

Hong Kong SFC mandates stronger login security for crypto platforms

Cryptocurrency on Binance trading app, Bitcoin BTC with altcoin digital coin crypto currency, BNB, Ethereum, Dogecoin, Cardano, defi p2p decentralized fintech market

Coverage from Coin Central indicates that Hong Kong's Securities and Futures Commission (SFC) has issued new directives requiring cryptocurrency platforms and online brokers to enhance their client login security measures. This regulatory action aims to combat rising threats such as account takeovers, phishing scams, and the exploitation of stolen client credentials.

The SFC has mandated that all virtual asset trading platforms and internet brokers must replace one-time password (OTP) logins, including those sent via SMS and email, with phishing-resistant authentication methods within 12 months. Acceptable alternatives include passkeys and hardware security keys. Large online brokers are expected to implement these stronger controls immediately. In addition to improved login security, firms must enhance their monitoring of login, trading, and withdrawal activities to detect suspicious patterns.

The SFC also emphasized that senior management will be held accountable for any control failures that lead to client losses, increasing pressure on firms to bolster their prevention, response, and oversight mechanisms. This move by Hong Kong reflects a broader trend among regulators to address increasing cybersecurity risks in the digital asset markets, particularly in light of significant fraud and phishing incidents reported globally.

Source: Coin Central

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds