Biometrics to replace SMS OTPs for online transactions in the UAE

The United Arab Emirates are accelerating the transition toward stronger digital payment security. Banks are progressively replacing SMS one-time passwords (OTPs) with in-app and biometric authentication methods, aiming to reduce fraud while improving the overall user experience for online transactions.

Why SMS OTPs are being phased out

SMS OTPs have long been used as a second authentication factor for online payments. However, this method has become increasingly vulnerable to fraud, including SIM-swap attacks and phishing. Because SMS relies on external mobile networks, it offers limited protection against interception and manipulation. To address these risks, UAE regulators have encouraged banks to move toward more secure authentication models.

In-app and biometric authentication

The new approach is based on in-app transaction approval. When a payment is initiated, customers receive a notification in their banking app, where they can review the transaction details. Authentication is then completed using biometric verification, such as fingerprint or facial recognition, or a secure in-app PIN. This closed and encrypted environment significantly strengthens security compared to SMS-based codes.

Security and user benefits

Biometric and in-app authentication reduces exposure to common fraud techniques while offering a smoother experience. Transactions are approved faster, without waiting for SMS delivery, and remain accessible even when network coverage is limited. By adopting these technologies, the UAE is reinforcing its position as a leader in secure digital banking and setting a clear direction for the future of online payment authentication.

Source : https://www.biometricupdate.com/202601/biometrics-replacing-sms-otps-for-uae-online-transactions