UAE Restructures Banking Auth with New Fraud Regulations
Key Points
- 1UAE eliminates SMS/email OTPs for banking authentication
- 2New regulations boost security against social engineering scams
- 3Changes promote domestic security in financial transactions
- 4UAE eliminates SMS/email OTPs for banking authentication • New regulations boost security against social engineering scams • Changes promote domestic security in financial transactions
The Central Bank of the UAE will enforce new regulations by March 2026 that mandate financial institutions to abandon SMS and email-based one-time passwords (OTPs) for customer authentication. This shift comes in response to increasing vulnerabilities associated with these traditional methods, which have been easily compromised by fraudsters through tactics like SIM swapping. As a secure alternative, mobile authentication tied directly to banking apps is being advocated, promising enhanced security and cost-effectiveness.
These changes coincide with a surge in impersonation scams, compelling banks to implement advanced techniques such as behavioural analytics and active call detection to thwart fraud. By integrating these technologies, financial institutions can gain a more sophisticated understanding of customer interactions and detect suspicious activities in real time. This regulatory evolution not only fortifies national defense against fraud but also enhances the overall trust in the UAE’s financial infrastructure.
Free Daily Briefing
Top AI intelligence stories delivered each morning.