I’ve been using the UnionBank app for a while now. We’ve always appreciated the ability to deposit checks right in the app. Just take a photo of the check, upload it to the app, making sure to strictly follow the instructions given, and voila! Your check has been uploaded to the app and will be reflected in your account. It is such a convenience, eliminating the need to line up at the bank altogether.

I never actually thought about the backend process. Who handles the verification processes that enable depositing checks through apps? Or when you take a photo of yourself for identification and verification, what is the machinery behind these security steps that have become a part of our daily lives?

I got to chat with Harvinder Singh, Regional Vice President, Identity Security, from Entrust, a global leader in identity security. They enable organizations, enterprises, banks, and financial institutions to prevent fraud.

Singh and I talked about how today’s technology, where artificial intelligence is redefining the digital landscape, has greatly improved fraud prevention; however, like a double-edged sword, the same advancements in tools and technologies are also available to fraudsters. Such examples would be deepfakes and injection attacks that you would think are only possible in movies, but do happen in real life.

"As a company, we try to manage the lifecycle of customers by doing re-authentication," Singh said, providing a clearer picture of what happens every time we log in to our digital wallets or bank apps.

E-wallets like G-Cash and Maya really became popular during the pandemic, and now everyone, even the taho vendor, has a QR code you can scan to make payments. So many people have their finances in digital wallets and access their bank accounts through digital apps and online. One of the worst modern-day nightmares is losing your money through scams and hacking. And that is why companies like Entrust have become more significant in recent years.

In order to stay ahead of the fraudster’s game, Entrust learns entire fraud patterns from different countries and different industries and trains its machine learning models to build a platform to battle fraudulent activities.

"If you look at deepfakes, they look like a real individual interacting with you, so we are constantly studying these methods, and we learn from them, and from there we've built our machine learning models that can prevent similar attacks from happening to the system," Singh said.

Singh shared that they have in-house fraud labs that are constantly training models on synthetic documents, deepfake biometric frauds, and injection attacks via their SDKs (Software Development Kits).

“So we take all those things, we build those environments into the UAT (User Acceptance Testing), and we train our models in such a way that we can implement for our customers,” Singh said.

Our conversation also touched on the news that the BSP has ordered banks to replace OTP (One-Time Password) via SMS and email-based OTPs with digital fingerprints and facial recognition.

“That’s because OTPs are very easy to attack,” Singh shared. “With digital identification, this is where our role (in Entrust) comes in; we have the right technology to determine that the person trying to get into the account is the same person who enrolled during the onboarding,” Singh said.

With BSP prohibiting the use of OTPs from June 30, 2026, users will have to ensure their biometrics are set up in their banking apps. It’s going to be something we'll all need to get used to, especially if we want to stay ahead of scammers and fraudsters. It’s a bit reassuring to know that behind the curtain, companies like Entrust are hard at work too.