MANILA - The blink of an eye triggers a selfie camera shutter and after a digital exchange between the mobile phone and a secure server, the client gains access to his bank account in a second.
Philippine banks like Unionbank's EON are looking at digital technologies like facial recognition to protect consumers where they are most vulnerable, as the industry increases its defenses with hackers getting more sophisticated.
The same company that built the US State Department's face scanning technology to catch criminals helped build EON's selfie banking system, first in Asia, said Paolo Baltao, Unionbank senior vice president and EON banking group head.
"Have you ever seen a fraudster who wants his pictures taken?" Baltao told ABS-CBN News.
Mobile phone thieves have in the past been caught using selfies they took, not knowing that the images got automatically uploaded to the cloud.
"The banking industry obviously has to catch up. Hackers are getting to be smarter and smarter everyday. They have been getting very, very creative," he said.
EON is aiming for ubiquity with selfie banking, when other banks are using fingerprint-based authentication, Baltao said. Not all smartphones have fingerprint readers but all of them have front-facing cameras, he said.
There are some 60 million smartphones in the Philippines, according to carrier estimates. The country was also declared "selfie capital" of the world in 2014 by Time Magazine, with the most number of self-portraits snapped in the cities of Makati and Pasig.
Baltao said there had been a "substantial" number of selfie log-ins on the EON app since its launch earlier this year.
SWIFT, the global messaging system used to move trillions of dollars each day, warned banks earlier this week that the threat of digital heists was on the rise as hackers use increasingly sophisticated tools and techniques to launch new attacks.
The Senate investigated the vulnerabilities of banks in June and the country's largest lender, BDO Unibank, admitted that 7 of its ATMs were compromised in a "skimming" attack.
In such an attack, fraudsters steal or skim data from the magnetic stripe of ATM cards to make unauthorized transactions. The skimming devices are hidden in the machine.
The Bangko Sentral ng Pilipinas (BSP) gave banks until June next year to switch to chip-based or EMV cards which are more secure compared to the magnetic stripe cards.
BDO reminded clients last October to exchange their old cards, adding it had been issuing EMV cards as early as last year.
On a larger scale, hackers stole $81 million from Bangladesh's foreign reserves and shifted the money to a Rizal Commercial Banking Corp branch in Makati City in February last year.
The BSP fined RCBC a record P1 billion over the incident, which also exposed legal loopholes that aid money laundering.
Bank of the Philippine Islands, whose electronic services were paralyzed for 2 days last June due to an "internal glitch," said it was spending heavily on security.
"Any bank that tells you that 'yes, we are secure' is the day that they are dead... We have parties who are very aware of how banks in other countries are attacked, on ATM, mobile phone or computer," said BPI executive vice president and head of retail client segment group Joseph Albert Gotuaco.
"We have very advanced information on how other banks get attacked. We don’t want to wait for them to come to the Philippines to implement their ideas. We watch that before it comes to the Philippines," Gotuaco told ABS-CBN News.
Baltao of EON said digital security would evolve as more bank transactions are moved to the digital space.
"The millennials now will be your yuppies in 5 years," Baltao said.
"For now, the only thing you can't do there is withdraw physical cash." -- with a report from Jessica Fenol, ABS-CBN News
banking, banks, cybersecurity, hacking, EON, Unionbank, Bank of the Philippine Islands, BPI, BDO Unibank