Banks across the UAE are moving forward with a major shift in digital security by phasing out SMS-based one-time passwords (OTPs) and transitioning to app-based authentication systems. This change comes in line with new guidelines issued by the country’s Central Bank, aimed at enhancing the overall safety and reliability of digital banking services.
Since 2025, financial institutions have been gradually introducing customers to in-app verification methods for both local and international transactions. This transition is part of a broader effort to adopt more advanced security measures that reduce vulnerabilities associated with traditional OTPs sent via SMS or email.
By March 2026, SMS and email-based OTPs are expected to be fully discontinued across all banks in the UAE. The move is designed to provide a more secure authentication process, minimizing the risk of phishing, SIM swap fraud, and other cyber threats, while also offering a faster and more seamless user experience.
Customers are strongly advised to download and activate their bank’s official mobile application, ensuring that app-based verification is enabled. This will be essential for continuing uninterrupted access to banking services, including payments, transfers, and account management.
Overall, this transition reflects the UAE’s continued push toward strengthening its digital infrastructure and safeguarding users against evolving financial fraud risks, while promoting a more secure and efficient banking environment.
