Starting July 25, UAE banks are gradually replacing SMS and email OTPs with in-app transaction approvals. This safer, faster method allows users to confirm payments through mobile apps using biometrics or PINs. By March 2026, SMS OTPs will be fully phased out under new UAE Central Bank guidelines.
Dubai – UAE banks are changing how customers confirm transactions. Starting July 25, banks will begin phasing out SMS and email OTPs (One-Time Passwords) and shifting to app-based approvals. By March 2026, all banks in the UAE will use in-app authorisation only.
The move is part of new guidelines issued by the UAE Central Bank to improve digital banking security and make transactions faster and safer.
Table of contents [Show]
In-app authorisation lets you approve or reject banking transactions directly within your bank’s mobile app. There’s no need to switch to your SMS inbox or enter a code manually.
Here’s how it works:
You start a payment, transfer, or online purchase.
A notification appears from your bank’s app.
You tap the alert to view full details of the transaction.
You confirm your identity with a fingerprint, face scan, or PIN.
You approve or decline the transaction instantly.
All of this takes place inside your bank’s app, which has more built-in security than SMS or email systems.
Until now, many people in the UAE used SMS or email OTPs to verify their transactions. But these methods are becoming outdated and risky. Hackers have found ways to steal OTPs or trick users into giving them away.
Here’s why banks are moving away from SMS OTPs:
1. Better protection from phishing
Scammers often use fake websites to steal OTPs from users. In-app approvals happen only within official apps, where phishing is much harder to carry out.
2. Stops SIM-swap fraud
Some fraudsters hijack a person’s mobile number to receive their OTPs. In-app approvals don’t depend on your SIM card — they rely on your actual device and your biometric data.
3. Stronger layers of security
Mobile apps allow banks to add advanced security tools like face scans, fingerprint logins, and video selfies. SMS doesn’t offer this level of protection.
4. More control for users
With in-app approvals, you see the full transaction details before confirming — including the amount, recipient, and purpose. That helps reduce mistakes and fraud.
Besides being more secure, in-app authorisation is also more convenient. You don’t have to wait for codes, switch between apps, or worry about poor network signals.
Benefits include:
One-tap approval using fingerprint or Face ID
No SMS delays or code errors
Everything happens inside one secure app
For people who often make online payments, transfers, or shopping transactions, this system saves time and effort.
Most major UAE banks — including Emirates NBD, Mashreq, ADCB, and FAB — are now offering in-app authentication or Smart OTP features in their mobile apps.
To get started:
Update your mobile banking app to the latest version
Go to the app’s security or settings section
Turn on “App-based authorisation” or “Smart OTP”
Enable biometric login if supported
If you need help, bank websites and customer service lines can guide you step by step.
From July 25, the shift will happen gradually. You might still receive OTPs via SMS during the transition period, but by March 2026, all banks in the UAE are expected to complete the move to app-only authentication.
This change isn’t just a technology upgrade. It’s a major step toward safer, smarter banking for everyone. As digital threats evolve, using secure in-app systems helps protect your money — while making transactions easier than ever.
