Thankfully, that's not the case anymore as the e-wallet platform has launched in-app OTPs. You can now receive OTPs directly via push notifications within the GCash app for better security against phishing, scams, and fraud. According to a BusinessWorld report, GCash Chief Information Security Officer Miguel Geronilla said that the move was made "to put an end to phishable SMS OTPs." The company pointed out that scammers have been using SMS-based authentication to enter user accounts illegally. "By sending OTP requests directly to the user’s authenticated GCash app, GCash ensures that only the intended users can receive and use the unique OTPs, protecting them from unauthorized access," GCash said.

Source: Philippine Star January 13, 2026 06:58 UTC