The Hong Kong Securities and Futures Commission (SFC) has instructed online brokerages and cryptocurrency trading platforms to cease using one-time password (OTP) authentication for logins and device registration, and to adopt new security systems. According to The Block, this measure was implemented to prevent account hijacking, financial fraud, and spoofing attacks. The SFC stated that companies should adopt authentication methods that prevent identity spoofing, such as passkeys and device binding, instead of OTPs for customer logins and device registration.