Terms and Conditions for Authentication Procedures
The Terms and Conditions (“Term and Conditions” and as defined below) shall apply whenever United Asia Finance Limited (the “Company” and as defined below) agrees to provide the Verification Procedures (as defined below) to you. Your continuing use of the Verification Procedure constitutes your acceptance of these Terms and Conditions and the terms and conditions of the “Hyperlink Policy”, the “Important Declaration”, the “Terms and Conditions for Access of the Website and Use of the Mobile App”, the “Privacy Policy” and the “Notice to Customers and other individuals relating to the Personal Data (Privacy) Ordinance and the Code of Practice on Consumer Credit Data” of the Company (all of which can be accessed at the official website of the Company). If you do not agree with any of the terms and conditions stated above, you should refrain from using the Verification Procedures. The Company reserves the right to amend, revise, vary, modify and/or supplement any of the above terms and conditions at any time without prior notice.
These Terms and Conditions are in addition to the terms and conditions which apply to any products and/or services which may be provided by the Company from time to time. Insofar as the Verification Procedures are concerned, the provisions of these Terms and Conditions shall prevail over any other terms and conditions to the extent of any inconsistency between them.
1. Definitions
1.1 | Unless the context otherwise requires, the capitalised terms under these Terms and Conditions shall have the following meanings: | |
1.1.1 | “Biometric Authentication” means the identity authentication function using biometric credentials (including fingerprint, face authentication or any other biometric data) as the Company may provide from time to time; | |
1.1.2 | “Company” means United Asia Finance Limited and its successors and assigns; | |
1.1.3 | “Hong Kong” means the Hong Kong Special Administrative Region of the People’s Republic of China; | |
1.1.4 | “Mobile App” means the mobile application known as “YES UA” and/or “sim Credit Card” including the iOS and Google Play versions and such other mobile applications and/or versions thereof as the Company may from time to time launch, operate and maintain; | |
1.1.5 | “OTP” means each one-time password sent to you from time to time by the Company in connection with its provision of OTP Verification procedures; | |
1.1.6 | “OTP Verification” means the identity authentication function using OTP as the Company may provided from time to time; | |
1.1.7 | “Permitted Mobile Device” means such compatible mobile device, with biometric identity sensor supported, running an operating system version as the Company may specify from time to time, or any other electronic devices or equipment which the Company may designate for providing Biometric Authentication procedures from time to time; | |
1.1.8 | “Services” means any products and/or services which may be provided by the Company from time to time; | |
1.1.9 | “Registered Mobile Phone Number” means your mobile phone number registered with the Company on the latest date according to the Company’s record; | |
1.1.10 | “Security Data” means any verification information established by you for using the Verification Procedures, including without limitation your personal identity number (PIN) (such as user ID and/or password) and biometric credentials; | |
1.1.11 | “SMS” means short message service; | |
1.1.12 | “Terms and Conditions” means these terms and conditions as may be amended, revised, varied, modified, supplemented or otherwise in effect from time to time; and | |
1.1.13 | “Verification Procedures” means the security procedures involving Biometric Authentication, OTP Verification, two-factor authentication (2FA) and/or any other verification information or tool as may be provided by the Company from time to time for verification and authentication of your identity before you access the Services. |
2. Use of the Verification Procedures
2.1 | You acknowledge and agree that the Company may require you to verify your identity when accessing any or all of the Services by using the Verification Procedures. | ||
2.2 | The Company provides the Verification Procedures on an “as is” and “as available” basis. | ||
2.3 | The Company provides the Verification Procedures subject to the following:- | ||
2.3.1 | Insofar as OTP Verification is concerned: – | ||
(a) | You must have at least one (1) Registered Mobile Phone Number in the Company’s record. You are also required to provide the Company with such other information as may be reasonably required by the Company to enable you to use OTP Verification. | ||
(b) | You are solely responsible for ensuring that all information provided to the Company is current, complete and accurate, and for notifying the Company of any changes to such information from time to time. If you fail to provide the Company with correct and up-to-date information, you may not be able to use OTP Verification or the Company may have sent the OTP to a different mobile phone number. Even if you are subscribing to an “SMS forwarding” service provided by a mobile service provider in Hong Kong, SMS messages containing the OTP may not be forwarded such that you may not be able to use OTP Verification. | ||
