UAE banks will start phasing out one-time passwords (OTPs) sent through SMS and email starting from Friday, July 25, 2025, in a significant move that seeks to enhance digital banking security.
According to new directives issued by the UAE Central Bank, all banks are required to adopt app-based authentication for both local and international transactions.
The implementation of this decision will take place in phases, and customers will be required to activate and use app-based verification to approve transactions moving forward.
The UAE central bank aims to phase out the use of OTPs completely by March 2026. This change marks a major departure from traditional OTP methods, which have become more vulnerable to cyber threats in recent years.
Through advanced technologies, UAE banks can enhance and ensure the security of their mobile apps, making the process of authenticating transactions safer for customers.
Read: UAE banking sector assets surpass $1.29 trillion in April 2025
This initiative is part of the UAE’s broader efforts to modernize its financial systems and strengthen confidence in digital banking. During the transition phase, SMS and email OTPs will still be accessible to certain users.
However, these methods will be gradually discontinued in favor of more secure, app-based verification.
