At a press conference earlier this month about building secure digital banking infrastructure, data security experts warned that the use of one-time passwords (OTP) — a staple authentication measure for online banking transactions here in the Philippines — was no longer a reliable safeguard.

Sent via text messages, these OTPs can fall into the hands of fraudsters using malware to intercept the message. These bad actors can then quietly siphon off a depositor's funds with no one the wiser until the unfortunate depositor goes online again for his or her next transaction.