In a significant change for banking customers across the country, UAE banks will begin phasing out one-time passwords (OTPs) sent via SMS and email starting Friday, 25 July. The shift is part of a new directive from the UAE Central Bank aimed at improving security and protecting users from rising cyber threats like SIM swapping and phishing.
Instead of receiving OTPs by SMS or email, customers will now be asked to use in-app authentication, a secure, app-based feature embedded within their bank’s mobile application. This means that any financial transaction, whether local or international, must be verified directly through the bank's app.
While the transition will start this week, the complete phase-out of SMS and email OTPs will occur gradually, giving banks and customers enough time to fully adjust. For many UAE residents and families who have grown used to the simplicity of OTPs via SMS or email, the change might take a bit of getting used to. But the move is part of a broader effort to modernise the country’s financial infrastructure and build greater trust in digital banking.