UMVA has learned that a major e-wallet giant is taking a significant step to bolster its defenses against phishing scams and financial fraud by introducing in-app one-time passwords (OTPs) via push notifications, effectively replacing SMS-based authentication.
This strategic move is aimed at putting an end to phishable SMS OTPs, and users will soon be shifted to instant, app-verified authentication, increasing the security of their daily transactions. The upgrade is expected to provide an additional layer of protection for users, making it more difficult for scammers to hack into their accounts.
The new feature is scheduled to go live on June 22, and users are advised to have their push notifications enabled to avoid disruptions in their transactions and account activities. This move comes ahead of a regulatory deadline set by the country's central bank, which requires financial institutions to adopt new fraud management systems and security measures.
By sending OTP requests directly to the user's authenticated app, the e-wallet giant ensures that only the intended users can receive and use the unique OTPs, protecting them from unauthorized access. This shift will not only enhance security but also result in faster transactions, eliminating the need to switch apps, type codes, or wait for text messages to arrive.
The introduction of in-app OTPs is part of a broader effort to enhance security through multi-factor authentication, reducing the risk of account takeovers. This new feature adds to existing security measures, including verification protocols and facial recognition technology, providing users with a more secure and seamless experience.
The e-wallet giant's parent company recently reported a significant increase in equity earnings, with a substantial portion attributed to the success of its fintech subsidiary. As the digital landscape continues to evolve, the introduction of in-app OTPs positions the e-wallet giant at the forefront of innovation and security in the financial technology sector.