The Monetary Board, the policy-making body of Bangko Sentral ng Pilipinas, approved the amendments to existing rules mandating its supervised financial institutions to adopt multi-factor authentication techniques for certain transactions.
Bangko Sentral said in a statement the latest development was in response to the increasing propensity and sophistication of cyber-attacks involving fund transfers, payments and other transactions via online channels.
“With the ongoing migration to EMV [Europay Mastercard Visa] technology, cyber-attackers face reduced fraud opportunities in traditional schemes which require customers to physically present their payment cards or the so-called “card present transactions” in ATM and/or POS terminals,” it said.
“Similar to the experience of other countries that have adopted EMV technology, the BSP is then expecting an upsurge of cyber-attacks targeting card-not-present [CNP] transactions in the Philippines,” it said.
All BSP-supervised financial institutions are expected to implement the multi-factor authentication by Sept. 30, 2017. The board said the new policy mandated stronger authentication controls and measures to protect online customers and address the increasing cyber-threats.