2.3.2 | You must have immediate access to SMS messages delivered to your Registered Mobile Phone Number. You acknowledge and understand that your mobile service provider may impose restrictions on receiving OTP via SMS if you are outside of Hong Kong or if you use another overseas mobile service network, in which case you may be unable to receive the OTP to complete the OTP Verification procedures. Your mobile service provider may also impose service fees and charges for receiving OTP via SMS. You are solely responsible for paying any fees and charges levied by your mobile service provider or any other party in connection with receiving OTP via SMS on your mobile phone. | ||
2.3.3 | Insofar as Biometric Authentication is concerned: – | ||
(a) | You must have installed the Mobile App using your Permitted Mobile Device. | ||
(b) | You must have activated the biometric identity sensor on the Permitted Mobile Device and register at least one of your biometric credentials to control access to the Permitted Mobile Device. | ||
(c) | You must register Biometric Authentication through the Mobile App by using your personal identity number (PIN) and choosing to use the relevant biometric credentials that you stored on your Permitted Mobile Device for the purpose of Biometric Authentication. | ||
(d) | You must confirm and authorise the Company to have access to the biometric credentials registered on your Permitted Mobile Device and verify your identity by the same. | ||
2.4 | OTP Verification procedures | ||
2.4.1 | Upon engaging in the Services that require the authentication of your identity by way of OTP Verification, an OTP will be sent via SMS to your Registered Mobile Phone Number. | ||
2.4.2 | The Company will send an OTP to one (1) Registered Mobile Phone Number only. If you maintain more than one (1) mobile phone number with the Company, the OTP will be sent to your mobile phone number registered on the latest date according to the Company’s record. | ||
2.4.3 | Upon receipt of the OTP, you are required to correctly input the OTP to complete the required authentication or confirmation. If you are unable to input the OTP correctly or complete the OTP Verification procedures for whatever reason, you will not be able to access the relevant Services. The Company shall not, in any circumstances, be liable for any loss or damages arising out of or in connection with your failure to complete the Verification Procedures. | ||
2.5 | Biometric Authentication procedures | ||
2.5.1 | Biometric Authentication provides an alternative to using personal identity number (PIN) to verify your identity for accessing the Services via the Mobile App. You can register your Permitted Mobile Device for Biometric Authentication. Once successfully registered, you may use your biometric credentials to confirm your identity for accessing the Services via the Mobile App. You acknowledge that, in certain circumstances, the Company may still conduct other verification procedures in addition to Biometric Authentication in order for you to access the Services. | ||
2.5.2 | Biometric Authentication is performed by the Mobile App by interfacing with the biometric identity sensor module on your Permitted Mobile Device and you agree to the authentication process. You acknowledge that the Company will not collect or store your biometric credentials in any manner at any stage of your registration or use of Biometric Authentication. | ||
2.5.3 | Having registered for Biometric Authentication, you may still choose to access the Services via the Mobile App by using your personal identity number (PIN). | ||
2.5.4 | You can deactivate Biometric Authentication at any time via the Mobile App. Once deactivated, you may continue to access the Services via the Mobile App by using your personal identity number (PIN). Please note that deactivation of Biometric Authentication will not automatically delete your biometric credentials on your Permitted Mobile Device. Your biometric credentials will be continuously stored on your Permitted Mobile Device unless they are deleted by you through the relevant biometric authentication function on your Permitted Mobile Device. Biometric credentials stored on your Permitted Mobile Device may be used by other applications on your Permitted Mobile Device. | ||
2.6 | You agree and acknowledge that if you are unable to complete the Verification Procedures for whatever reason, you will not be able to access the relevant Services. The Company shall not, in any circumstances, be liable for any loss or damages arising out of or in connection with your failure to complete the Verification Procedures. | ||
2.7 | The Company reserves the right to determine and vary the scope, manner or other features of the Verification Procedures and the relevant Services to which the Verification Procedures shall apply at anytime and from time to time in the Company’s absolute and sole discretion, including but not limited to, the right to modify or discontinue, temporarily or permanently the Verification Procedures; and to impose or vary any limitation and/or condition on the use of the Verification Procedures. | ||
2.8 | The Verification Procedures are offered for your sole and exclusive use in Hong Kong or other jurisdictions and to such extent where and when they may be lawfully offered and processed under the laws of Hong Kong. You acknowledge and agree that the mobile service provider may not allow you to receive the OTP via SMS if you are abroad or using an overseas mobile service network. | ||
