Emirates NBD will introduce app-based verification for online transactions, phasing out the use of SMS one-time passwords (OTPs) as part of a sector-wide shift in the United Arab Emirates to strengthen digital security.
The Dubai-based lender told customers it would โsoonโ replace SMS OTPs with a push notification that directs users to the bankโs ENBD X app to approve online payments made with Emirates NBD debit or credit cards. The change was communicated in a customer statement on Thursday, according to Khaleej Times, which first reported the development and previously reported in July that UAE banks would gradually stop sending OTPs via SMS and email for digital transactions.
Emirates NBD, Dubaiโs largest bank, said the new approach is intended to deliver โa smarter, faster, and more secure wayโ to authenticate payments. The service will leverage the bankโs Smart Pass and biometric verification features for step-up authentication. Approvals will be handled directly within the app and will require an internet connection rather than a mobile carrier signal.
The move reflects a broader transition across the UAE banking sector toward in-app confirmation for a range of digital activities, from domestic and international transfers to online purchases, in place of codes delivered by text message or email. Banks globally have been moving away from SMS OTPs amid concerns over vulnerabilities such as SIM-swap fraud, message interception and phishing, and toward app- and device-based methods that can incorporate biometrics.
Fraud remains a focal concern for financial institutions in the UAE. A survey by LexisNexis Risk Solutions found that organisations in the country incur an average cost of 4.19 dirhams for every dirham lost to fraud, once internal labour, external costs, interest, fees and related expenses are included. The study also reported that 92% of UAE firms said fraud had affected customer satisfaction.
For customers, the switch means payment approvals will shift from entering codes received by text message to tapping push notifications and confirming within Emirates NBDโs app, potentially using fingerprint or facial recognition where enabled. The in-app model may also benefit users travelling abroad, as it relies on internet connectivity rather than mobile SMS delivery.
Emirates NBD did not immediately detail whether SMS OTPs will remain available as a fallback for customers without smartphone access or who are unable to install the ENBD X application. The bankโs notice indicated the change would begin with online card payments. The lender has invested heavily in digital platforms in recent years as consumers in the Gulf adopt mobile banking at scale.
UAE banks have been rolling out upgrades to customer authentication in tandem with card-scheme and industry standards that favour stronger, app-centric verification for e-commerce and digital banking. As implementation expands, the changes are expected to affect a wide range of online transactions across the Gulf financial market.
