Thursday, July 9, 2026, 23:04
Home»Cryptocurrency»Hong Kong regulators mandate phishing-resistant security for...
RSS

Hong Kong regulators mandate phishing-resistant security for crypto

Hong Kong regulators mandate phishing-resistant security for crypto

The regulator announced the new cybersecurity requirements as part of a wider effort to protect customer accounts from social engineering. Within the next 12 months, virtual asset trading platforms and online brokers must replace one-time passwords—whether sent via SMS, email, or app-generated codes—with more robust, phishing-resistant alternatives. Acceptable methods include passkeys, device binding, and hardware security keys that utilize cryptographic verification.

This shift arrives as authorities struggle to contain a surge in financial cybercrime. Counterfeiting and fraud accounted for 57% of all security incidents reported to the Hong Kong Cyber Security Accident Coordination Center throughout 2025. Dr. Ye Zhiheng, executive director of the Intermediaries Department at the China Securities Regulatory Commission, emphasized that institutions must adopt coordinated prevention and detection measures to counter these threats. The urgency is underscored by massive individual losses; recent incidents include a single investor losing $1.65 million after interacting with a malicious contract on a fraudulent exchange.

Beyond cybersecurity, Hong Kong continues to refine its broader digital asset framework. The SFC recently updated its professional certification program for virtual asset practitioners, while the Hong Kong Monetary Authority prepares to introduce the city's first regulated stablecoins by mid-2026. These moves reflect a strategy to bolster user protections while maintaining the city's status as a regulated hub for financial innovation.

Share:

Comments (0)

Leave a comment

No comments yet. Be the first!