Introducing a new way to log on

Overview

We know how important it is for you to bank safely, that's why we are updating the way to log on and making it available to customers in stages. We will notify you on the details before activating the new log-on method for you.

You can now activate Mobile Security Key to bind with your device so only a limited number of devices can log on to your account. You can also trust a browser to verify your identity for a simpler log-on.

Make sure your mobile number and email address are accurate and up-to-date in our record, otherwise you will not be able to log on.

Key updates

When you are using the new way to log on to Personal e-Banking (Desktop version)

You will only need to enter your second password in full. Your first password will no longer be in use.

In the past, when you logged on with dual passwords, you were required to enter your first password in full and 3 randomly selected characters from your second password to log on:

In the new way to log on, you can still use your password, but only the second password in full[1]:

If you want to know why the new log-on method uses the second password in full but not the first password, please refer to FAQs.

When you log on to Hang Seng Mobile App and need to activate Mobile Security Key 

You will need to enter your second password in full for once to verify and set up your new "6-digit PIN" for log-on. From then on, you will not need your second password when logging on to Hang Seng Mobile App.

The new log-on method allows you to trust a browser as part of our enhanced security measures to protect your Personal e-Banking (Desktop version) against unauthorised log-on. If you want a more secure experience, we recommend trusting 1 browser on a device that belongs to you or is reliable.

If you "Trust this browser", you will only need to enter the second password in full or one-time security code the next time you log on with the same browser.

When using a new / untrusted browser to log on, we will need additional verification (enter a one-time SMS verification code or one-time security code) to confirm your identity.

If you are using the Hang Seng Mobile App, the new log-on method will require you to first bind your own device by activating Mobile Security Key[2]. Activating Mobile Security Key involves additional verification, including using "Verify with password, SMS and email" or "Security code and SMS verification". 

After verification, you will need to set-up a "6-digit PIN". You can bank safe because this "6-digit PIN" can only log on to Hang Seng Mobile App on this Mobile Security Key-binding device. You can also generate one-time security code with this "6-digit PIN" to verify your identity and log on to Personal e-Banking (Desktop version). 

After setting up a "6-digit PIN", you can also activate biometric authentication (i.e. fingerprint or face recognition). That way, log on is more secure because you can minimise the instances of you typing out the "6-digit PIN" and prevent others from obtaining your PIN. 

You can activate Mobile Security Key and bind with up to 1 device that belongs to you for more secure experience.[2]

If you need to change a new mobile device, please remove another existing Mobile Security Key-activated device(s) first. To do this you can either:

  • Log on to Personal e-Banking (Desktop version), and click "Customer Services" > "Manage Security" > "Manage Device" via left menu. Then, click "Remove device".
  • Log on to Hang Seng Mobile App, and click “Settings” > “Security-related” > “Manage Device”. Then click “Remove device” icon.

Demonstration on the new way to log on and things to note beforehand

New way to log on – Via Personal e-Banking (Desktop version)

Log on via Personal e-Banking (Desktop version)

When you log on to Personal e-Banking (Desktop version) with a new browser, you must choose whether to "Trust this browser". If you choose "Do not trust this browser", you will be required to enter a one-time SMS verification code or one-time security code every time to confirm your identity. 

If you don't want to carry your physical Security Device around, you can generate one-time security code after activating Mobile Security Key via Hang Seng Mobile App. After activation, the physical Security Device will be automatically disabled.

If you log on with a new browser

Step 1 / 6
Visit Personal e-Banking (Desktop version) log-on page, enter your username and click "Continue".

If you "Trust this browser" before and log on with the same browser

Step 1 / 3
Visit Personal e-Banking (Desktop version) log-on page, enter your username and click "Continue".

Create a "6-digit PIN" to log on via mobile app

If you are using the Hang Seng Mobile App, the new log-on method will require you to first bind your own device by activating Mobile Security Key. Activating Mobile Security Key involves additional verification. After verification, you will need to set-up a "6-digit PIN". You can bank safe because this "6-digit PIN" can only log on to Hang Seng Mobile App on this Mobile Security Key-binding device. 

After setting up a "6-digit PIN", you can also activate biometric authentication (i.e. fingerprint or face recognition). That way, log on is more secure because you can minimise the instances of you typing out the "6-digit PIN" and prevent others from obtaining your PIN. 

If you log on using dual password or physical Security Device

Step 1 / 8
Visit Hang Seng Mobile App log-on page, enter your username and tap "Log on".

