According to ChainCatcher, OKX CEO Star posted on the X platform:
1. OKX currently has no case of user data loss that was completed through switching from GA to SMS.
2. The authentication-free address is designed for the needs of API users to automatically withdraw money. Setting a limit does not meet actual needs, and the security verification of adding authentication-free addresses is at the same level as withdrawing money. Here, we can consider introducing a silent mechanism for the automatic expiration of authentication-free addresses.
3. GA and SMS each have their own advantages and disadvantages in terms of security. The security level of GA is indeed slightly higher than that of SMS, but it is not absolutely safe.
4. There are two ways for hackers to steal user GA: (a) implant a Trojan on the user's device; (b) if the user has enabled GA cloud synchronization, hackers can also obtain the user's GA by stealing the user's Google account.
5. Methods of stealing user SMS include implanting Trojans in devices, copying SIM cards, using fake base stations, and stealing through SMS service providers.
6. OKX has full confidence in the safety of our products. We will continue to compensate in full for any financial losses caused by OKX itself.