In a major overhaul of digital banking security, UAE banks will begin phasing out one-time passwords (OTPs) sent via SMS and email starting July 25, 2025. As part of a new regulation introduced by the UAE Central Bank, banks across the nation are required to transition to app-based verification methods, marking a critical step in the country’s broader digital transformation agenda.
OTPs via SMS and Email Being Replaced
This strategic shift aims to enhance online transaction security and reduce vulnerabilities associated with traditional OTP channels, especially SMS OTPs, which have become increasingly prone to cyberattacks such as SIM swapping and phishing.
Under the new rule, OTP SMS and email authentication will be fully discontinued by March 2026, giving users roughly 8 months to adapt. In the meantime, UAE bank customers will begin to receive OTPs through secure mobile banking apps, using biometric and in-app approval systems for identity verification and transaction authentication.
Why This Change Is Happening Now
According to officials, the decision was driven by the increasing sophistication of cyber threats and the need to protect customer data. “This transition is not just about improving convenience,” said a spokesperson from a major UAE bank. “It’s about security, reliability, and aligning with international best practices in digital banking.”
The UAE Central Bank has emphasized that phasing out OTPs via SMS and email is part of its roadmap to strengthen the national financial infrastructure and encourage secure digital banking usage.
Transition Timeline and What Customers Should Do
Here’s what users can expect over the coming months:
- From July 25, 2025, OTPs will begin phasing out from SMS and email platforms.
- Users are encouraged to download and update their bank’s mobile applications, ensuring access to the latest security features.
- During the transition period, some banks may offer both methods temporarily, but by March 2026, SMS and email-based OTPs will be completely obsolete.
Customers are advised to familiarize themselves with their bank’s mobile app, enable ‘Authentication via App’, and test the functionality ahead of time to avoid any disruption to online banking or payments.
What This Means for Consumers and Businesses
This move will significantly impact both retail and corporate banking clients. For retail users, app-based OTP verification will improve transaction speed, enhance fraud protection, and offer seamless user experiences. For businesses, especially SMEs and e-commerce platforms, adapting to these changes promptly is crucial to ensure payment workflows remain uninterrupted.
The shift away from OTP SMS methods may be seen as an inconvenience initially, particularly for users in remote areas or less tech-savvy customers. However, experts suggest that the long-term benefits—increased security and reduced fraud—will far outweigh the short-term adaptation challenges.
UAE’s Digital Banking Vision in Action
This regulation is yet another move in the UAE’s bold steps toward becoming a global fintech and digital banking leader. With initiatives like this, the country signals its readiness to embrace modern financial ecosystems and stay ahead of cybersecurity risks.
For customers, this means safer, faster, and more integrated digital services—all from the convenience of their smartphones.
Stay updated on more tech and fintech transformations like this! Explore the latest startup news, innovations, and digital breakthroughs at StartupNews.FYI – your go-to platform for all things startup.
