Payments News from Glenbrook Partners
Glenbrook   Book   Education   Views   Archives   Store   Advertise   About         SUBSCRIBE:

Hong Kong Monetary Authority To Require Two-Factor Authentication For Online Banking

Doug Crets reports from Hong Kong for The Standard regarding new requirements by the Hong Kong Monetary Authority to require that banks move to two-factor authentication for online banking access beginning next month.

The Authority's press release announcing the move is available online as well as the text of a brief speech on the subject of two-factor authentication by Mr William Ryback, Deputy Chief Executive, Hong Kong Monetary Authority.

“Two-factor authentication further strengthens the security controls of Internet banking and protects bank customers from Internet banking frauds," said Mr William Ryback, Deputy Chief Executive of the HKMA.

“Hong Kong is one of the first places amongst the developed financial markets to establish such a regulatory requirement which enables Internet banking to continue to flourish under a safe and sound environment."

The Authority has also posted some initial consumer information explaining two-factor authentication.

“To help the public familiarise with the significance, benefits and usage of the brand-new two-factor authentication, we will immediately launch a customer education programme. I am confident that, with the concerted efforts of the banking industry, the HKMA, the HKPF and the general public at large, we can ensure the convenience and safety of Internet banking for all in Hong Kong," said Mr He Guangbei, Chairman of HKAB.

“When managing finances through Internet banking, we must be careful," said Mr Man Chi-hung, Senior Superintendent (Technology Crime), Commercial Crime Bureau, HKPF. “Two-factor authentication will be added security in Internet banking. Hong Kong will continue to be one of the safest and most stable societies in the World."

The authentication will take three forms, but it will be up to the banks to decide which one to use and what choices will be available to their customers, said Li.

Two of the three forms utilize codes sent through SMS text messages, and a one-time code sent through a hand-held digital code unit that some banks, including HSBC, will give to their customers. According to the HSBC Web site, the device will be given to customers in stages.

The third involves using a Hong Kong smart identity card reader, which reads a one-time digital certificate during a transaction.

Add your comment... (note that all comments are reviewed before they're published)

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.