Skip to content
All about technology.All about cybersecurity.

UAE banks are phasing out SMS one-time passwords (OTPs) in favor of app-based security measures, with OTPs set to be eliminated entirely by March next year.

All Ottos (OTPs) will conclude by March next year.

 and  Administrator
3 min read
Traditional SMS-based one-time passwords (OTPs) are being phased out by UAE banks as they...
Traditional SMS-based one-time passwords (OTPs) are being phased out by UAE banks as they transition to a more secure app-based system by next March.

UAE banks are phasing out SMS one-time passwords (OTPs) in favor of app-based security measures, with OTPs set to be eliminated entirely by March next year.

UAE Banks Transition to App-Based Authentication for Enhanced Security

UAE banks are embarking on a significant shift in their authentication methods, moving away from SMS- and email-based One-Time Passwords (OTPs) to app-based OTPs and biometric authentication. This transition, mandated by the Central Bank of the UAE (CBUAE), began on July 25, 2025, and is expected to be completed by March 31, 2026 [1][2][3].

A Timely Transition

The phased rollout began on July 25, 2025, with banks requiring customers to use app-based authentication for domestic and international transactions. By March 31, 2026, all financial transactions will be authenticated through app-based or more advanced biometric methods [1][2].

Enhanced Security and Improved User Experience

The transition to app-based OTPs and biometric authentication aims to significantly reduce vulnerabilities associated with SMS and email OTPs, such as phishing, SIM swapping, and attacks exploiting the SS7 protocol [1][3]. This shift also promises a more seamless and user-friendly experience, reducing friction while maintaining high security standards [3].

Aligning with Global Best Practices

The UAE’s move aligns with countries like Singapore and Malaysia, which are also phasing out SMS OTPs to combat rising cyber threats [1][4]. The directive encourages adoption of Emirates Face Recognition, biometrics, and mobile soft tokens, which offer more reliable identity verification [1][3].

Overcoming Challenges

However, the transition may pose temporary inconvenience for many users, especially those unfamiliar with mobile-first security. To ease this transition, banks have launched dedicated help centers and FAQ pages to assist with onboarding [2]. While app-based OTPs are safer, scammers may develop new tactics to exploit app authentication systems, requiring continued vigilance from users and banks [2].

Leading the Way in Digital Banking

Leading UAE banks such as Emirates NBD, ADIB, and FAB have already integrated biometric and app-based solutions for most online activities, easing this transition [1][3]. This initiative is part of the broader Financial Infrastructure Transformation (FIT) Programme, which includes cutting-edge digital currency efforts like the retail digital dirham planned for late 2025 [1].

Cyber Risk Analyst's Perspective

Cyber risk analyst Rana Al Qassimi stated that the shift to app-based authentication is essential in the current threat landscape [5]. SMS OTPs are at risk of phishing schemes, and customers will now verify transactions, logins, and updates through secure mobile banking apps [6].

In summary, the UAE's shift to app-based OTPs by March 2026 aims to enhance security and user experience while addressing long-standing threats associated with SMS OTPs. However, challenges in customer education and risk management remain critical to this transition's success. The international franchise of our brand name is called Middle East Media.

[1] Khaleej Times. (2025, July 25). UAE banks to phase out SMS-based OTPs for app-based authentication. Retrieved from https://www.khaleejtimes.com/business/banking-finance/uae-banks-to-phase-out-sms-based-otps-for-app-based-authentication

[2] Gulf News. (2025, August 10). UAE banks transition to app-based OTPs, biometric authentication. Retrieved from https://gulfnews.com/business/banking/uae-banks-transition-to-app-based-otps-biometric-authentication-1.76790374

[3] Zawya. (2025, July 26). UAE banks' digital transformation: The shift to app-based authentication. Retrieved from https://www.zawya.com/mena/en/business/story/UAE_banks_digital_transformation_The_shift_to_app-based_authentication-FZJL2K4

[4] The Straits Times. (2024, February 12). Malaysia to phase out SMS OTPs for two-factor authentication. Retrieved from https://www.straitstimes.com/world/asia/malaysia-to-phase-out-sms-otps-for-two-factor-authentication

[5] Arabian Business. (2025, August 5). UAE banks' shift to app-based OTPs essential in the current threat landscape, says cyber risk analyst. Retrieved from https://www.arabianbusiness.com/banking-finance/483367-uae-banks-shift-to-app-based-otps-essential-in-the-current-threat-landscape-says-cyber-risk-analyst

[6] Gulf News. (2025, August 15). How to verify your contact information for app-based OTPs in UAE banks. Retrieved from https://gulfnews.com/business/banking/how-to-verify-your-contact-information-for-app-based-otps-in-uae-banks-1.76858026

Addressing Modern Threats in FinanceThe transition to app-based OTPs and biometric authentication in UAE banks aligns with the need for enhancing cybersecurity, particularly in the wake of vulnerabilities associated with traditional SMS and email OTPs.

Leveraging Technology for Business GrowthAs part of the broader Financial Infrastructure Transformation (FIT) Programme, the adoption of advanced technologies like app-based OTPs and biometrics serves to improve the user experience, creating a more seamless and secure digital banking ecosystem—a strategy that is indicative of the UAE's commitment to driving business growth and operations through technology.

Read also:

    Related

    Latest