Hong Kong crypto platforms must stop using one-time passwords (OTPs) for client logins and device registration by July 8, 2027.
According to NS3.AI, a July 9 circular said OTPs do not meet the phishing-resistant authentication standard for those two processes.
The circular leaves other uses of OTPs unchanged.
The Securities and Futures Commission (SFC) said firms can be held accountable for client losses when inadequate measures fail to prevent large-scale unauthorized transactions following hacking incidents.
Hong Kong Requires Crypto Platforms to Stop Using One-Time Passwords for Logins by July 8, 2027
2026-07-10 16:36:25
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.