If you've already activated Mobile Security Key on the same device

Step 1 / 4
Log on to Hang Seng Mobile App using "Mobile Security Key password" or Biometric Authentication (if you've enabled it).

Why is it important?

Make sure your mobile number and email address are accurate and up-to-date in our record in order to receive one-time verification code, otherwise you will not be able to activate Mobile Security Key or may not be able to log on. Please note, Mobile Security Key or physical Security Device is required for updating your contact details online.

If you want to update your contact details on Hang Seng Personal e-Banking and mobile app, please refer to FAQs section on this page.

Update via Hang Seng Mobile App

Step 1 / 4
Log on to Hang Seng Mobile App and tap "Settings" via menu.

Update via Personal e-Banking (Desktop version)

Step 1 / 2
Log on to Personal e-Banking (Desktop version), and click "Customer Services" > "Account Maintenance" > "Personal Particulars" via left menu. Then, click "Edit" (if you can't see this button, please click "Log in again with your Security Device / Mobile Security Key here" to verify your identity), then enter mobile number and/or email address, and click "Update" button at the bottom of the page.

After clicking "Confirm" on "Verify" page, you need to enter HKID number on your Hang Seng Mobile App or physical Security Device to generate a one-time security code to complete the update.

How to reset passwords?

When using the new way to log on, you will only need to enter your second password in full. Your first password will no longer be in use.

If you want to change your password before using the new log-on method, you can log on to Personal e-Banking (Desktop version), then go to "Customer Services" > "Manage Security" > "Change Password".

If you have forgotten your log-on passwords, you can reset online right away following the steps below.

If you have activated Mobile Security Key / physical Security Device

Step 1 / 6
Go to Personal e-Banking (Desktop version) log-on page, enter your username and click "Continue".

If you use dual password (you haven't activated Mobile Security Key / physical Security Device)

Step 1 / 7
Go to Personal e-Banking (Desktop version) log-on page, enter your username and click "Continue".

How to change security questions?

Security questions help reset your password when you forget it.

If you want to change the security questions and answers before using the new log-on method, you can update them online right away.

If you have forgotten your log-on passwords and answers of your security questions, please refer to "Remember your passwords" section on how to reset the password and security questions.

Step 1 / 2
Log on to Personal e-Banking (Desktop version) and select "Customer Services" > "Change Password(s) / Security Questions" > "Set up / Change Security Questions". Set up / change your security questions and answers then press "Confirm".

FAQs

Popular questions

When activating Mobile Security Key, you need to verify your identity by getting a one-time verification code sent via SMS or email. 

If neither of your mobile number or email address is correct, you will not be able to receive the one-time verification code sent, thus you will not be able to proceed with the activation.

You may also need one-time SMS verification code to log on. 

When you logged on in the past, you entered the first password in full, but only 3 randomly selected characters were required for second password. Skipping some password characters can effectively prevent others from obtaining your second password in full. Therefore, the second password is a more secure way for verifying your identity.

The new log-on method allows you to choose “Trust this browser” as part of our enhanced security measures to protect your Personal e-Banking (Desktop version) against unauthorised log-on. 

After trusting a browser, you can log on via the same browser by entering the password or one-time security code only. No additional verifications needed. For safety reason, you need to trust your browser again when there are certain changes on your device or browser, such as software version, clear cookies or using "incognito" mode.

When using a new / untrusted browser to log on, we will need additional verification (enter a one-time SMS verification code or one-time security code) to confirm your identity.

No need to worry, new log-on method has been made available to customers in stages since mid-2022. When it is your turn to use the new log-on method, we will notify you the details.

Make sure your mobile phone number and email address are up-to-date in our record to get the latest updates. If you need to update your phone number and email address, please refer to "Keep your mobile number and email address up-to-date" under "Demonstration on the new way to log on and things to note" section on this page.

Trouble shooting


Simply update online. For details on how to update, please refer to the "Keep your mobile number and email address up-to-date" section on this page.


Alternatively, you can call (852) 2822 0228 to update your information if you have maintained a mobile number in Hang Seng and also registered your Phone banking PIN.

 

Otherwise, please fill in the Add / Update mobile number / email address form, including your reference number (retrieve from the email about introducing the new way to log on sent by us), with a copy of your ID document and mail to Hang Seng Bank Ltd at GPO Box 3013. If you cannot find the reference number, please contact us to get the reference number:


If you are a Hang Seng MPF scheme member and need to update your information, please return the completed Personal Details Change Form (Sample reference on how to fill in) to Hang Seng MPF Administrator following the form instructions. For any queries, please contact Hang Seng MPF Service Hotline at (852) 2213 2213.
 
