clawbacks.ai | Blog

← All articles

News · 5 min read · 9 January 2026

MAS Extends SMS OTP Phase-Out to Transaction Authorisation: What It Means for Fee Waiver Calls

Following the phase-out of SMS OTP for login in Q3 2025, MAS and the banks are now retiring SMS OTP for transaction authorisation. Here's what changes for cardholders who call in.

The next phase has started

The Monetary Authority of Singapore, working with the Association of Banks in Singapore, has moved into the next stage of its multi-phase rollout to replace SMS one-time passwords with digital tokens. Having already phased out SMS OTP for account login in the third quarter of 2025, the current phase — running through the end of Q1 2026 — extends the same phase-out to transaction authorisation for customers who have activated a digital token.

In practical terms: if you have a digital token active on your banking app, SMS OTP is no longer available as a fallback for authorising transactions, not just logging in. Digital token adoption is already reported at 60–90% among DBS, OCBC, and UOB customers, so this phase affects the majority of active banking customers rather than a small minority.


Why this phase is different from the login phase-out

Login authentication and transaction authorisation are different risk categories. Logging in tells the bank who you are. Authorising a transaction — a funds transfer, a limit change, or a request processed during a phone call — is a higher-stakes action, and MAS's guidance treats it accordingly.

For phone banking specifically, this matters because many IVR and agent-assisted flows have historically leaned on SMS OTP as the fallback authentication step when a customer doesn't have the banking app open. As SMS OTP is withdrawn for transaction-level actions, banks are pushing customers who call in toward app-based confirmation instead — a push notification to approve or decline the request from within the banking app.


What this means if you're calling about an annual fee waiver

A fee waiver request processed over the phone is, technically, a transaction authorisation — you're asking the bank to modify what's charged to your account. If your digital token is active, expect the agent to verify your identity either by an app-based push confirmation, or in some flows, no live verification is required at all if you're calling from your registered mobile number and answering standard security questions.

What doesn't change: the retention pathway itself, the TRV-based approval logic, and the ability to reach a live agent by phone. This phase-out affects how you're authenticated, not whether phone-based waiver requests remain available.

What does change: if your phone is not on hand with the banking app installed and your token activated, some banks may not be able to complete the authentication step over a call alone. Before calling in about a fee waiver, it's worth confirming your digital token is active and your app is up to date.


Full phase-out expected by Q2 2026

Under the current MAS/ABS timeline, all major Singapore banks are expected to fully phase out SMS-based two-factor authentication by the second quarter of 2026. Cardholders who have not yet activated a digital token should expect prompts from their bank to do so over the coming months — this is not optional for customers who want uninterrupted phone banking access.


The clawbacks.ai approach

Our AI voice agent is built to handle whatever authentication a bank's IVR requires at the time of the call — including app-based push confirmations and OTP flows sent to your registered mobile number. You don't need to manage the authentication step yourself; we register your details once and the agent adapts to what each bank asks for.

Get your annual fee waived →

Get your annual fee waived →