State-run Social Security System (SSS) is urging members to update their contact information, particularly mobile numbers, to ensure secure access to the portal as it implements multi-factor authentication (MFA) for logins.
SSS officer-in-charge Voltaire P. Agas announced on Wednesday, Nov. 13 that the pension fund has added an authentication process for My.SSS logins to improve the portal’s security.
Passcodes will be sent to members’ registered mobile numbers for My.SSS logins, noting that outdated contact information could cause login issues, Agas stated.
"Updating your contact info ensures you get the codes to verify your identity when you sign in to your online account," Agas said, calling the members to act immediately.
Members can update their contact information online or at any SSS branch offices, Agas also said.
"If you have an existing mobile number in the SSS database but no longer use that phone number, you can update your details online through your My.SSS account," he explained.
Members without a mobile number in SSS records can update their contact information by submitting a Member Data Change Request form at any SSS branch.
He also advised members facing difficulties with the portal to visit e-centers at SSS branch offices, where personnel are available to assist.
Maria Belinda S. San Jose, SSS senior vice president for information technology management, stated that members can choose between two multi-factor authentication options to access their online accounts, which are SMS One-Time Password (SMS-OTP) and Time-based One-Time Password (TOTP).
San Jose added that members can use SMS-OTP by default to log in, through which they will receive a six-digit passcode on their registered mobile.
"Members can use TOTP as their preferred authentication method. They must enter the verification code to the Google Authenticator app to access their My.SSS account," San Jose explained.
She added that implementing these two authentication options for the portal strengthens its security, reducing the risks of unauthorized access and potential fraud.