GCash Rolls Out In-app OTPs

GCash rolls out in-app OTPs

Duane Villanueva • Jan 13, 2026 • 1 min read

GCash has rolled out in-app one-time passwords (OTPs), with users receiving the codes via push notifications. This means that the codes will no longer be sent via SMS, but directly in the GCash app.

This feature is part of the fintech giant’s multi-factor authentication (MFA) push for the first quarter of 2026. GCash chief information security officer Miguel Geronilla said the move aims to end phishable SMS OTPs.

This protects users from unauthorized access and addresses fraud and financial crimes in the Philippines. This move was pushed by the Bangko Sentral ng Pilipinas (BSP) to move away from SMS OTPs.

Under the Anti-Financial Scamming Act, BSP-supervised institutions must limit the use of OTPs sent via SMS and email. They must adopt multi-factor authentication standards to protect users from social engineering and credential theft attacks.

Other recommended MFA methods include biometric authentication using fingerprint, facial, and voice recognition features. Users should be receiving a notification for the new GCash feature soon.

Duane Villanueva

Communication graduate, closet cynic, and kid at heart. Duane is a rare person to find, quite literally. He often takes to himself but has proven his mettle in tech media with his quick wits. Well, the portfolio of scriptwriting, web content, and public relations help too, we suppose. As a homebody, he often spends his time on the streaming platform Twitch or ‘farming’ gaming clips with friends. He is also an avid fan of round glasses and anything relative to blueberries.

85 posts

GCash rolls out in-app OTPs

Comments

Cancel reply