E-Paper
Sign In
Thu, Nov 13, 2025 | Jumada al-Awwal 22, 1447 | Fajr 05:14 | DXB 
25.4°C
iPhone | iPad
Android
Breaking NewsKT
UAE banks to cancel OTPs, switch to app verification from July 25: Emarat Al Youm
The change will apply to all types of local and international financial transfers and online transactions
UAE banks will gradually stop sending one-time passwords (OTPs) via SMS and email for digital transactions starting July 25, 2025, according to a report by Emarat Al Youm.
The change will apply to all types of local and international financial transfers and online transactions. Instead of OTPs, banks will shift to authentication via mobile banking apps, using in-app confirmation features.
Recommended For You
An official notice, highlighted in the report, confirms that the move follows directives from the Central Bank of the UAE and will be implemented in phases. Customers will need to enable and use the app-based verification feature to authorise transactions going forward. The change aims to improve security and reduce fraud risks associated with SMS or email-based OTPs.
Stay up to date with the latest news. Follow KT on WhatsApp Channels.
Khaleej Times has reached out to UAE-based banks to get their comments on how they will roll out transitioning customers from OTP to app-based authentication for any financial transactions.
Does OTP add security?
An OTP is a security method that verifies a user's identity by sending a one-time code or a temporary code. The user enters this code to complete a transaction. “However, as cyber threats have become more advanced, OTPs, including SMS-based OTPs, are no longer as secure as before,” cybersecurity expert Rayad Kamal Ayub told Khaleej Times.
“Hackers are always innovating ways for extortion. Over the last four years, they have become increasingly tech-savvy and are now utilising AI and deepfake cloning. Fraudsters frequently use cutting-edge technology, including AI and machine learning, to craft sophisticated scams,” added Rayad, who is also the managing director of UAE-based Rayad Group
SIM-swapping attacks have doubled in the last few years. Khaleej Times reported in July last year an alarming trend in which a SIM (Subscriber Identity Module) card was used to intercept OTPs.
This happened to P.S., a 58-year-old Indian who lost his retirement savings after his phone number was hacked by a scammer who used a cloned SIM card. The scammer received the OTP that was supposed to be sent only to P.S. It was already late when P.S. realised he lost his hard-earned money. He then went to the mobile service provider but was told by a customer service representative that his SIM was cloned.
Better safeguard
Rayad praised the phase out of SMS-based OTPs. He noted banks are now integrating behavioural biometrics into their mobile apps and online banking portals. For example, wealthy individuals and corporate clients are adopting hardware authenticators to safeguard access to sensitive accounts. Some banks now offer security key support for executive and VIP accounts, acknowledging the growing sophistication of targeted attacks.
“UAE banks and regulators are adopting groundbreaking authentication technologies to secure transactions, safeguard customer identities, and provide frictionless user experiences. Technology can detect when an account is being accessed by someone other than the legitimate user, even if the correct credentials are provided, offering an early warning against fraud,” Rayad pointed out.
Kamal Youssefi, president of Switzerland-based Hashgraph Association, also praised UAE banks and regulators for “taking great strides toward a more secure and digitised customer authentication approach.”
He said “the shift away from vulnerable OTP messaging to more security-focused mobile apps is a milestone that will pave the way for innovations as banks adopt stablecoin payment solutions and launch their digital asset wallets to enable seamless, secure, and instant transactions. These innovations will need to be built on distributed ledger platforms that integrate AI for the next generation of smart banking services.”
Waad Barakat
Waad Barakat is a Special Correspondent covering security topics, from law enforcement to local courts. With a keen eye for human interest stories, she hopes to blend it all with unique Gen Z-inspired content.
Angel Tesorero
Angel Tesorero is Assistant Editor and designated funny guy in the newsroom, but dead serious about writing on transport, labour migration, and environmental issues. He is a food lover too.
Don’t just scroll. Know it all. Sign up for your daily UAE news fix.
Get the top stories of the day right in your inbox.
