Hong Kong Strengthens User Protection for E-Wallets

The Hong Kong Monetary Authority has requested stored value facility operators and banks to adopt processes that enhance user protection, amidst a surge in cyber crimes involving fake bank websites.

The Hong Kong Monetary Authority (HKMA) on Friday requested stored value facility operators and banks to adopt processes that enhance user protection. The providers must send a SMS notification to the user to confirm the set up of direct debit authorisation (eDDA), or a two-factor authentication.

Alternatively, the user will need to make a one-time credit transfer from the relevant bank account to his electronic wallet, so as to confirm that the wallet is the same as the bank account owner. «The HKMA has completed its review on the process of electronic wallets users setting up direct debit authorisation (eDDA) through the Faster Payment System (FPS),» the authority announced on its website.

Surge in Fake Bank Websites

Hong Kong has seen a surge in incidents of fake bank websites and phishing attempts, as reported by finews.asia. In August alone, there were 15 reports of such incidents, compared with only two cases in the same month a year ago, according to figures from the Hong Kong Monetary Authority (HKMA). In September, seven incidents were reported, up from one a year ago.

More Comprehensive Protection

In order to provide more comprehensive protection to users, the proposed processes will apply to direct debit services conducted through both FPS and non-FPS channels. 

To implement these processes, direct debit services through both channels have been temporarily suspended. However, the resumption of services using these enhanced process is expected to begin incrementally starting from this week.