GCash is switching from SMS one-time passwords to in-app OTPs starting today, June 22, 2026. The change strengthens account security and speeds up transactions, following the Bangko Sentral ng Pilipinas directive under the Anti-Financial Account Scamming Act. We first reported this update last June 5, when GCash confirmed the rollout plan.
SMS OTPs have long been a vulnerable point to phishing and SIM-swap attacks. With in-app OTPs, users now get secure push notifications inside the GCash app. Authentication becomes instant, with one-tap approval for payments, transfers, and other services.
The upgrade is part of GCash’s multi-factor authentication framework. It works alongside Know Your Customer verification and facial recognition through DoubleSafe. Together, these tools aim to stop account takeovers and protect users from scams.
To activate in-app OTPs, users must enable push notifications for the GCash app in their iOS and Android device settings.
Also Read: GCash prepares for IPO listing at PSE
GCash remains the country’s leading finance super app, offering payments, savings, credit, insurance, and investments.
