HSBC Credit Card offers you even more protection when shopping online. With 3D Secure Authentication, which provides additional authentication through One-Time Password (OTP). The OTP will be sent to your mobile phone each time you do an online transaction at secure merchant (participating merchant in 3 Domain Secure / 3D Secure).
One-Time Password (OTP) for your online purchases
You are required to key in an One-Time Password (OTP) whenever you make an online purchase at participating 3 Domain Secure (3D Secure) merchants using your HSBC Credit Card. A pop-up screen will appear, prompting you to key in the One-Time Password (OTP) which will be sent to your mobile phone number registered in our system.
What is One Time Password (OTP)?
One Time Password (OTP) is a randomly generated six digit password sent via SMS to your mobile device, which provides a stronger method for authenticating your online transactions you feel comfortable when shoping online.
What is 3D Secure?
3D Secure is a security protocol used by banks worldwide to authenticate online credit card transactions. You can recognize 3D Secure merchants by the "Verified by Visa" or "MasterCard SecureCode" logos on the online merchant's website.
Always update your details
To continue to enjoy online shopping at 3D Secure online merchants with your HSBC Credit Cards, please ensure you have registered your current mobile number and update us should there be any changes.
Call HSBC Contact Center at 1 500 700 (Premier) and 1 500 808 (Other HSBC Credit Card) to update your phone number and your supplementary cardholder's phone number.
1 The success of OTP SMS delivery depends on the availability of the network of telecom operators.Return to main text
2 Effective per 25 November 2019, 64722 can not be contacted and changed to 1 500 808.Return to main text
The following tips will go a long way in protecting you:
- Look for evidence that the internet merchant is using some security to protect your credit card data such as the icons showing that they use SSL security.
- Make sure that you know the merchant and that this is a genuine and reputable merchant, double check the name and Internet address of the merchant.
- The mobile phone number shown on the screen is not my latest number. What should I do?
Please call HSBC Phone Banking Service at 1 500 700 (Premier) and 1 500 808 (Other HSBC Credit Card) to update your phone number.
- I have not received my OTP via SMS. What should I do?
Please verify that your mobile phone number is updated in our records. You should receive your OTP in less than one minute. However, this service is dependent on the various Telco and service providers and may take longer time due to mobile traffic.
- Do I need to click any button to trigger the OTP via SMS?
No, the OTP will automatically be sent to your registered mobile phone number, unless you need to regenerate OTP please click on the “Regenerate OTP” link.
- How long is my OTP valid for?
Your OTP is valid for 5 minutes. Please click on the "Regenerate OTP" link should you exceed this time frame.
- How many times can I click on the Regenerate OTP?
You can request the Regenerate OTP maximum 3 times for one transaction.
- What happens if I enter the wrong OTP?
You have 3 attempts to key in your OTP. If you have keyed in 3 invalid OTPs, you will not be able to proceed with the transaction and will be routed back to the merchant website. Please call HSBC Phone Banking Service at 1 500 700 (Premier) and 1 500 808 (Other HSBC Credit Card) for further assistance.
- I tried to do an online transaction but I was not prompted to enter an OTP. What should I do?
Online transaction using HSBC Credit Card on 3D Secure only applies for transaction done at participating 3 Domain Secure (3D Secure) merchants. If the merchant do not participate in 3D Secure, you will not be required to key in the OTP.
- How do I recognize which merchants actually participate in 3D Secure?
You can recognize 3D Secure merchants by the “Verified by Visa” or “MasterCard SecureCode” logos on the online merchant’s website.
1 Effective per 25 November 2019, 64722 can not be contacted and changed to 1 500 808.Return to main text