Dubai: UAE banks are stepping up digital security measures as new regulations from the Central Bank of the UAE (CBUAE) require financial institutions to phase out SMS and email-based one-time passwords (OTPs).

Under the new rules, all licensed banks and financial institutions must adopt safer authentication methods by the end of next month. Customers will increasingly use mobile banking app approvals, fingerprint scans, facial recognition, and secure PINs instead of receiving OTPs through text messages or emails.

A spokesperson from a Dubai-based bank said customers can now authorize transactions directly through their banking apps using the “Authentication via App” feature. This change is expected to affect everyday banking activities such as online shopping, fund transfers, and card payments.

Stronger Focus on Fraud Prevention

Industry experts say the move is part of a broader effort to combat rising cyber fraud and impersonation scams across the region.

Rob Woods, Senior Director for Fraud and Identity at LexisNexis Risk Solutions, said new CBUAE regulations place fraud prevention at the center of banking operations. Banks are now being encouraged to use advanced tools such as behavioral intelligence, active call detection, and screen-sharing detection to identify scams in real time.

He noted that while larger banks have already begun implementing these systems, many smaller institutions are still catching up.

Rise in Digital Scams

Financial fraud in the Middle East has seen a sharp rise in recent years, with scammers increasingly posing as bank officials or government representatives. Social media phishing scams targeting younger users and online romance scams also remain major concerns.

Experts say SMS-based OTPs have become vulnerable to SIM-swap attacks and social engineering fraud, where victims are manipulated into sharing security codes.

New AI Rules for Banks

Alongside the authentication changes, the UAE Central Bank has also introduced new guidelines governing the use of artificial intelligence (AI) and machine learning in the financial sector.

The framework outlines stricter accountability and oversight requirements for banks using AI in areas such as fraud detection, customer profiling, and risk monitoring.

CBUAE Governor Khaled Mohamed Balama said the guidelines are designed to promote responsible AI use while strengthening consumer protection, governance, transparency, and data security.

What It Means for UAE Residents

For residents across the UAE, online banking will soon rely more on biometric verification and secure in-app approvals instead of traditional OTP messages. Banks are accelerating upgrades to comply with the March 2026 deadline and improve protection against increasingly sophisticated cyber threats.

Reported by Gold 101.3 FM — UAE’s No.1 Malayalam Radio Station.