UAE banks are phasing out traditional one-time passwords (OTPs) sent via SMS or email, replacing them with app-based authentication methods. This move, driven by directives from the UAE Central Bank, aims to protect customers from growing cyber threats and streamline the verification process.
Starting July 25, 2025, financial institutions across the country will begin shifting away from outdated OTP systems. Instead, users will confirm transactions and logins directly through their bank’s mobile applications—using secure methods such as biometric ID (fingerprint or face scan), push notifications, or in-app passcodes.
Traditional OTPs sent via text or email have become increasingly vulnerable to fraud—such as SIM swap attacks, phishing schemes, and email hacks. Cybercriminals have found ways to intercept these codes, putting user accounts and funds at risk.
By moving the authentication process inside the banking app itself, banks can offer a safer and faster way to approve transactions, while reducing dependency on third-party networks like telecom or email providers.
