UAE Banks to End SMS and Email OTPs Starting July 25
Starting Friday, July 25, banks across the UAE will begin transitioning away from sending one-time passwords (OTPs) via SMS and email. This move, directed by the UAE Central Bank, introduces app-based authentication for all electronic and financial transactions, both domestic and international.
While this represents a major step in improving digital banking security, it also signals the beginning of the end for traditional OTP methods. Banks have long relied on SMS and email to verify transactions. However, these channels have become more vulnerable to cyber threats such as SIM swapping and phishing. As a result, institutions are shifting to more secure, app-based systems to protect customers.
Full Shift to In-App Authentication by 2026
The change will roll out gradually. Although SMS and email OTPs will still be available during the transition, they will be completely phased out by March 2026. Customers will instead use authentication tools built into their bank’s mobile apps.
“As per the directives issued by the UAE Central Bank, the practice of receiving OTPs via SMS or email will be phased out. Customers can now complete online transactions easily by selecting the ‘Authentication via App’ feature in their bank’s smart application,” a bank spokesperson said.
Because the transition period spans 20 months, banks encourage users to update their apps as soon as possible. This will help ensure a smoother shift to the new process and reduce friction during online transactions. Moreover, institutions will continue to support customers throughout the transition.
Strengthening Trust in UAE’s Digital Financial Future
This policy supports the UAE’s broader strategy to modernise its financial infrastructure. By encouraging secure, app-based verification, the Central Bank aims to build greater trust in digital banking. Although some users may find the change unfamiliar, it ultimately enhances account safety and aligns with global security standards.
In the coming months, banks will likely expand awareness efforts to guide customers through this transition. With time, the familiar SMS and email OTPs will become a thing of the past replaced by more secure, in-app verification systems.
