Information Security Maintenance Manual for Securities and Futures Investors

Introduction:

In today's information and globalization era, the relationship between people, computers, and networks is becoming increasingly close. Electronic trading is becoming more widespread and holds a significant position in economic activities. The trend of using computer or telecommunications technology for criminal activities in cyberspace is also on the rise. While the advent of the Internet has indeed brought many conveniences to human life, it has also given rise to information security and cybercrime issues that pose greater threats to national and societal security.

I、What is Information and Communication Security?

As the name suggests, it refers to the security of information and communication. When investors use online trading to invest in securities, futures, subscribe to stocks and financial products, and manage accounts and personal investment data, does the convenience of online execution also ensure the security of information and communication?

II、What are the Risks of Online Transactions?

Risks of Electronic Transactions

Electronic transactions via network transmission or telephone voice are inherently unreliable and insecure in terms of data transmission.
Transmitting data over the network carries inherent risks such as interruptions and delays.

Data Storage Risks

Messages sent by others impersonating you.
Unauthorized remote viewing of message content.
Unauthorized theft, alteration, or destruction of data content.
Recipient denies receiving the message content, sender denies sending the message content.
The client is responsible for any loss or theft of their personal passwords and electronic certificates.

III、What is an Electronic Certificate?

A certificate is issued by a legally authorized certificate authority to verify your identity to others. The certificate contains information that can be used to protect data or establish a secure connection when connecting to other computers. For online transaction security needs, a comprehensive security control mechanism is provided to ensure that online transaction services meet the security requirements of data confidentiality, identity verification, and non-repudiation.

IV、What Security Guarantees Are Provided by Using Electronic Certificates?

Ensure the security of every electronic transaction for investors.
The content of the order message will not be altered.
Unauthorized individuals cannot place orders under someone else's name.
The content of the order message will not be disclosed.
In case of a dispute in the transaction, relevant evidence can be provided as a basis for arbitration.

V、When Should Certificates Be Used?

When engaging in trading activities with securities and futures firms (such as placing orders, canceling orders, subscribing, or withdrawing futures trading margin), it is necessary to use a certificate.

VI、Online Transactions Should Be Conducted Through Securities and Futures Brokers with Network Security Controls.

VII、Important Points for Online Transaction Security:

Password Setting Principles:

When setting a password, avoid using easily guessable numbers such as birthdays, phone numbers, ID numbers, or patterns.

Password Management Principles:

You should apply for and properly manage your electronic certificates (types of storage media for electronic certificates include: floppy disks, hard drives, IC cards, etc.) personally, and not entrust them to others for safekeeping.
Do not share any of your personal passwords with others.
Do not write your password in obvious places that are easy for others to access.
Regularly change your password at irregular intervals.
Passwords for general websites (which may be in plain text) should be distinct from passwords used for online transactions to prevent them from being guessed or misused.

Browser Usage Principles:

Use electronic certificates; don't be afraid of the hassle.
Whether you use the computer alone or share it with others, do not let the browser save your personal passwords.
When leaving your seat or after completing a transaction, make it a habit to immediately log out of the network.
It is best not to use websites with transaction functions in public places such as internet cafes.

VIII、Handling of Transaction Disputes:

When using an electronic certificate, any related evidence data can serve as a basis for arbitration in case of trading disputes.
Trading disputes can be appealed to or reported to the following units:

Financial Supervisory Commission, Securities and Futures Bureau	8773-5100
Securities Investors and Futures Traders Protection Center	2712-8020
Taiwan Stock Exchange	2348-5678
Taiwan Over-The-Counter Securities Exchange (TWO)	2366-6100
Taiwan Futures Exchange Co., Ltd.	2369-5678
Other Securities-Related Entities

IX、Preventing Phishing Attacks:

Phishing is a type of online fraud where perpetrators may use fake emails, websites, or messaging app links to deceive customers into providing their personal confidential information (e.g., ID numbers, securities or futures account passwords), which is then used for criminal activities.
Our company will not send emails requesting customers to provide personal information such as ID numbers or account passwords. If you receive an email purportedly from our company asking for such information, please be cautious. For suspicious emails, please do not reply or click on any links provided in the email (or in communication apps or other websites). ,If you have any related questions, please contact your assigned salesperson or call our customer service hotline at 412-8878. Thank you!
Please be aware!! The correct website for Capital Futures is:https://www.capitalfutures.com.tw/ , please avoid clicking on counterfeit Capital Futures websites.
If you receive suspected fraudulent emails, whether via mobile phone or landline, you can call the anti-fraud consultation hotline at 165. A specialist will explain and verify whether it is a fraudulent incident.