By Beatriz Marie D. Cruz, Reporter
PHILIPPINE COMPANIES should boost investments in mobile app security as cybercriminals increasingly exploit artificial intelligence (AI) tools to bypass traditional defenses, in response to cybersecurity firm Appdome, Inc.
“Recent studies have shown that the Philippines is just about the most important market in Southeast Asia for fraudulent activity,” Jan Sysmans, Appdome mobile app security evangelist, said in a video interview.
“Previously, security and data technology (IT) budgets focused on protecting the perimeter. In a mobile-first world, the main focus has to shift to protecting the mobile business,” he added.
Filipino consumers downloaded 3.39 billion mobile apps in 2024, rating the Philippines among the many top 10 globally in app downloads and usage hours, in response to a 2025 report by analytics firm SensorTower, Inc.
The surge in mobile banking, e-commerce and digital entertainment has also widened the attack surface for cybercriminals.
Advances in AI have rendered traditional biometric authentication corresponding to facial recognition and fingerprints less secure, Mr. Sysmans said, citing remarks from OpenAI Chief Executive Officer Sam Altman.
AI-driven deepfakes can now generate hyper-realistic data, effectively defeating identity-based security, he identified.
Cyber-incidents within the Philippines have accelerated alongside digital adoption. Data breaches jumped 49% within the third quarter, compromising greater than 52 million credentials in only three months, based on a report by Viettel Cyber Security.
“What we’re seeing already is criminal organizations hacking into AI agents, presenting themselves as customer support agents,” Mr. Sysmans said, noting that such tactics exploit user trust and the growing sophistication of conversational AI.
He urged Philippine firms to prioritize securing mobile application programming interfaces (API) and user identity data — areas often neglected in traditional cybersecurity frameworks.
“If the mobile device or the APIs that the mobile app uses to hook up with the backend are unprotected, then a criminal organization can leverage those connections to access resources or web sites and check out to inflict damage,” he said.
Despite rapid growth in mobile use, cybersecurity spending across Southeast Asia stays uneven. Industry analysts say organizations still allocate the majority of IT budgets to legacy systems and network firewalls fairly than app-layer protections.
The shift to mobile-first business models means firms can not afford to treat app security as an afterthought since the threat has moved to where the users are — on mobile.