E-wallet firm GCash is rolling out a new security feature that aims to prevent unauthorized transactions brought about by phishing and other types of scams.
The app introduced the “double authentication” feature which can ensure that only the account owner has the ability to link his GCash account to a specific device.
“This feature removes customers’ dependence on SMS OTPs which has been exploited by some fraudsters to scam users. It will provide a unique identifier that can’t be phished by scammers. It also provides an additional layer of security to the current SMS OTP,” said Winsley Bangit, chief customer officer of GCash.
Aside from continuing to beef up its security measures, GCash said it has also been ramping up its partnership with authorities and regulators to help ensure the whole e-wallet ecosystem is safe for all.
During the #GSafeTayo media launch, GCash also signed a memorandum of agreement with the Philippine National Police Anti-Cybercrime Group (PNP-ACG) to strengthen collaboration in going after perpetrators involved in phishing, smishing, online fraud, e-scams, vishing, and other cybercrimes that take advantage of GCash users.
“I would like to express my confidence that through our stronger partnership with the PNP-ACG, we will be able to achieve more in the prevention, investigation, and prosecution of cybercrimes. GCash also assures the PNP-ACG that we will do whatever we can in order to successfully implement our agreement,” said GCash chief legal officer Maricor Alvarez-Adriano.
Through its intensified security campaign under #GSafeTayo, GCash has also been constantly reminding its users to never share their MPIN or OTP, as well as to never click links outside of the GCash app, especially from websites or senders which you have not verified to be legitimate.
GCash has already removed all clickable links in its official SMS and emails to users to help them determine that when they receive messages with links, then these are scams.
The e-wallet has also migrated transaction notification messages to the in-app inbox and masked the names of send money recipients to further protect the users’ funds and personal data.