Earlier, we took a look at the basics of starting your own digital wallet on the GCash and PayMaya apps.

We discussed what cashless payments were, and the process by which anyone with a decent smartphone these days can sign up for a digital wallet.

Must Read

Cashless payments 101: Starting out with a digital wallet

This week, I thought it might be a good idea to take a deeper dive into the security protections and assurances GCash and PayMaya give their users when it comes to the money they have in their accounts.

What can users do to protect their accounts? What can users – with the help of the digital wallet providers – do in case of an intrusion on the user’s digital wallet? Let’s tackle these questions today.

The standard security features

GCash and PayMaya have slight differences in the security features built into the apps.

Aside from setting up one’s mobile PIN (MPIN) for the purpose of logging into the application on your phone, GCash lets users prep 5 security questions for the purpose of account recovery. It’ll also let you set up a biometric login – namely a fingerprint scan – if you wanted to make your account truly yours.

Should you forget your MPIN, Globe also has a way of sending an authentication code to your registered mobile number so you can access your account. More information on that process is available here.

PayMaya’s lock screen code works similarly to a mobile PIN, serving as an alternative to password entry for logging into the app. Instead of having security questions for account recovery purposes, PayMaya’s system lets you set up a recovery email which should instruct you on how to get your account back in case you lock yourself out. A biometric and lock screen code toggle can also be turned on or off.

In the event a user forgets their lock screen code and password, he can ask for a password reset to be done using the mobile number used to sign into PayMaya.

Protecting the consumer

Both GCash and PayMaya have further documentation in the event of some forms of security breaches. For the most part, these involve cases in which a user’s account is put on hold or otherwise declined.

Between the two services, I’d say GCash has the better presentation of information, as it’s easier to find all the basic things needed in one place, should one’s account be compromised or locked.

GCash has a Customer Protect page where it explains clearly what transactions are covered or not covered by its processes, especially as it relates to fraudulent activity.

The page noted above lists the potential maximum refund one can get depending on the status of their account, and outlines what you need to do to file disputes to get your money back.

Aside from this, their general security page in their support center answers the likely frequently-asked questions for other security-related concerns, such as filing disputes or reporting phishing sites.

PayMaya’s support center, meanwhile, appears to be just a hub for frequently asked questions. If you’re not sure what question you have regarding upholding account security (such as if you’ve been phished), you’re going to need to luck out in finding the right subsection and question.

To make it easier though, assume your account has been compromised, and PayMaya has locked it for your protection. A user can check this particular page and email documentation proving their identity to have their account unlocked. If you have issues with PayMaya taking the wrong amount from your account, you can check this page instead to file a dispute.

Always be prepared

Again, it’s not going to be a great day to wake up and find your GCash or PayMaya account has been compromised, but it’s likely a matter of when rather than if it will be hit by an attack.

The general rules still apply for account security, however:

1. Have two-factor authentication set up on your digital wallet.
2. Don’t share your authentication information with others.
3. Don’t put more in your wallet than what you’re willing to lose in the untimely event of a security breach.

As always, while we wish for the best, let’s prepare for the worst.

I hope the links and advice here will help you to keep your account secure and keep you from panicking should a worst-case scenario happen. – Rappler.com