By Edielyn Mangol, Reporter
As cyber fraud intensifies in the Philippines leading to a sharp rise in online banking scams, the Bangko Sentral ng Pilipinas (BSP) has mandated a shift toward phishing-resistant authentication — or the FIDO Suite — by 25 June 2026 under the Anti-Financial Account Scamming Act (AFASA).
In response, global identity solutions provider HID has unveiled a localized deployment of FIDO-certified credentials and a robust Enterprise Passkey Management (EPM) platform — aiming to equip Philippine financial institutions with the tools to adopt passwordless security at scale.
Cyber fraud surge prompts stronger authentication requirements
In recent years, IT fraud and phishing incidents targeting Filipino bank customers have soared by 35%, highlighting vulnerabilities within traditional password-based systems. This surge has placed both consumers and financial institutions at significant risk, underscoring the urgent need for more secure authentication methods.
Responding decisively, the BSP issued the Adoption of Stronger Authentication in Financial Services Act (AFASA), which requires all financial institutions to transition to phishing-resistant authentication solutions by mid-2026.
Against this backdrop, HID’s latest offering is particularly timely. Its FIDO-certified passkeys and credentials deliver a higher standard of security that neutralizes common attack vectors such as credential phishing, password reuse, and SIM swap fraud. By leveraging cryptographic authentication instead of traditional passwords, HID ensures both a seamless user experience and robust protection.
This development represents more than just regulatory compliance — it is a strategic step forward in enhancing national cyber resilience. By deploying solutions aligned with global best practices, Filipino banks can strengthen customer trust, reduce fraud-related losses, and modernize digital banking infrastructures.
Ultimately, HID’s technology not only helps financial institutions meet the BSP’s mandate but also supports the country’s broader push toward secure digital transformation and financial inclusion.
HID rolls out FIDO-certified passkeys and enterprise management platform
At the heart of HID’s new rollout is the Enterprise Passkey Management (EPM) platform — a subscription-based service offering remote provisioning, full lifecycle management, and audit-ready tracking of FIDO credentials. For Philippine banks, this means accelerated deployment, minimized user friction, and streamlined compliance reporting.
Complementing the EPM is HID’s revamped Crescendo hardware portfolio, which includes:
- Crescendo Keys – redesigned for comfort and usability, with support for FIDO2, PKI, and OATH protocols plus remote PIN reset—ideal for regulated financial environments.
- Crescendo Cards – dual-interface or contactless badges that merge physical access with digital authentication capabilities.
- OMNIKEY 5022 – a cost-effective contactless reader for seamless workstation access.
Industry experts have praised the Crescendo Key’s design and user-friendliness, noting its integration compatibility with Microsoft Entra ID and Windows ecosystems.
Hardware and one-card innovations enhance digital and physical security
HID also introduced a pioneering“one-card” solution that combines physical and digital authentication into a single FIDO-enabled credential. The Seos® FIDO-Enabled Card and MIFARE DESFire EV3 FIDO-Enabled Card enable seamless access to both physical facilities and digital platforms.
For Philippine financial institutions — where branches, data centers, and employee mobility remain critical — the dual-purpose card offers tangible benefits: fewer credentials to manage, tighter security, and a simplified user experience. Integration with existing identity providers ensures smoother deployment within legacy banking systems.
Moreover, the solution works seamlessly with existing access management systems, meaning banks can adopt phishing-resistant authentication without undertaking a disruptive, large-scale system overhaul. For an industry balancing regulatory compliance, operational efficiency, and user convenience, HID’s dual-purpose card provides a scalable pathway toward stronger cybersecurity and regulatory alignment with the BSP’s AFASA mandate.
From compliance to cyber resilience: Turning regulation into opportunity
With the BSP’s looming 2026 deadline for passwordless implementation, HID’s new FIDO-certified solutions arrive at a critical time for Philippine banks. The combination of hardware innovation, centralized credential management, and regulatory alignment positions HID as a strong partner in the country’s cyber defense efforts.
As financial institutions transition from passwords to passkeys, HID’s suite of FIDO-certified solutions offers more than just regulatory compliance. By eliminating reliance on vulnerable credentials, banks can achieve a significantly stronger security posture, safeguarding both internal systems and customer accounts from phishing and fraud.
The streamlined authentication process also enhances operational efficiency, reducing support costs tied to password resets and minimizing downtime from security incidents.
Most importantly, these advancements foster greater customer trust—a vital currency in the digital financial ecosystem. In an era where consumers demand both security and convenience, HID enables banks to deliver frictionless, secure interactions that strengthen brand loyalty.
By aligning with the BSP’s 2026 mandate, institutions are not only meeting stringent legal requirements but also positioning themselves at the forefront of secure digital transformation in Philippine banking.
