Close Menu
    What's Hot

    Last-minute launch problem delays satellite rescue mission for NASA

    July 2, 2026

    'Most massive' Russian attack on Kyiv kills at least 20Kyiv's mayor declares a day of mourning after the major drone and missile attack on the Ukrainian capital.11 mins ago

    July 2, 2026

    Watch: BBC at site of deadly Russian attack on Kyiv flatsSarah Rainsford reports from the completely destroyed nine-storey block of flats in Ukraine's capital. 18 mins ago

    July 2, 2026
    Facebook X (Twitter) Instagram
    • Politics
    • Economy
    Facebook X (Twitter) Instagram
    Gulf News Week
    Subscribe
    Thursday, July 2
    • Home
    • Politics
      • Europe
      • Middle East
      • Russia
      • Social
      • Ukraine Conflict
      • US Politics
      • World
    • Region
      • Middle East News
    • World
    • Economy
      • Banking
      • Business
      • Markets
    • Real Estate
    • Science & Tech
      • AI & Tech
      • Climate
      • Computing
      • Science
      • Space Science
      • Tech
    • Sports

      Dominant PSG put Liverpool on the brink with 2-0 Champions League quarter-final first-leg win

      April 9, 2026

      Dubai Basketball U-18 Elite Crowned Basket Cup Sarajevo 2026 Champions in Historic Debut

      April 6, 2026

      Saudi boxing crowns 20 champions as Kingdom’s Elite Belt concludes in Riyadh

      April 4, 2026

      “He Signed for a Real Fight”: Pacquiao Contradicts Mayweather Over Rematch Status

      April 3, 2026

      Arsenal Hold Off Chelsea Fightback to Reach Women’s Champions League Semi-Finals

      April 2, 2026
    • Health
    • Travel
    • Contact
    Gulf News Week
    Home»Featured»UAE Emirates ID is not just a card: How routine sharing can lead to fraud risk
    Featured

    UAE Emirates ID is not just a card: How routine sharing can lead to fraud risk

    Gulf News WeekBy Gulf News WeekJuly 2, 2026Updated:July 2, 2026No Comments6 Mins Read
    Share Facebook Twitter Pinterest Copy Link LinkedIn Tumblr Email VKontakte Telegram
    UAE Emirates ID is not just a card: How routine sharing can lead to fraud risk
    Share
    Facebook Twitter Pinterest Email Copy Link

    Emirates ID cards contain extensive personal and biometric information, including residence number, passport data, fingerprints, iris scans, and more

    In 2020, an expat was arrested in Dubai after allegedly using another man’s Emirates ID to encash cheques in a Dh350,000 fraud scheme involving multiple transactions and accomplices. The case highlighted how identity documents can be exploited when individuals fail to follow access and verification protocols.

    The risk does not begin with organised fraud. It often starts in routine moments when residents are asked to hand over or send copies of their Emirates ID at shops, delivery points, or service counters. But these seemingly standard requests can be how sensitive personal data leaks if copied, stored, or shared without proper protection.

    Emirates ID cards contain extensive personal and biometric information, including residence number, passport data, fingerprints, iris scans, and more. If copies are mishandled, stored insecurely, or circulated without control, they can be misused for impersonation, fraud, or account takeover.

    Speaking to media, experts said the issue is not the possession of the card but unmanaged duplication of its data in everyday transactions, which often occur outside controlled or regulated systems.

    UAE authorities have advised residents to avoid sharing sensitive information and to distinguish between legitimate verification requirements and unnecessary data collection requests. Not every entity requesting a copy of an Emirates ID is legally entitled to keep it.

    ICP rules and UAE data law on Emirates ID

    The Federal Authority for Identity, Citizenship, Customs and Port Security (ICP) warned that Emirates ID cards must not be used for commercial incentives like discounts or rewards, nor held as collateral for services. It also stressed that private entities cannot keep ID cards unless legally authorised, and withholding them without judicial or official authority is prohibited.

    Under Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, any entity that collects, stores, copies, or uses Emirates ID data processes personal data. Such processing must be lawful, fair, transparent, and limited to a defined purpose, with strong safeguards against unauthorised access, misuse, or disclosure.

