MANILA, Philippines — As the Philippines moves to phase out vulnerable one-time passwords (OTPs) by June 2026, PLDT Enterprise has unveiled a new network-based authentication system designed to secure digital transactions without the need for manual codes.
Traditional SMS-based OTPs have become a prime target for scammers through “smishing,” spoofing, and social engineering.
- The Deadline: Under the Anti-Financial Account Scamming Act (Afasa) and new Bangko Sentral ng Pilipinas (BSP) circulars, banks are being pushed to stop using SMS OTPs by June 2026.
- The Solution: PLDT’s SmartSafe SilentAccess allows an app to verify a user’s identity “silently” in the background. It checks if the mobile number registered in the app matches the SIM card currently in the device by communicating directly with the telecom network.
- Speed: The process takes only five to eight seconds, significantly faster than waiting for an SMS.
- Security: It eliminates the step where users have to type in a code—the moment where most “phishing” and “social engineering” attacks occur.
- Fraud Detection: The system includes extra tools to flag “SIM swaps” (when a scammer steals your number) and “geo-checks” to see if a transaction is happening near the user’s actual location.
According to Nico Alcoseba, First VP at PLDT Enterprise, several major banks and fintech firms are already conducting “proof-of-concept” tests.
“Telcos are transitioning from providing network signals to providing risk signals,” Alcoseba said, noting that telecom data is now a critical part of the country’s anti-fraud infrastructure.
