GCash is strengthening its platform’s security by implementing DoubleSafe, a security feature that requires a one-time PIN (OTP) and a selfie scan when logging in to a new device with your GCash account. DoubleSafe guarantees that only you can access your GCash account on any other device.
Below are the instructions to link your device with GCash’s DoubleSafe:
For Fully-Verified Users
This feature, however, only applies to fully-verified users. For non-verified accounts, they will have to enter an additional OTP after keying MPIN when logging in:
For Non-Verified Users
Additionally, the selfie scan will not appear for those fully-verified accounts who are using fingerprint biometrics as their login, according to GCash. It wasn’t clear if this is after the process of DoubleSafe (for fully verified users) is done, but we’ll see once we get access to the said feature.
Take note that for five failed attempts logging in through DoubleSafe, your GCash account will be suspended for 24 hours.
GCash says that the feature is still on limited release, and it will eventually be available for all users.
On May 8, 2023, GCash experienced a massive phishing incident. The attackers attempted to transfer funds illegally from victims’ GCash accounts to two bank accounts: one at East West Bank and the other at Asia United Bank (AUB).
Although GCash reiterated that their platform was not technically hacked, the e-wallet identified illegal phishing activities as the root of the problem. With the implementation of DoubleSafe, GCash users can have an additional layer of security against attackers and ultimately, against phishing attempts.