Hong Kong gives crypto platforms one year to ditch one-time passwords or cover user losses
The post Hong Kong gives crypto platforms one year to ditch one-time passwords or cover user losses appeared on BitcoinEthereumNews.com. Hong Kong crypto platforms have until July 8, 2027, to ditch one-time passwords for client logins and device registration under new security rules. By then, licensed virtual asset service providers and internet brokers must use authentication that can resist phishing for client logins and the registration or binding of devices, according to a July 9 circular. The regulator said one-time passwords, or OTPs, do not meet that standard and should not be used for those two processes. The rule applies only when clients log in or link a new device, leaving other OTP uses unchanged. Firms do not have to make existing clients rebind devices that are already linked. Large internet brokers are expected to deploy the stronger methods immediately, while the broader group has a 12-month implementation period. Related Reading Hong Kong approves 4 new crypto trading