GCash will replace SMS-based authentication with In-App One-Time Passwords (OTPs), with the feature rolling out by June 22 as part of its enhanced cybersecurity measures against phishing scams and financial fraud.
Instead of receiving OTPs via text message, users will get secure push notifications directly within the authenticated GCash app, providing a safer and more seamless verification process.
SMS-based OTPs have long been a target of scammers seeking unauthorized access to user accounts. By shifting to In-App OTPs, GCash ensures that only the intended user can receive and use the verification code through their logged-in device, reducing the risk of fraud and account compromise.
GCash shifts to in-app authentication
The move also complies with the Bangko Sentral ng Pilipinas' directive to phase out SMS-based OTPs by June 2026 and supports the implementation of the Anti-Financial Account Scamming Act (AFASA).
Beyond improved security, In-App OTPs offer a faster and more convenient experience by eliminating the need to switch apps, manually enter codes, or wait for text messages to arrive.
As digital threats continue to evolve, GCash remains committed to strengthening platform security and promoting safer digital financial services for its users.
