2 January, 2026| Dubai, UAE [Posted at 7:27 pm]
Many major UAE banks in the United Arab Emirates (UAE) have begun notifying customers about significant changes to the authentication process for online payments. One-time passwords (OTPs) sent via SMS will no longer be used for online card purchases from the 6th of January 2026. Instead, customers will be required to approve transactions directly through their mobile applications of their bank.
UAE Banks Confirm End of SMS OTPs
Banks with some of the largest customer bases in the country sent messages to inform customers that the SMS-based OTPs for online card payments would be discontinued.
The message stated, “From January 6, 2026, we will stop sending one-time passwords (OTPs) via SMS for online card purchases.”
Customers were advised to download and activate the UAE bank smart mobile application to continue making online payments securely without disruption.
Why UAE Banks Are Moving Away from SMS OTPs
Security concern is the biggest reason behind the phase out of SMS and Email OTPs. Reportedly, banks have reported a rise in phishing attacks, SIM-swap fraud, OTP interception and social engineering scams.
Carol Glynn, finance coach and chartered accountant, said to the Gulf News, “The old authentication methods of SMS and Email OTPs are susceptible to interception and fraud. The attacker can hijack the mobile numbers through SIM sweeping or trick users via phishing to obtain OTPs.”
Similar cases are increasing throughout the country. The Abu Dhabi Civil Family and Administrative Court ordered a man to repay Dh24,500 and pay a further Dh3,000 in compensation after he contacted another person a few months ago, as he falsely claimed himself as a bank employee and tricked a person into sharing PIN and OTP.
SMS-based verification depends on the external telecom network. Therefore, it makes it more vulnerable to interception. On the other hand, the UAE bank app-based authentication operates within a bank-controlled environment, which significantly reduces fraud risks.
According to banking sources, this transition is part of a wider regulatory push to enhance digital banking safety across the UAE.
Central Bank of the UAE’s Role
An official document issued in 2025 by the Central Bank of the UAE has confirmed that OTPs delivered via SMS or email will be slowly discontinued. Customers were motivated to complete electronic transactions using the UAE in app transaction authentication features, like biometric verification or smart pass PINs. The move applies to the following tasks:
- Online card purchases
- Electronic transactions
- Local and international financial transfers
Many banks had already completed the full transition to app-only transaction approvals by October 2025.
Read more – How to Find a Job in the UAE
How App-Based Card Payment Verification Works
As we mentioned above, the UAE banks, including Emirates NBD, have already introduced app-based authentication for many customers. Here is what the new process typically looks like:
Step 1: Initiate payment
You should enter your card details on the merchant website. After entering card details on the website, you will not receive the OTP Screen.
Step 2: App notification
Next, the message will appear on the payment page to ask you to approve your transaction via your bank’s mobile app. At the same time, you will get an SMS that a payment is pending for approval.
Step 3: Review transaction
After logging into the banking app, you will see a pending payment alert. By tapping on in, you will see the Authorise transaction screen displaying elements like merchant name, transaction amount, and options for Approve or decline options. Moreover, you will also see a countdown timer (usually two minutes) that will show how long the request remains valid.
Step 4: Final approval
Now, you must enter your smart PIN or biometric details to complete the payment. Once verified, the transaction will be completed instantly without sharing any OTP.
Read more – UAE Weather Update: Fair Skies on Friday, Fog Risk Overnight, Unsettled Weekend Ahead
Timeline of the OTP Phase-Out in the UAE
- July 25, 2025: Banks began phasing out SMS and email OTPs for selected transactions
- October 2025: Several banks completed full app-based authentication
- January 6, 2026: SMS OTPs for online card purchases officially stop
- By March 2026: Full discontinuation of SMS and email OTPs expected across all banks
During this transaction period, some customers might experience mixed authentication methods depending on the bank and transaction type.
Read more – Top 10 and Best Banks for UAE Residents 2026
What About Customers Who Don’t Use Banking Apps?
Earlier plans have suggested that customers who prefer not to use mobile apps are allowed to request to continue receiving OTPs via SMS. However, this option required a written request that the bank would not be liable for fraud-related losses.
As the 6 January deadline is near, customers are strongly motivated to switch to app-based verification to ensure uninterrupted access to online card payments and maximum protection against fraud.
What UAE Customers Should Do Now
You should perform the following steps to avoid failed transactions or payment delays:
- Download their bank’s official mobile app
- Ensure the app is updated to the latest version
- Activate app-based authentication features
- Set up smart pass PINs or biometric login
- Familiarise themselves with the in-app approval steps
Banks suggests completing these steps well before January 6 2026.
A Safer Future for Digital Banking in the UAE
The move away from SMS OTPs shows the broader strategy of the UAE to support the digital infrastructure and protect customers from evolving cyber threats. App-based authentication improves security and offers a faster and more seamless payment experience.
The UAE customers can expect more secure online transactions as banks complete their transition due to they are ready to adapt to mobile app verification.
Final words
SMS OTPs for online card payments will no longer in the United Arab Emirates (UAE) from January 6, 2026. Customers must use their UAE Banks mobile app to authorise transactions, in line with the Central Bank guidelines and enhanced fraud prevention measures.
