Taiwanese regulator set to launch crypto custody pilot

Global crypto exchange Binance has carried out a survey which reveals that the security habits of Asian platform users are evolving positively.Photo by Vadim Artyukhin on UnsplashUsers responding to more sophisticated scamsIn a blog post published by the crypto exchange platform on May 6, Binance revealed that it had carried out a survey of nearly 30,000 platform users across Asia. The company’s takeaway following analysis of the survey data is that “scams are evolving — and so are crypto users.” The firm suggested that users are “stepping up their security game,” with exchanges facing growing demand from their users for real-time protection and smarter security tools. Increasing use of 2FAThe exchange platform found that 80.5% of survey respondents now use Binance two-factor authentication (2FA). While the use of 2FA is definitely a move in the right direction, it doesn’t guarantee the safety of a user’s digital assets.  In an article published by Forbes last month Forbes Contributor Davey Winder warned that infostealer malware can compromise 2FA codes in as little as 10 seconds. In June of last year, an OKX user lost $2 million in crypto to a hacker who utilized AI despite the victim having used Google’s 2FA. Double-checking transfersThe survey found that 73.3% of users double-check transfers before sending digital assets. Due to the nature of decentralized cryptocurrency, crypto transactions are not easily reversed and are usually irreversible. That puts a greater responsibility on crypto users to ensure that they are sending funds to the appropriate wallet address. Double-checking transfer addresses is not only necessary due to human error. Malware is also used by hackers to spoof such addresses, tricking the sender into sending the digital assets to their address rather than the one that was originally intended. It emerged in May 2024 that a Bitcoin trader had lost more than $70 million in Bitcoin in an “address poisoning” scam. Binance itself had warned users last September that “clipper malware,” which intercepts clipboard data on a user’s phone or desktop, replacing copied wallet addresses with alternative addresses under the hacker’s control, is increasingly being employed in hacking attempts. While the survey has revealed a positive evolution in the security habits of Asian platform users, there’s still room for further improvement. Just 17.6% of survey respondents utilize address whitelisting, a measure that restricts account user access to a safe list of pre-defined trusted addresses. Only 21.5% of survey respondents use anti-phishing codes as a security mechanism. The objective of phishing is to steal data, install malware on a user’s device or otherwise gain account access. An anti-phishing code aids the user in verifying the authenticity of emails and texts from a specific service. Security remains a major issue within crypto. Last month, hackers employed social engineering tactics to steal $330 million in Bitcoin from an elderly American victim. Exchange platforms themselves continue to struggle to safeguard user funds. Earlier this year, Binance competitor, Dubai-headquartered Bybit, suffered a $1.5 billion hack believed to have been perpetrated by North Korea’s Lazarus Group. Lazarus is also thought to have been behind a $235 million crypto theft at Indian crypto exchange WazirX in July 2024.

Korea’s KFTC launches blockchain-powered loan service for public servantsThe Korea Financial Telecommunications and Clearings Institute (KFTC) today launched a new blockchain-based loan service tailored specifically for public servants. This initiative is a collaborative effort with the Government Employees Pension Service (GEPS) and involves five banks: BNK Kyongnam Bank, Busan Bank, Woori Bank, Kwangju Bank and Jeonbuk Bank.Photo by REDioACTIVE on PixabaySimplified loan processAdministered by GEPS, this loan program offers loans up to KRW 50 million (approximately $38,600) to government employees based on their projected retirement benefits and years of service. Leveraging the joint financial blockchain system, KFTC has established an infrastructure to issue and verify digital loan recommendation letters, simplifying the loan application process for public servants.Up until now, the loan application process has been cumbersome, requiring government employees to obtain a recommendation letter from GEPS and physically submit it at a bank branch. The new service streamlines this process by allowing them to apply for loans at bank branches or through mobile banking using digitized recommendation letters.More banks to joinKFTC and GEPS are set to increase the number of participating banks, allowing government employees to access loan services at a total of 10 banks. Furthermore, KFTC and GEPS intend to introduce additional financial products that utilize recommendation letters and verification processes underpinned by blockchain technology.The plan indicates that starting early next year, five additional banks will participate in this initiative. These banks are KB Kookmin Bank, Nonghyup Bank, Daegu Bank, Hana Bank and Korea Post.In a statement, KFTC stated its plans to further expand identification verification services within the financial sector, aiming to streamline the application processes for various financial products, including deposits and loans.

The Korea Insurance Institute (KII), an incorporated association that trains insurance professionals, has initiated a phased process to become South Korea's first institution to hold Bitcoin (BTC), while the national tax agency is moving to enlist private crypto custodians following a recent security breach, local media reported.Photo by Kanchanara on UnsplashThe non-profit KII has established a digital asset review committee to establish internal regulations for managing cryptocurrencies as institutional holdings, Yonhap Infomax reported. The move is designed to prepare for an upcoming legal framework governing Korean won-backed stablecoins. While retail crypto investment is legal in South Korea, corporate and institutional participation remains tightly restricted. However, the institute noted that KII could still acquire digital assets through an existing regulatory channel, as non-profit organizations are permitted to hold crypto wallets. The newly established committee will draft guidelines covering crypto operations, risk management, accounting and tax standards, and internal controls. Once the regulatory framework is in place, KII plans to spend its stablecoins to acquire BTC and Ethereum (ETH). Ha Tae-keung, president of KII, said the launch of the digital asset review committee could mark a new milestone for innovation in asset management within the finance and insurance industry. He added that the institute would seek to serve as a working model for a new financial system shaped by artificial intelligence and digital assets. Tax agency seeks custodians to manage cryptoIn parallel government developments, the National Tax Service (NTS) is pushing to select custody providers to manage confiscated digital assets as early as the first half of this year, according to a ZDNet Korea report.  The policy shift follows a security breach late last month, when confiscated cryptocurrency was stolen on two occasions after a mnemonic seed phrase was inadvertently disclosed in an NTS press release detailing on-site asset seizures from tax evaders. To prevent future breaches, an NTS task force launched earlier this month is developing comprehensive manuals for the confiscation, storage, and sale of digital assets. The group is also developing criteria for selecting custodians, including security standards, company size, and required insurance coverage under the Virtual Asset User Protection Act. A source familiar with the matter told ZDNet Korea that the NTS is assessing security standards and other key criteria ahead of selecting a custodian, adding that not all providers meet the strict requirements for government appointment. The NTS task force is also preparing to set up a dedicated digital assets division to oversee crypto issues, with final details to be determined in consultation with the Ministry of the Interior and Safety.