GCash to roll out biometric-based dual authentication feature

November 25, 2022
2 min read

GCash is set to roll out a new security feature that aims to prevent unauthorized transactions brought about by phishing and other types of scams.

During the recently held #GSafeTayo media launch, GCash introduced the new double authentication feature, an added layer of authentication wherein the account holder will have to take a selfie to verify his identity through facial recognition.

According to GCash, the new feature—which will be rolled out in December—will ensure that only the account owner has the ability to link his GCash account to a specific device.

“This feature removes customers’ dependence on SMS OTPs, which has been exploited by some fraudsters to scam users. It will provide a unique identifier that can’t be phished by scammers. It also provides an additional layer of security to the current SMS OTP,” said Winsley Bangit, Chief Customer Officer of GCash.

During the event, GCash also signed a memorandum of agreement with the Philippine National Police Anti-Cybercrime Group (PNP-ACG) to strengthen collaboration in going after perpetrators involved in phishing, smishing, online fraud, e-scams, vishing, and other cybercrimes that take advantage of GCash users.

“I would like to express my confidence that through our stronger partnership with the PNP-ACG, we will be able to achieve more in the prevention, investigation, and prosecution of cybercrimes. GCash also assures the PNP-ACG that we will do whatever we can in order to successfully implement our agreement,” said GCash Chief Legal Officer Atty. Maricor Alvarez-Adriano.

Through its intensified security campaign under #GSafeTayo, GCash has also been constantly reminding its users to never share their MPIN or OTP, as well as to never click links outside of the GCash app, especially from websites or senders which you have not verified to be legitimate.

In fact, GCash has already removed all clickable links in its official SMS and emails to users to help them determine that when they receive messages with links, then these are scams.

The e-wallet has also migrated transaction notification messages to the in-app inbox and masked the names of send money recipients to further protect the users’ funds and personal data.