Security tips

Security at Mox

Being trusted with your money is a big responsibility—and one we don’t take lightly. The security of your account and personal information is very important to us. Here are a few things we do to make sure your money is safe.

How Mox protects you

Our promise

We promise that your maximum liability for fraudulent transactions made on your account or Mox card, except cash advances, will not exceed HKD 500. We kindly ask you to remember that prevention is a shared responsibility, so you have a role to play, too.

Here are a few things you can do to help keep everything secure:

Signing up for a Mox account is simple and secure

Signing up for a Mox account is fast, secure and free. It takes only a few minutes and you can do it from your mobile phone.

Our account-opening process includes best-in-class identity verification and fraud prevention techniques.

Deposit protection

Mox is a member of the Deposit Protection Scheme in Hong Kong. Deposits received by Mox are protected by the Scheme up to a limit of HK$500,000 per account owner.

Our security procedures

Keeping your money and information secure is our top priority. We take pride in using multi-level security procedures, including tools and techniques for encryption, identity verification and fraud prevention, in order to protect your account, transactions and personal information.

Multi-factor authentication. To log in to Mox, you need to use your password, fingerprint or facial recognition. Whenever our systems detect a risky transaction, you’ll be asked to provide additional verification.

Pairing your account to your mobile. Your account can only be paired to one smartphone and one phone number at a time.

24/7 monitoring. Our intelligent 24/7 monitoring system monitors your account and transactions for fraudulent, unauthorised transactions. If we suspect a transaction is fraudulent, we take every step to validate the transaction. This may include:

  • Contacting you via Mox voice or Mox video call from within the Mox app.
  • Asking you to re-validate your identity with biometrics unique to you.
  • Notifying you with in-app push notifications or via the email address you signed up with.

Real-time transaction notifications

Be aware of all the activity that happens on your Mox card and account. You can track your account activity on the Mox app in real time and immediately report any unusual activity you notice. You’ll receive instant push notifications after each account and card transaction, so you always know what’s been spent, where and when.

Paying with your Mox card is safe

3D Secure software - Designed for safe online purchases.

Lockable card - You have full control over how you want to use your Mox card. For extra protection, you can lock or unlock your card whenever you want.

Hard to copy - You can only access and edit your card information from your Mox app. Mox cards don’t have the account number printed on them, so you can relax whenever you hand your card to the cashier.

Know your rights

You have a right to:

  • access the personal data we hold about you, or get a copy of it.
  • inform us that we need to correct inaccurate data.
  • ask us to delete, ‘block’ or suppress your data, though for legal reasons we might not always be able to do it.
  • object to us using your data for direct marketing and, in certain circumstances, ‘legitimate interests’, research and statistical purposes.
  • withdraw any consent you’ve previously given us.

If you wish to do any of the above, please contact us via the app.

8 tips for keeping your account safe

1. Protect yourself from phishing attack

What is phishing? Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising oneself as a trustworthy entity in an electronic communication (e.g. email). For example, phishing emails will almost always tell you to click on a link that takes you to a site which imitate true brands, such as our Mox brand, where your personal information is requested. In addition to fraudulent emails/websites, scammers can also establish fraudulent mobile applications imitating our brand to compromise your accounts and trick you in divulging your personal information.

What to do if things seem phishing? If you receive a suspicious email or phone call claiming to be from us, please report the incident via email to, or forward the email with the attachments included and you should then delete the email straight away. In addition, please contact our Customer Care Team at +852 2888 8228 or via the app immediately if you suspect any unauthorized access or transactions on your account.

2. Protect your mobile phone

Make sure your mobile phone has password protection, is not rooted or jailbroken, and has malware protection.

3. Browse smartly

Install apps on your phones from trusted sources only, e.g. the official app stores like App Store or Google Play. Be cautious about what permissions (e.g. your contacts, camera, location) you grant the apps you download.

4. Opt to receive real-time push notifications

You can check your account anytime in the Mox app. If you notice any unusual account activity, take action. We recommend you use the app to lock your Mox card and contact us immediately.

5. Change your password regularly

Follow our password rules to create a secure and strong password. For convenience and security, we also recommend you enable biometric authentication methods including fingerprint/or facial recognition for both authentication and login.

6. Never share your password

Remember that Mox will never email or text asking you for your personal details, passwords, credit card details. As the account owner, only you should create and access your login details. Remember, you should never share your password or PIN with any external people, applications or websites; not even friends, family or Mox personnel.

7. Be careful with Wi-Fi and Bluetooth connections

We recommend that you disable publicly accessible Wi-Fi connections and your device’s Bluetooth function before you log in to your account. If you’re using a private Wi-Fi network, you should check that it’s secured by a WPA2 system.

8. Stay alert

We will never ask you to prove your identity on behalf of other individuals or companies. This includes verifications for apartment rental contracts, lines of credit, ID, passport applications, etc. If you encounter such situations, please contact us via the mobile app or contact centre, +852 2888 8228.

How to know if it's really Mox calling me?

Protect yourself from bogus phone calls

How to avoid being a victim of fraud

What is a bogus phone call?

Bogus phone calls trick customers into providing their personal information, account details/passwords, SMS one-time-passcodes and other sensitive data so the caller can carry out illegitimate activities. Callers may claim to be from the government, law enforcement, banks or other service providers.

These fraudulent callers may attempt to use the compromised personal data to take control of your bank account; transfer/use funds; use services, such as applying for loans and credit cards; or hide other criminal activities.

Mox will never call, email, or contact you to request sensitive personal information. Never transfer money or disclose personal information to unknown parties. If you have any doubts or have encountered any suspicious calls, messages or emails, please call us at +852 2888 8228, as soon as possible.

How to identify a bogus phone call?

Here are some ways to identify bogus phone calls. Please bear in mind that these are not the only signs, so it is important to use your best judgment.

  1. Bogus calls often contain a pre-recorded message requesting passwords, PINs or other personal information. These may say they are notifying you of irregularities in your bank or credit account, and/or be offering promotional sales.
  2. In bogus calls, the caller display number may be unknown or from overseas, and the voice quality may be very poor.
  3. A bogus caller may refuse to provide their name and call-back number.
  4. A bogus caller will often seem in a hurry to close a sale and will not give details about products or services.

How to handle a suspicious call?

  1. Verify the caller: If you suspect you’re speaking to a fraudulent caller, request more information from them, including their department name, caller name, office number, and how they got your phone number and account information. If they are unwilling to share this information, hang up.
  2. Never share your personal information or account details: These include your passport details, bank account details, login passwords, SMS one-time-passcodes or card details (e.g. PIN, card number, expiry date or CVC).
  3. Act fast if you have disclosed information: If you have disclosed your account details and/or personal information to a bogus caller or phishing email, please call our customer service hotline at +852 2888 8228 immediately. Our contact centre agent will inform you of next steps.
  4. Regularly review your activity: Regularly check and review your bank statements and card activity, and report any irregularities to Mox.

Remember, Mox will never...

Mox will never call, email or contact you for sensitive personal information. If we need to contact you for some reason, Mox will send a push notification through your app prior to calling. So, if you receive a call, make sure to check the notification centre in the app for corresponding notifications.

Always here to help

To us, every Mox customer is important. That’s why we’re always here to help. To contact us, you can:

  • Use the voice call or inbox function in the app
  • Call us on +852 2888 8228
  • Email us at
  • Write to us at 21/F, Cityplaza Three, 14 Taikoo Wan Road, Taikoo Shing, Hong Kong