No OTPs? UAE residents get in-app bank alerts as new rule goes into effect
As UAE banks move away from one-time passwords (OTPs) to in-app authentication, residents say the shift is a positive experience that prioritises security over convenience, especially for those who have fallen victim to OTP-related scams.Several banks across the country have begun implementing in-app transaction approvals for online payments and card transactions, replacing traditional SMS-based OTPs. The move comes amid growing concerns about phishing and social engineering scams that exploit OTPs to authorise fraudulent payments.As Khaleej Times reported earlier, OTPs are considered less secure and more vulnerable to modern hacking techniques, making in-app authentication a safer alternative. However, while banks say the change enhances protection, residents say it also changes how smoothly transactions are completed. 'The bank did not pay me back'Cosmina Condrat, a kitchen appliance advisor, said she prefers the new system after being scammed through OTP-based authentication. She recalled attempting to make what appeared to be a small payment, only to later discover multiple large transactions had gone through.“I was meant to pay Dh56 for a ticket,” she said. “That’s what I saw when the OTP message came through. But once I entered the OTP, the (scammer) confirmed that I was paying Dh1,500.”According to Condrat, the SMS she received did not clearly state the amount being charged. When the OTP appeared to fail, she was asked to enter it again multiple times. “I kept getting messages saying the OTP was wrong, so I did it again. The scammer was sending another message for a new payment,” she said. “I did it four times because I thought the code was not working.”It was only later that she realised she had been scammed, in which over Dh1,000 was stolen from her due to fake OTP messages. She immediately contacted her bank and blocked the card, but the transaction had already been processed. “The bank did not pay me back,” Condrat said. “So now I prefer the new way because I can double check the amount I am being charged inside the app before approving anything.”In-app authenticationMeanwhile, Reema Khan said the OTP method initially felt more convenient — noting that it was easier since the code popped up as a notification, allowing her to enter it quickly and easily into the authenticator.With in-app authentication, she said, the extra steps felt tedious at first. “You have to go back to the app, open it, approve the transaction, then come back to what you were doing,” she said. “Initially, I found that inconvenient.”However, Khan said her view changed when she considered the security aspect. “In terms of security, this is better,” she said. “Unless you open the app and approve it, the transaction will not go through.”Khan has used in-app approvals for credit card transactions with multiple banks, including CBD and Emirates Islamic, both of which have already implemented the system. “Now when you think about safety, this is better,” she added.Are OTPs more convenient?A. Paul finds OTPs more convenient. She said now that UAE banks are shifting, it has made transactions slower. She added that notifications from the app sometimes don’t appear and it also means a phone must be connected to the internet to receive that notification, she said.“Since my bank transitioned, I have experienced several issues, and I only take reassurance in the fact that it adds a layer of security,” she said. “SMS OTP scams have been rampant, and people have been careless about sharing OTPs with unknown individuals. So, although it’s inconvenient, I don’t mind due to the security aspect,” she admitted.No more OTPs for UAE banking: Step-by-step guide to new 2026 payment systemUAE bank to replace OTP with app verification for online transaction approvalsUAE banks to phase out OTPs: What it means for residents
As UAE banks move away from one-time passwords (OTPs) to in-app authentication, residents say the shift is a positive experience that prioritises security over convenience, especially for those who have fallen victim to OTP-related scams.
Several banks across the country have begun implementing in-app transaction approvals for online payments and card transactions, replacing traditional SMS-based OTPs. The move comes amid growing concerns about phishing and social engineering scams that exploit OTPs to authorise fraudulent payments.
As Khaleej Times reported earlier, OTPs are considered less secure and more vulnerable to modern hacking techniques, making in-app authentication a safer alternative. However, while banks say the change enhances protection, residents say it also changes how smoothly transactions are completed.
'The bank did not pay me back'
Cosmina Condrat, a kitchen appliance advisor, said she prefers the new system after being scammed through OTP-based authentication. She recalled attempting to make what appeared to be a small payment, only to later discover multiple large transactions had gone through.
“I was meant to pay Dh56 for a ticket,” she said. “That’s what I saw when the OTP message came through. But once I entered the OTP, the (scammer) confirmed that I was paying Dh1,500.”
According to Condrat, the SMS she received did not clearly state the amount being charged. When the OTP appeared to fail, she was asked to enter it again multiple times. “I kept getting messages saying the OTP was wrong, so I did it again. The scammer was sending another message for a new payment,” she said. “I did it four times because I thought the code was not working.”
It was only later that she realised she had been scammed, in which over Dh1,000 was stolen from her due to fake OTP messages. She immediately contacted her bank and blocked the card, but the transaction had already been processed. “The bank did not pay me back,” Condrat said. “So now I prefer the new way because I can double check the amount I am being charged inside the app before approving anything.”
In-app authentication
Meanwhile, Reema Khan said the OTP method initially felt more convenient — noting that it was easier since the code popped up as a notification, allowing her to enter it quickly and easily into the authenticator.
With in-app authentication, she said, the extra steps felt tedious at first. “You have to go back to the app, open it, approve the transaction, then come back to what you were doing,” she said. “Initially, I found that inconvenient.”
However, Khan said her view changed when she considered the security aspect. “In terms of security, this is better,” she said. “Unless you open the app and approve it, the transaction will not go through.”
Khan has used in-app approvals for credit card transactions with multiple banks, including CBD and Emirates Islamic, both of which have already implemented the system. “Now when you think about safety, this is better,” she added.
Are OTPs more convenient?
A. Paul finds OTPs more convenient. She said now that UAE banks are shifting, it has made transactions slower. She added that notifications from the app sometimes don’t appear and it also means a phone must be connected to the internet to receive that notification, she said.
“Since my bank transitioned, I have experienced several issues, and I only take reassurance in the fact that it adds a layer of security,” she said. “SMS OTP scams have been rampant, and people have been careless about sharing OTPs with unknown individuals. So, although it’s inconvenient, I don’t mind due to the security aspect,” she admitted.
What's Your Reaction?
