Hong Kong SFC Phases Out OTP Logins for Crypto Platforms
The post Hong Kong SFC Phases Out OTP Logins for Crypto Platforms appeared on BitcoinEthereumNews.com. Hong Kong’s SFC orders stronger login controls for brokerages and crypto platforms. OTP-based security faces phaseout as phishing and spoofing attacks target accounts. HKCERT recorded 15,877 cyber incidents in 2025, with phishing making up 57%. Hong Kong’s market regulator has moved against rising account impersonation risks, ordering internet brokerages and licensed virtual asset platforms to strengthen customer authentication. The Securities and Futures Commission (SFC) said the measure targets spoofing, stolen login data, and fraudulent device binding, all of which can expose customers to fast-moving account takeovers. SFC Moves Brokerages Beyond OTP-Based Account Security The directive applies to internet brokerage firms and SFC-licensed virtual asset trading platform operators. It requires firms to stop depending on one-time passwords for customer login and device binding. The re