• Font Size:
  • S
  • M
  • L

Article NO. Content

Title:

Directions on Information and Communication Security Management and Control of New Technologies for Associations of Securities and Futures Market  CH

Announced Date: 2022.05.11 
Categories: Information Operations
Article Content Chapter Content Search Article No. Search Legislative History Chinese
Article 37     (Control and management of identity verification of electronic trading)
  1. An organization shall establish regulations governing applications, delivery, use, update and verification of identity of electronic trading.
  2. An organization shall encrypt all information relating to identity verification for electronic trading transmitted via the Internet throughout the whole transmission.
  3. An organization shall store information relating to identity verification for electronic trading after information has been hashed or encrypted.
  4. An organization shall verify the identity for electronic trading at its server to avoid the risks of verification being tampered with if it is performed on the client’s device.
  5. An organization shall use enhanced password functionality and conduct control and management, andshall always lock an account after three failed attempts toenter the correct password have taken place.
  6. An organization shall provide a method allowing periodic changes of password to its clients and implement enhanced password functionality (e.g. reminding a client to change his/her password via the method for changing the password when the same password has been in use for more than three months).
  7. An organization shall monitor and analyze the records of failed attempts to log in an account in the core system and attempts to log in a non-client account on a daily basis.