BSP considers removing OTPs to shift to more secure methods
The Bangko Sentral ng Pilipinas is considering removing one-time passwords (OTP) for digital bank transactions as this security method is becoming "obsolete."
BSP Deputy Governor Elmore Capule said the agency is studying ways to make digital banking "future proof" to fight fraudulent transactions.
"If you say that what we have now is efficient, next week or next year, it may no longer be," he told reporters, including The Philippine STAR, during a 2025 Media Information Session in Baguio City.
"We are encouraging banks to go to a higher level of protection. While what we have now may be sufficient, we want them to continually upgrade."
BSP Deputy Governor Mamerto Tangonan, meanwhile, said OTPs are becoming obsolete. The Monetary Authority of Singapore and the Bank of International Settlements have discouraged relying on OTP, he pointed out.
Capule said the central bank is looking at other security methods that banks can adopt like biometric authentication. He added that a transition period would be needed before shifting to other measures.
"You cannot just say OTPs are passé."
OTPs are widely adopted by financial institutions as a security measure for online transactions. These are unique, temporary codes sent to a user's phone or email to verify their identity.
However, these OTPs are sought after by scammers, who trick individuals into sharing the password to gain access to their accounts.
The Cybercrime Investigation and Coordinating Center recorded about 10,004 cybercrime complaints in 2024 which amounted to nearly P198 million in financial losses.
Protecting yourself from OTP scams
To protect yourself from OTP scams, you should never share your OTP. Several banks remind users that they will never ask for your personal or bank details, especially OTPs.
If you receive a request for your OTP, contact the official website or company using trusted details like their official phone numbers, emails, or social media pages. It's best to report to your bank immediately if you get an OTP request for an unfamiliar transaction.
Additionally, you should make sure you're on a secure network when making online banking transactions. Scammers can tap into public Wi-Fi networks to steal sensitive information like usernames and passwords. (with reports from Keisha Ta-Asan)
