GCash is replacing SMS-based one-time passwords (OTPs) with in-app OTPs this June as the country’s leading e-wallet strengthens account security and aligns with the Anti-Financial Account Scamming Act (AFASA).
The update marks a significant shift in how users authenticate transactions, moving away from traditional SMS verification codes toward a more secure in-app authentication process.
The change comes as digital financial services continue to face growing threats from phishing attacks, SIM-swap fraud, and unauthorized account access. By keeping authentication within the app, GCash aims to provide stronger protection for millions of users conducting daily financial transactions.
Why GCash is moving away from SMS OTPs
The decision to replace SMS OTPs is part of a broader effort to enhance customer security and reduce vulnerabilities associated with text message-based authentication.
While SMS OTPs have long been a standard security feature, cybercriminals have increasingly exploited weaknesses in mobile networks through SIM-swapping schemes and social engineering attacks.
Under the new system, verification codes will be generated and delivered directly within the GCash app. This reduces the risk of interception and helps ensure that authentication remains within a more secure digital environment.
The transition also supports compliance with AFASA, which seeks to strengthen safeguards against financial fraud and cybercrime.
What users can expect
Users will need to update their GCash app to the latest version to access the new authentication feature.
Once implemented, transaction approvals and account verifications will be completed through secure in-app prompts instead of SMS messages.
The move is expected to streamline the verification process while adding another layer of protection for users. As digital payments continue to grow across the Philippines, stronger authentication measures are becoming increasingly important in maintaining trust in financial technology platforms.
Strengthening digital security
The shift to in-app OTPs forms part of GCash’s broader efforts to enhance digital security.
As regulators and financial institutions push for stronger anti-fraud measures, authentication technologies are expected to play an increasingly important role in protecting users and reinforcing confidence in the country’s expanding digital economy.