2.9 | To the extent applicable, relevant provisions under these Terms and Conditions shall apply mutatis mutandis to the circumstances where the Company (a) transmits the OTP via any form of communication other than SMS or (b) provides the Verification Procedures using any verification information, tool(s) or feature(s) other than Biometric Authentication or OTP Verification. | ||
2.10 | If there is any dispute regarding the interpretation of these Terms and Conditions or otherwise in connection with your use of the Verification Procedures, the Company’s decision in relation thereto shall be final and conclusive. |
3. Security Duties
3.1 | You shall safeguard the confidentiality of any of the Security Data. For security purposes, you agree to follow and adhere to the Company’s security advice and/or recommendations and any other notices relating to the Verification Procedures which the Company may issue from time to time. | ||
3.2 | You accept full responsibility for the security of using the Verification Procedures and shall take all reasonable steps to safeguard the security of the Security Data and the OTP (where applicable) at all times. You shall immediately notify the Company if you are aware of or suspect any disclosure, leak or unauthorised use of the OTP and/or Security Data or any other breach of security relating to the Verification Procedures. | ||
3.3 | You must act in good faith and exercise reasonable care when using the Verification Procedures, including taking the following security measures: – | ||
3.3.1 | you should not disclose the OTP and/or Security Data to any other person or permit or enable any other person to obtain the OTP and/or Security Data; | ||
3.3.2 | you should take reasonable precautions to prevent the OTP and/or Security Data from unauthorised or fraudulent use, including protecting your mobile device from unauthorised access; | ||
3.3.3 | if you are aware of or suspect any disclosure or unauthorised use of the OTP and/or Security Data, you should promptly notify the Company; | ||
3.3.4 | you should use all reasonable care to keep your mobile device secure; and you should immediately notify the Company and your mobile service provider if you have lost your mobile device used for receiving the OTP and/or Biometric Authentication; | ||
3.3.5 | you should update the Registered Mobile Phone Number with the Company as soon as reasonably practicable if there is a change of your mobile phone number used for receiving the OTP; | ||
3.3.6 | you must ensure that only your own biometric credential is stored on the Permitted Mobile Device; | ||
3.3.7 | you must not use the Mobile App on any mobile device or operating system that has been modified outside the mobile device or operating system vendor supported or warranted configurations (e.g. devices that have been “jail-broken” or “rooted”). A jail broken or rooted device means one that has been freed from the limitations imposed on it by the mobile service provider and/or the phone manufacturer without their approval. The use of the Mobile App or Biometric Authentication service in a jail-broken or rooted device is entirely at your own risk and the Company will not be liable for any losses or any other consequences suffered or incurred by you as a result; | ||
3.3.8 | you must not use face authentication for Biometric Authentication services if: – | ||
(a) | you have reasonable belief that other people may share identical or very similar biometric credentials of you or your biometric credentials can be easily compromised, e.g. you have identical twin or triplet sibling(s); or | ||
(b) | your relevant biometric credentials are or will be undergoing a rapid development or change, e.g. you must not use face authentication if you are an adolescence with facial features undergoing rapid development, | ||
in which case you shall use other verification procedures to access the Services; | |||
3.3.9 | you should not take any action to disable any function provided by and/or agree to any settings of, your mobile device that would otherwise compromise the security of the use of your logon credentials for authentication purposes (e.g. disabling “attention-aware” for face authentication); and | ||
3.3.10 | you should observe all guidelines, security recommendations and other communications provided by the Company from time to time relating to the use of the Verification Procedures. |
4. Liability of the Customer
4.1 | You shall be liable for all acts and transactions conducted with the Company where your identity is verified through the Verification Procedures and all consequences arising from and/or in connection with access to and/or use of the Verification Procedures. |
4.2 | Without prejudice to any other terms contained herein, you shall fully indemnify and hold harmless the Company and its subsidiaries, affiliates, officers, employees and agents against all liabilities, claims, demand, losses, damages, costs, charges and expenses of any kind (including without limitation, legal fees on a full indemnity basis) that may be incurred or suffered by the Company, as well as actions or proceedings that may be brought by or against the Company in connection with its provision of the Verification Procedures, your use of the Verification Procedures and/or the exercise or preservation of the Company’s powers and rights under these Terms and Conditions. |
