BPI expands fight vs. cybercrime with new security controls in mobile app

Press Release

The Bank of the Philippine Islands (BPI) upgraded anew its mobile banking app by integrating new security features aimed at further shielding BPI clients from cyber fraud and scams. 

BPI’s move to add extra layers of security aligns with the bank’s initiative to escalate its cybersecurity strategy to counter ever evolving cyberattacks and conforms with its Customer Obsession thrust that aims to put its clients’ needs and financial well-being front and center. 

“Cyberattacks are becoming more sophisticated these days in a world marked by rapid tech-driven changes.  At BPI, we recognize the urgency of staying ahead of the curve with continuing cybersecurity innovations and education to proactively combat cyberthreats, boost the awareness of Filipinos about these illicit activities, and ensure continuous confidence in digital banking,” said Jonathan John Paz, BPI Enterprise Information Security and Data Protection Officer. 

The upgraded BPI app is bolstered with three new security controls, which users are encouraged to switch on via the app. These include the Device Binding control, which acts as a digital lock that allows only authorized mobile number and device to access an account; the Mobile Key control, which is a more secure and convenient alternative to One-Time PINs or OTPs that require the user’s biometrics credentials saved on their trusted device to authenticate transactions; and the Customized Limits control, which allows users to set their spending limit and have control over usage based on their risk appetite. 

BPI also implemented additional under-the-hood security features that check the safety of the network connection used by every app user, flag down any proxy connections that may collect their sensitive data and monitor usage of unsecure and rooted device that may be exploited by fraudsters and scammers to illegally take over an account. 

Even as the Bank enhanced the app, Paz still urged BPI app users to remain vigilant when transacting online and warned against clicking of suspicious links, sharing OTPs, and connecting to public WiFi hotspots. 

“Cybersecurity is a shared responsibility, and we hope everyone takes this matter seriously. The combination of robust security controls and the right attitude of being vigilant when transacting online will help ensure a safe banking experience for everyone,” he added.  

Paz said the cybersecurity upgrade is also a strategic effort that would aid financial inclusion in the country. “The increased level of security of the BPI app will serve to boost mobile banking adoption and allow the Bank to reach more Filipinos and deliver more inclusive financial services.”

For his part, Fitzgerald Chee, BPI Consumer Platforms Head, said the BPI app finetuning plays a key role in safeguarding the Bank’s digitalization initiative. 

“Cybersecurity is at the heart of BPI’s digitalization journey. Adopting these proactive measures is much needed to ensure that our journey will be secure, sustainable, and successful,” he said.

As of 2023, 6.9 million clients were already enrolled in the BPI app, which is a 17% increase compared to 2022.