Back Custom print Link Text Only Rich Text Print

  • Multi Factor Authentication

    • SIO-9.7.1

      Stablecoin issuers must ensure that every client account is secured to prevent any unauthorized access to or use of client account.

      Added: July 2025

    • SIO-9.7.2

      Stablecoin issuers must use multi-factor authentication (two or more factors) to authenticate the identity and authorisation of clients with whom it conducts business. Licensees must, at a minimum, establish adequate security features for client authentication including the use of at least two of the following three elements:

      (a) Knowledge (something that only the user knows), such as a pin or password;
      (b) Possession (something only the user possesses such as a mobile phone, smart watch, smart card or a token; and
      (c) Inherence (something that the user is), such as fingerprint, facial recognition, voice patterns, DNA signature and iris format.
      Added: July 2025

    • SIO-9.7.3

      Stablecoin issuers must ensure that at least one of the factors for authentication referred to in Paragraph SIO-9.7.2 is a dynamic or non-replicable factor unless one of the factors is inherence.

      Added: July 2025

    • SIO-9.7.4

      For the purpose of Paragraph SIO-9.7.2, stablecoin issuers must ensure that the authentication elements are independent from each other, in that the breach of one does not compromise the reliability of the other and are sufficiently complex to prevent forgery.

      Added: July 2025