4.3 | The third parties (including, without limitation, mobile service provider(s), telecommunications company(ies), system operators and internet service provider(s)) supporting the Verification Procedures are neither agencies of the Company nor representing the Company. There is no co-operation, partnership, joint venture or other relationship between the Company and such third parties. The Company is not and will not be responsible whatsoever for any losses or damages caused by such third parties. |
4.4 | You shall compensate and indemnify the Company for all losses, damages, costs or expenses (including legal and other professional fees) incurred by the Company in connection with your breach and/or the Company’s enforcement of these Terms and Conditions against you. |
5. Liability of the Company
5.1 | The Company does not give warranty, whether express or implied, of any kind relating to the Verification Procedures including any warranty of merchantability, fitness for a particular purpose, title or non-infringement of right. |
5.2 | The Company will not assume any liability or responsibility whatsoever to you or any other person for the consequences arising from or in connection with any interruption, interception, suspension, delay, loss, unavailability, defect or other failure in providing the Verification Procedures, in transmitting instructions or content relating to the Verification Procedures or in connecting to or accessing the communication network caused by any acts, omissions, events or circumstances beyond the reasonable control of the Company, including without limitation, failure of any communication network, act or omission of any third party information or service providers, mechanical failure, power failure, malfunction, breakdown, or inadequacy of equipment, installation or facilities, or any laws, rules, regulations, codes, directions, regulatory guidelines or government orders (whether or not having the force of law). |
5.3 | Notwithstanding any other provisions to the contrary, neither the Company nor any other third party service provider shall in any circumstances be liable to you for any incidental, indirect, special, consequential or exemplary damages, including without limitation, any loss of profits, loss due to interruption or loss of any data or devices. |
5.4 | There may be service charges levied by your mobile phone service provider for the transmission of the OTP. The Company is not liable to any charges requested by your mobile phone service provider or any other related parties for the OTP. |
5.5 | Delivery of the OTP may be subject to delayed transmission due to the traffic over the network of the mobile phone service provider or any other related parties. The Company is not liable for any interruption, delays, unavailability or mistaken delivery due to any failure of the telecommunication network. |
6. Modification, Suspension and Termination
6.1 | The Company has the right to modify, suspend or terminate the Verification Procedures or its use (or any part thereof) by you or as a whole at any time without giving prior notice or reason when the Company reasonably considers it necessary or advisable to do so. Such cases may include actual or suspected breach of security, or where the Company reasonably believes that the information you provided is untrue, inaccurate, out-dated or incomplete. |
6.2 | The Company reserves the right to suspend or terminate the provision of the Verification Procedures or permanently at any time, without prior notice, for any reason where the Company considers necessary or advisable to do so, including but not limited to, when there is a suspected breach of security or when the Company has reasonable grounds to suspect that the information provided by you is untrue. |
6.3 | The Company has the right to vary these Terms and Conditions from time to time without prior notice. You will be bound by any variation if you use the Verification Procedures on or after the effective date of the variation. |
7. Third party rights
7.1 | No person other than you and the Company will have any right under the Contracts (Rights of Third Parties) Ordinance to enforce or enjoy the benefit of any of the provisions of these Terms and Conditions. |
8. Severability
8.1 | If any provision of these Terms and Conditions is or becomes illegal, invalid or unenforceable, such illegality, invalidity or unenforceability does not affect any other provision which remains in full force, validity and effect. |
9. Waiver
9.1 | A waiver by the Company of any provision of these Terms and Conditions will not be effective unless given in writing and only to the extent that it is expressly stated to be given. |
9.2 | No forbearance, neglect or waiver by the Company in the enforcement of any of these Terms and Conditions shall prejudice its rights thereafter to strictly enforce the same. A single exercise or partial exercise of any power or right by the Company does not preclude further exercise of that power or right or the exercise of any other power or right. |
10. Governing Law and Jurisdiction
10.1 | These Terms and Conditions, including the interpretation thereof and any disputes relating thereto, shall be governed by and construed in accordance with the laws of Hong Kong. |
10.2 | You agree to be subject to the non-exclusive jurisdiction of the courts of Hong Kong. You further agree that these Terms and Conditions may be enforced in the courts of any competent jurisdiction. |
11. Language
11.1 | The English version of these Terms and Conditions prevail to the extent of any inconsistency between the English and the Chinese versions. Any Chinese version of these Terms and Conditions is for reference only. |
Effective date:18th Feb 2025