No more OTPs: UAE bank says ready to roll out app verification
UAE banks said the majority of customers have shifted from traditional one-time passwords and that they have rolled out in-app security codes for online transactions ahead of the complete phase-out of OTPs by the end of this month.By the end of March 2026, all licensed financial institutions (LFIs) must eliminate SMS- and email-based one-time passwords (OTPs) to enhance security for banking transactions. With online fraud on the rise worldwide, the race is on to adopt secure, biometric, and risk-based authentication methods.“Commercial Bank of Dubai (CBD) began transitioning away from traditional SMS OTPs earlier this year with the introduction of the in-app one-time secure code feature. Customer adoption has been very swift, and as of last month, all 3D Secure online transactions are now conducted via the secure code feature, marking a significant milestone in fully phasing out SMS-based OTPs,” said a spokesperson for CBD.Stay up to date with the latest news. Follow KT on WhatsApp channels.The Dubai-based lender said customers’ response has been overwhelmingly positive. “Over 80 per cent of active users have registered for the in-app secure code feature. This demonstrates strong trust in and demand for a safer, more seamless digital authentication experience,” the spokesperson added.Emirates NBD said several key processes have already been revamped and implemented across its customer base in line with the received guidelines.“We have successfully completed the migration of over 2.5 million digitally active card customers to in-app authentication for 3D Secure card transactions via our mobile app. Given that our customers have been accustomed to SMS-based OTPs for an extended period, this transition was undertaken gradually to ensure a smooth and secure experience. Despite the phased approach, we are pleased to confirm the successful transition of our entire digitally active customer base to in-app authentication,” Dubai’s largest bank said.Meet the deadlineWith the rapid pace of digital transformation, digital payments in the UAE continue to grow significantly. According to the UAE Banks Federation, digital payments are projected to rise to $132 billion (Dh484.4 billion) by 2028, up from $43 billion in 2023.Emirates NBD said it is on track to phase out SMS OTPs for all critical and sensitive journeys, transitioning to enhanced security measures such as in-app authentication and partnering with tech solutions provider Emirates Face Recognition.“We have already rolled out the in-app authorisation process, replacing SMS OTPs, for key financial transactions, including 3D Secure card transactions. We are confident that all other impacted journeys will also be completed by mid-March 2026, well ahead of the March 31 deadline,” it said.Commercial Bank of Dubai said it remains focused on delivering a compliant, secure, and superior customer experience.No more OTP in UAE: Authentication through banks’ apps to prevent social media scamsPay with your face: UAE introduces region's first biometric payment methodNo OTPs? UAE residents get in-app bank alerts as new rule goes into effect
UAE banks said the majority of customers have shifted from traditional one-time passwords and that they have rolled out in-app security codes for online transactions ahead of the complete phase-out of OTPs by the end of this month.
By the end of March 2026, all licensed financial institutions (LFIs) must eliminate SMS- and email-based one-time passwords (OTPs) to enhance security for banking transactions. With online fraud on the rise worldwide, the race is on to adopt secure, biometric, and risk-based authentication methods.
“Commercial Bank of Dubai (CBD) began transitioning away from traditional SMS OTPs earlier this year with the introduction of the in-app one-time secure code feature. Customer adoption has been very swift, and as of last month, all 3D Secure online transactions are now conducted via the secure code feature, marking a significant milestone in fully phasing out SMS-based OTPs,” said a spokesperson for CBD.
Stay up to date with the latest news. Follow KT on WhatsApp channels.
The Dubai-based lender said customers’ response has been overwhelmingly positive. “Over 80 per cent of active users have registered for the in-app secure code feature. This demonstrates strong trust in and demand for a safer, more seamless digital authentication experience,” the spokesperson added.
Emirates NBD said several key processes have already been revamped and implemented across its customer base in line with the received guidelines.
“We have successfully completed the migration of over 2.5 million digitally active card customers to in-app authentication for 3D Secure card transactions via our mobile app. Given that our customers have been accustomed to SMS-based OTPs for an extended period, this transition was undertaken gradually to ensure a smooth and secure experience. Despite the phased approach, we are pleased to confirm the successful transition of our entire digitally active customer base to in-app authentication,” Dubai’s largest bank said.
Meet the deadline
With the rapid pace of digital transformation, digital payments in the UAE continue to grow significantly. According to the UAE Banks Federation, digital payments are projected to rise to $132 billion (Dh484.4 billion) by 2028, up from $43 billion in 2023.
Emirates NBD said it is on track to phase out SMS OTPs for all critical and sensitive journeys, transitioning to enhanced security measures such as in-app authentication and partnering with tech solutions provider Emirates Face Recognition.
“We have already rolled out the in-app authorisation process, replacing SMS OTPs, for key financial transactions, including 3D Secure card transactions. We are confident that all other impacted journeys will also be completed by mid-March 2026, well ahead of the March 31 deadline,” it said.
Commercial Bank of Dubai said it remains focused on delivering a compliant, secure, and superior customer experience.
What's Your Reaction?
