Two Factor Authentication

Two-factor Authentication Tools

To enhance the online security level, the Internet Banking Service of the Company (except Po Sang) provides customers with a comprehensive range of two-factor authentication tools to safeguard the designated transactions and designated investment transactions* performed by customers via Internet Banking / Mobile Banking.

Types of Two-factor Authentication Tools:

“Mobile Token”

Mobile Token is a built-in function of BOCHK Mobile Banking. Once the Mobile Token is activated, you will be spared the hassle of carrying a separate physical Security Device to truly enjoy convenient and secure banking.

Upon activating the Mobile Token on compatible mobile devices, you can confirm designated Mobile Banking transactions or designated investment transactions* via the preset Mobile Token passcode or using Biometric Authentication. In addition, you can also confirm designated Internet Banking transactions or designated investment transactions* by generating a one-time Security Code/ Transaction Confirmation Code via the Mobile Token.

Features:

More convenient

Free from the hassle of carrying a separate physical Security Device
More simple

Confirm various transactions, such as third-party fund transfer, investment transactions, and more
More secure

  • Biometric Authentication (Fingerprint/ Face ID)
  • Preset Mobile Token passcode to enable the Mobile Token

 

Biometric Authentication

You can register Biometric Authentication (Fingerprint Authentication or Face ID Authentication) on your mobile device for the following services when you activate the Mobile Token on Mobile Banking:

  • Login to Mobile Banking
  • Enable the Mobile Token to confirm designated Mobile Banking transactions or designated investment transactions*
  • Enable the Mobile Token to generate a one-time Security Code/ Transaction Confirmation Code to confirm designated Internet Banking transactions or designated investment transactions*

 

Activating the Mobile Token

 

Operating system requirements and compatible mobile devices:

 

Operating System
iOS Android
Mobile Token iOS 9.0 or above



  • Fingerprint Authentication (iPhone 5s or higher)
  • Face ID Authentication (iPhone X,iOS 11.0 or above)
Samsung, Huawei, Xiaomi, LG, Sony, HTC and Nokia mobile phones with Android 6.0 or above

  • Fingerprint Authentication (Depending on the availability of fingerprint recognition function of the device)

 

Download Mobile Banking:

Please download BOCHK Mobile Banking now to activate the Mobile Token


BOCHK Mobile App provides you with one-stop banking and investment services, as well as the latest financial information, helping you manage your wealth flexibly.

Download now
 

Android application package**
Version: 6.0.8
Updated on: 16 September 2018

 

Points to Note for “Mobile Token”:

  • For security reasons, customer can only activate “Mobile Token” on one mobile phone
  • Upon successfully activation of “Mobile Token”, the “Security Device” (if any) will be suspended. For reactivation of “Security Device”, customers are required to suspend the “Mobile Token” on your mobile phone.
  • Please keep your mobile phone that has activated “Mobile Token” function in a safe and secure place. In case of loss or damage, please suspend the “Mobile Token” and contact our staff members immediately.

Remarks:

  • Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Android, Google Play, and the Google Play logo are trademarks of Google Inc.

 

“Security Device”

Personal Internet Banking customers (except BOC Credit Card and Po Sang) can visit any of our branches to apply for “Security Device”. Corporate Internet Banking primary users can apply “Security Device” through Corporate Internet Banking or submit application form to any of our branches.

 

Points to Note for “Security Device”:

  • Upon receipt of the "Security Device", please log into the Internet Banking immediately and follow the instructions to activate the "Security Device".
  • Please keep your "Security Device" in a safe and secure place. Do not allow anyone to use your "Security Device" or leave it unattended. In case of loss or damage, please contact our staff members immediately.

 

“e-Certificate”

Corporate Internet Banking customers can apply for “e-Certificate” as the two-factor authentication tool by submitting the application form to any of our branches. Upon completion of application, “e-Certificate” will be mailed to the registered correspondence address of the customers.

 

“SMS One-Time Password”

Personal Internet Banking customers can receive a SMS one-time password through the customers’ registered mobile phone number to conduct designated investment transactions*.

 

Remarks:

Designated transactions:

  • Registration of third-party accounts
  • Issuing e-cheque(s)/e-cashier's order(s)
  • Payment of bills
  • Increase transaction limit
  • Other high-risk transactions

 

Designated investment transactions:

  • Securities / Securities Margin in different markets

    • Trading
    • Monthly Stocks Savings Plan
    • eIPO – Subscription / Financing

  • Debt Securities / Certificates of Deposit

    • IPO
    • Buy / Sell

  • Funds

    • Subscribe
    • Redeem / Switch
    • Monthly Funds Savings Plan

  • Precious Metal/FX Margin

    • Market Order
    • Good-Till-Date Order (include Trading/Delete)

  • Precious Metal Passbook

    • Trading

  • Structured Investments

    • Application

  • Investment Deposit

    • Application

  • Currency Linked Investments

    • Open Dual Currency Investment
    • Open Option Linked Investment
    • Squaring Contract