Banks across the UAE are set to roll out a significant update in how customers verify their online transactions, as the Central Bank mandates a shift away from traditional one-time passwords (OTPs) sent via SMS and email.
Beginning Friday, July 25, financial institutions will gradually move clients toward app-based authentication, replacing the more vulnerable OTP methods that have long been targeted by fraudsters through SIM-swapping and phishing schemes.
“As per the directives issued by the UAE Central Bank, the practice of receiving OTPs via SMS or email will be phased out,” a bank representative confirmed. “Customers can now complete online transactions easily by selecting the ‘Authentication via App’ feature in their bank’s smart application.”
The transition marks a major stride in the country’s efforts to enhance cybersecurity and build stronger trust in digital banking services. Customers are being encouraged to update their banking apps and familiarize themselves with the new verification system.
Although SMS and email OTPs will still be temporarily available for certain users, they are scheduled to be fully discontinued by March 2026. Banks have assured users that the new in-app security features are built on risk-based technologies designed to offer a safer and more seamless experience.
This initiative is part of a broader national push to modernize financial systems and minimize the growing threats posed by cybercrime.
