With OTPs about to be phased out, get to know Silent Authentication
Published Apr 15, 2026 05:47 pm
The launch of Silent Mobile Authentication (SMA) with 8x8, Inc. and PLDT Enterprise.
The BSP (Bangko Sentral ng Pilipinas) has set June 30, 2026, as the deadline for using OTPs (One-Time Passwords) for verification when accessing and transacting with digital banks.
OTPs have been identified as highly susceptible to fraud and scams, such as phishing pages that can harvest OTPs in real time. SIM swap allows hackers to receive the OTPs instead of the user, and smishing tricks users into revealing their OTPs to waiting scammers.
One method banks and businesses can adopt once OTPs are no longer allowed is Silent Authentication.
PLDT Enterprise has rolled out SmartSafe SilentAccess, a flagship solution in its SmartSafe API suite, designed to speed up mobile user verification and enhance security. By tapping into mobile network and SIM-based signals, SilentAccess validates users seamlessly—no clunky one-time passwords required.
Through its integration with the 8x8 Connect platform, PLDT Enterprise and 8x8 have come together to help businesses use 8x8's Silent Mobile Authentication to reduce fraud while streamlining customer experiences. The result? A smoother login flow that eliminates manual code entry, reduces delays, and keeps users from dropping off mid-process.
I got to chat with Igor Mostovoy, Product Director, CPaaS (Communications Platform as a Service), and we discussed how Silent Authentication works and how it could become a standard for identity verification in the Philippines.
How does Silent Authentication work?
Igor Mostovoy: Compared to OTPs, Silent Mobile Authentication shifts the model from code-based verification to network-based verification. Instead of sending a code that a user must manually enter, the authentication request is validated directly with the mobile network operator. The system checks that the mobile number, SIM, and device session align with the expected identity.
Because that verification happens at the network level, it provides a strong signal that the request is coming from the legitimate device associated with that phone number. And it happens instantly in the background, so the user doesn’t need to copy, paste, or type anything.
What’s powerful about this approach is that it improves both security and the user experience simultaneously.
For Philippine enterprises, especially banks and fintech companies, integration with new security solutions can be challenging. What level of effort or technical complexity should organizations expect when adopting Silent Mobile Authentication through the 8x8 Connect platform?
Igor Mostovoy: Silent Mobile Authentication is delivered via APIs and designed to integrate with existing authentication flows with minimal disruption. For most organizations, particularly those already using messaging or CPaaS platforms, the integration is relatively straightforward from a development perspective.
The solution works best within a mobile app environment, where it can verify the device and network signals seamlessly in the background, enabling a frictionless login experience for end users.
In addition, organizations that are already using our CIAM platform can integrate even more quickly, as the authentication flow can be managed directly through the platform while leveraging 8x8’s silent authentication capabilities behind the scenes. This helps simplify implementation and reduces the amount of custom development required.
We typically recommend a phased approach. Companies can begin by introducing Silent Mobile Authentication for specific scenarios, such as returning users or low-friction login flows, while maintaining existing verification methods as a fallback.
This allows organizations to enhance both security and user experience incrementally, rather than undertaking a disruptive transformation.
Looking ahead, do you envision a future in which silent authentication becomes the standard for identity verification in the Philippines, or will it complement existing methods as part of a layered security approach?
Igor Mostovoy: Authentication is evolving toward models that are both more intelligent and less intrusive. The goal is to verify identity with greater confidence while asking the user to do less.
Silent Mobile Authentication is an important step in that direction because it uses signals from the mobile network itself - something that is inherently difficult for attackers to manipulate.
That said, the future of authentication will likely be layered. Organizations will combine multiple signals, such as device intelligence, biometrics, and network verification, to dynamically assess risk.
At 8x8, Silent Mobile Authentication is one of several modern authentication methods we offer through our ecosystem, including solutions powered by our CIAM platform. In addition to silent authentication, organizations can leverage passkeys, biometric authentication, magic links, social login, and other passwordless methods. Together, these capabilities provide a comprehensive authentication portfolio, allowing organizations to choose the right combination of methods based on their security requirements, regulatory obligations, and user experience goals.
In that environment, silent authentication can serve as the first line of verification - handling the majority of interactions seamlessly.
With fraudsters and scammers becoming ever more creative and inventive, it is important that we stay ahead and adopt verification systems that can keep our data and assets safe. With OTPs one foot outside the door already, it would be good to familiarise ourselves with the possible replacements.