The digital economy is now more central to the average Filipino’s daily life. The rise of e-commerce, as well as the proliferation of online services and digital payments, has seen it grow to become 8.5% of national GDP or P2.25 trillion, according to the Philippine Statistics Authority (PSA).
The recently passed Konektadong Pinoy Act will further accelerate this momentum by making connectivity more affordable and widely available. This expansion marks an important step in bridging the digital divide.
The law encourages competition in the data transmission sector and supports wider rollout of internet services. By improving access, the law is expected to help reduce inequality in digital participation and enable more Filipinos to use essential online services.
Complementing this are grassroots initiatives like Paleng-QR Ph Plus, which extend the benefits of digital payment to everyday transactions, from small businesses to informal markets. Together, these efforts lay the foundation for a more inclusive and resilient digital economy in the Philippines.
Bridging the Digital Divide Safely
As millions more Filipinos come to have a digital footprint, the risks of fraud and identity theft are also increasing. In 2024, the Philippine National Police-Anti-Cybercrime Group (PNP-ACG) received a total of 14,531 cyber-related complaints nationwide, highlighting the scope of emerging digital threats.
Scams that use synthetic identities, phishing campaigns, and deepfake technologies have become more common. Protecting citizens from these risks is essential and highlights the importance of pairing infrastructure expansion with security safeguards.
Without adequate protections in place, the very communities that benefit most from new connectivity may also face the highest risks.
With the drive to close access gaps, new online users -– the overwhelming majority of whom will be from rural and lower-income communities – will be particularly vulnerable.
More likely to be unfamiliar with online risks and not fully aware of how to protect their digital identities, it is critical that these new users are not exposed.
Connectivity without trust is fragile. Infrastructure expansion alone cannot sustain digital adoption if scams, fraud, and identity theft continue to grow unchecked.
The New Threat Landscape
In 2024, Appdome found that over 72% of mobile fraud cases involved spoofed or synthetic identities, bypassing standard security checks such as Customer Identity and Access Management (CIAM) systems and biometrics.
This may seem like merely a technical issue, but it actually has repercussions on a national economic level.
Thus, lawmakers and regulators are responding. The Bangko Sentral ng Pilipinas (BSP) introduced the Anti-Financial Account Scamming Act (AFASA) to combat phishing, vishing, money muling, and other online scams.
These efforts highlight that identity protection is urgently needed. Without robust safeguards, consumers may hesitate to use new services, slowing down progress in financial inclusion and e-commerce participation.
Building Trust with Customer Identity Protection
With cybercriminals now weaponising AI, malware, and deepfakes to bypass outdated defences, Organisations need to rethink existing authentication methods.
Using AI to code and build defences into the mobile applications is required to keep pace with the attackers and protect the mobile business.
Up to this point, biometric authentication, CIAM and identity verification (IDV) enabled users to register, authenticate, and access digital services. But as mobile fraud grows more sophisticated, these established methods are proving increasingly ineffective.
Even the most robust authentication techniques, such as biometrics and IDV, are being circumvented by malicious actors using AI. In fact, it is now possible to modify identity signals
such as when and how apps were installed, details about a device, or which apps are running in the background – making it harder for systems to tell if an online user is genuine.
At the same time, fake or artificial devices are increasingly being used to impersonate real clients. Techniques such as token theft, cookie/session manipulation, and credential replay reveal the gaping
holes in current identity systems. Even after a successful login, sophisticated runtime threats such as overlay attacks, keystroke injection, and app tampering can compromise identities.
What is needed is a cryptographically bound chain of trust from app release to runtime, reinforced by multiple layers of defence. What we are calling Customer Identity Protection (CIP) has these capabilities, where mobile businesses protect apps, APIs, and customer identity – all from one powerful platform:
- Perimeter defences for identity that prevent unauthorised access.
- Immutable mobile binding and multi-level identity fingerprinting to tie users securely to their devices.
- Real-time threat intelligence that detects and blocks spyware, deepfakes, and identity spoofing.
These protections create a safety net for Filipinos, particularly for the country’s new internet users, ensuring that all citizens can confidently participate in the digital economy.
Embedding Trust into Digital Inclusion
The Konektadong Pinoy Act represents a bold vision to connect every Filipino to the digital economy. This noble effort to improve inclusion must also include security to avoid eroding public trust.
The proposed Philippine Scam Prevention Center shows how seriously the country is taking this challenge, laying the groundwork for a national framework against online fraud.
The onus is on organizations to do their part. By embedding CIP into the rollout of connectivity, the Philippines can ensure secure, resilient, and sustainable digital inclusion.
Connectivity built on trust will unlock the full potential of the country’s digital transformation, empowering citizens and businesses alike.
The author is the mobile app security evangelist at Appdome