Updating your mobile number and email address can help you to activate the Mobile Security Key and log on.

Invalid one-time security code could be due to the below reasons, for example:

  • The date and time of the device have not been set automatically, please go to the settings function of the device to check and update the relevant settings
  • The username entered is incorrect
  • The 6-digit PIN entered is incorrect
  • One-time security code generated from Hang Seng Mobile App is valid, but you entered it wrongly

You can go to Hang Seng Bank Website, choose "Contact Us" at the bottom of the page, then click "Live Chat" to chat with us online.

Usage

The old way to log on is not available anymore. However, if you only use Personal e-Banking (Desktop version), you can continue to log on with your username and second password in full / physical Security Device after you "Trust this browser". On how to "Trust this browser", you can refer to the "New way to log on – Via Personal e-Banking (Desktop version)" section. 

If you need to use Hang Seng Mobile App, you must activate Mobile Security Key. After activation, the physical Security Device (if any) will be automatically disabled, so you will need to log on to Hang Seng Mobile App with "6-digit PIN" or biometric authentication.

For more details, you can go to "Banking" > "Digital Services" > "Personal Banking Mobile App" > "Mobile Security Key and Biometric Authentication" on Hang Seng Bank Website.

No, with effect from 23 July 2022, commercial customers can only log on to Hang Seng Business e-Banking. 

No, these changes only apply to Hang Seng Personal e-Banking users.

Security

The new log-on method of Hang Seng Mobile App requires you to first bind your own device by activating Mobile Security Key, and set a "6-digit PIN".

Setting up "6-digit PIN" involves additional verification, including using "Password, SMS SMS and email verification" or "Security code and verification" and binding your own device. That's why "6-digit PIN" is as secure as the alphanumeric password you were using in the past. You can be rest assured to log on and generate one-time security code with "6-digit PIN".

You need to create a 6-digit PIN that is difficult to guess and only known to you to enhance security level. The PIN should not include:

  • the same number more than once in a row, e.g. 000
  • more than three ascending or descending digits, e.g. 1234 or 4321
  • repeating numeric patterns, e.g. 010101
  • your birthday or any other significant dates (like anniversaries)
  • the same digits in your passcode used to unlock your mobile device

After setting up "6-digit PIN", you can also activate biometric authentication (i.e. fingerprint or face recognition). That way, log on is more secure because you can minimise the instances of you typing out the "6-digit PIN" and prevent others from obtaining your PIN. 

Also, please take care of your own device that are Mobile Security Key-enabled and update the 6-digit PIN regularly so you can bank safer. 

  • Never use others' or public device to log on Personal e-Banking and mobile app, activate and bind Mobile Security Key
  • Take care of your own device that are Mobile Security Key-enabled
  • Never share any one-time verification code sent to your mobile device or email with other people, or disclose any security code generated from mobile device or security device
  • Use a password that is difficult to guess and change your password regularly
  • Store your password carefully, such as in encrypted format  
  • Bind 1 device with Mobile Security Key and trust 1 browser

To make sure you log on through the official page, you should:

  • always access Personal e-Banking by clicking "Log on" button on Hang Seng Bank Website
  • download Hang Seng Mobile App through the official app store or go to Hang Seng Bank Website (choose "Banking" > "Digital Services" > "Personal Banking Mobile App") only
  • Go to Hang Seng Bank Website, then choose "View all" under "Security Information Centre" section for more security tips

If you believe you have shared your sensitive personal information, such as HKID, Personal e-Banking log-on credentials, One Time Password (OTP) by any means, please call our Customer Service Hotline (852) 2822 0228 immediately to report it (Choose language then press #, 9)

If you are suspicious of any emails, SMS text or websites claiming to be from Hang Seng Bank, please forward it to phishing@hangseng.com and delete the suspicious message afterwards, or call our Customer Service Hotline: (852) 2822 0228 for enquiry. For more details on phishing, please go to Hang Seng Bank Website, then choose "View all" under "Security Information Centre" section.

Things to note:

  • Please ensure you copy the full email, smishing text or website address (URL) into the body of the email
  • Please do not send any sensitive personal information within the email

Footnote

Remark(s)

  1. We will notify online banking customers on details of the service updates to ensure they are aware of the changes before they become available.
  2. You will no longer need to use your physical Security Device as this will be deactivated once you activated your Mobile Security Key. New physical Security Device is no longer issued effective from 1 July 2022.