UAE phases out SMS OTPs: How in-app banking does more than secure your money

Secure app environments make it harder to hack bank accounts, easier to stop such attempts

Last updated:
Justin Varghese, Your Money Editor
3 MIN READ
UAE phases out SMS OTPs: How in-app banking does more than secure your money
Gulf News

Dubai: With UAE banks now officially phasing out SMS and email OTPs starting July 25, customers are being encouraged to switch to in-app banking authorisation — a more secure and faster way to approve transactions.

The move comes under new UAE Central Bank guidelines, which mandate that all banks transition to app-based authentication for domestic and international transactions. By March 2026, SMS OTPs will be discontinued entirely.

So, how does in-app authentication actually work? And why are banks saying it’s the safer, smarter choice? Let’s break it down.

What is in-app banking authorisation?

In simple terms, in-app authorisation allows you to approve or reject a banking transaction directly inside your bank’s mobile app — no need to switch to your SMS inbox or type in codes.

Here’s how a typical transaction works:

  1. You make a payment, transfer, or online purchase using your bank's app or website.

  2. You get a push notification from your bank's app on your phone.

  3. You tap the alert to open the app and view full transaction details.

  4. You confirm your identity with a fingerprint, Face ID, or PIN.

  5. You approve or decline the transaction — instantly.

It’s all done within a secure app environment, which makes it harder to hack and easier to control.

Why banks move away from SMS OTPs

Until now, most UAE residents relied on SMS or email OTPs (One-Time Passwords) for verification. But cybercriminals have caught up — and that’s the problem.

Here’s why banks and regulators are saying goodbye to OTPs:

1. Protection against phishing

SMS OTPs can be intercepted or tricked out of users through fake websites. In-app approvals happen only inside the official banking app, where phishing is much harder to pull off.

2. Stops SIM-swap fraud

Fraudsters can hijack your mobile number to receive OTPs. But in-app authorisation doesn’t rely on your SIM — it relies on your device and biometric identity.

3. Stronger security layers

Biometrics, passcodes, liveness checks (like video selfies) — banks are adding multiple layers of protection inside apps that SMS simply can’t match.

4. More control, less risk

You get to see the exact amount, recipient name, and purpose of the transaction before approving — no guessing, no blind confirmations.

What makes it more user-friendly?

Security aside, in-app authorisation is also more convenient:

  • One-tap approval with your fingerprint or face scan

  • No waiting for SMS codes, especially when travelling or in low network zones

  • All-in-one experience — you get notified, verify, and approve in one place

For UAE residents who frequently make payments, transfer money, or shop online, this is a big upgrade in everyday convenience.

How to activate in-app approval in UAE

Banks across the UAE — including Emirates NBD, Mashreq, ADCB, and FAB — are rolling out “App-based Authentication” or “Smart OTP” features inside their mobile apps.

To activate it:

  1. Update your bank’s app to the latest version.

  2. Look for security settings or authentication options.

  3. Enable biometric login and toggle “App-based authorisation” on.

If you’re unsure, most banks have step-by-step guides on their websites or offer assistance via customer service.

Final thoughts?

Starting July 25, 2025, banks across the UAE will begin phasing out OTPs sent via SMS and email. This change will roll out gradually over the next 20 months, with a full phase-out expected by March 2026.

During the transition, some customers may still receive OTPs — but eventually, all UAE residents will need to use in-app authorisation to complete online transactions.

Meanwhile, what you need to keep in mind as UAE residents and e-banking customers is that the latest move isn’t just another tech update — it’s a significant step forward in how we bank.

By switching to in-app authentication, you’re not only protecting yourself from fraud, phishing, and SIM-swap scams — you’re also making your banking faster and more seamless.

So if your bank app prompts you to enable “App-based approval”, don’t wait. The sooner you switch, the easier — and safer — your digital banking experience will be.

Justin Varghese
Justin VargheseYour Money Editor
Justin is a personal finance author and seasoned business journalist with over a decade of experience. He makes it his mission to break down complex financial topics and make them clear, relatable, and relevant—helping everyday readers navigate today’s economy with confidence. Before returning to his Middle Eastern roots, where he was born and raised, Justin worked as a Business Correspondent at Reuters, reporting on equities and economic trends across both the Middle East and Asia-Pacific regions.
Related Topics:

Sign up for the Daily Briefing

Get the latest news and updates straight to your inbox

Up Next