    The authority urged residents to protect their identity documents and share them only when legally required or when an entity has official authorisation to request them.

    When requesting Emirates ID is legal

    A legal expert said the issue is not whether Emirates ID requests are valid in principle but whether they are proportionate and properly controlled.

    “The issue is not that an Emirates ID can never be requested,” said Nikhat Sardar Khan, litigation and DIFC lawyer. “Certain entities may have a lawful basis for it — for example, KYC, banking compliance, telecom registration, or onboarding. However, the request must be proportionate. Copying or retaining Emirates ID data without a lawful purpose is not justified, and the organisation must ensure it is not misused.”

    She added that individuals have legal remedies if misuse occurs. Data subjects can file complaints against organisations processing their data in breach of the law, and can request correction, erasure, restriction, or access to their information. In more serious cases involving breaches, organisations also carry notification and reporting obligations.

    Dubai court case shows how Emirates ID misuse led to fraud

    Nikhat also highlighted a separate case to show how ID misuse can lead to major fraud. A Dubai court reviewed a dispute involving an employee who allegedly misused his employer’s Emirates ID to open a corporate account and position himself as an authorised signatory.

    Before the employer travelled, the employee allegedly obtained a small-value utility cheque and later altered its value while away. He also disabled the employer’s banking SMS alerts through a telecom channel, reducing transaction visibility.

    The situation got worse when a new company account was opened and the employee became the authorised signatory, reportedly because service providers did not verify things properly. The cheque amount increased from about Dh96 to Dh1,000,000, which allowed withdrawals of around Dh350,000.

    Some of the funds were recovered. “The case was only partially successful because the Court found that the employer had also been negligent by leaving the Emirates ID accessible in the office,” Nikhat said.

    How cybercriminals can use ID data

    Cybersecurity expert Rayad Kamal Ayub, MD, Rayad Group, said Emirates ID-related fraud typically follows identifiable patterns rather than isolated incidents.

    “Common fraud scenarios include SIM-swap fraud, fake KYC onboarding, UAE PASS-related social engineering, and identity stitching,” he said.

    SIM-swap fraud involves attackers using personal identity data to take over telecom accounts and intercept banking OTPs. Fake KYC onboarding creates mule accounts or fraudulent financial profiles. Identity stitching combines fragments of leaked data, such as contact details, to build complete identity profiles for fraud.

    Rayad also pointed to a persistent operational weakness in informal document sharing.

    “One of the most persistent weak points remains informal document sharing. Residents are often asked to send copies of their Emirates IDs via WhatsApp, email, or other unsecured channels for services like delivery verification, access control, or administrative processing. Once shared, individuals often lose control over where the data is stored, who accesses it, and how long it is retained,” he said.

    Emirates ID is secure

    The Emirates ID system is designed to provide secure identification. The card’s chip holds encrypted data that only authorised systems can access. It also has several physical security features, and the main database keeps identity records for official checks.

    “Most risks do not come from the system itself. Something as simple as scanning, photographing, emailing, or forwarding photocopy of Emirates ID is considered ‘processing’ of personal data under the Personal Data Protection Law. This triggers legal obligations on organisations to apply data minimisation, purpose limitation, and secure storage practices,” Rayad explained.

    How to protect Emirates ID data in UAE

    Regulators and cybersecurity experts agree on a simple set of steps that both individuals and organisations should follow.

    Key recommendations include:

    • Share Emirates ID data only when strictly necessary and for a defined purpose

    • Prefer UAE PASS verification instead of document sharing where possible

    • Add watermarks, dates, and purpose labels on any submitted copies

    • Avoid sending Emirates ID images through WhatsApp or unsecured channels

    • Never share Emirates ID copies alongside banking credentials or OTPs

    • Verify legitimacy of requests, especially in informal or ad-hoc situations

    • Store any collected copies securely with encryption and access controls

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Telegram Copy Link
    Gulf News Week

    Related Posts

    Most Viewed News

    'Most massive' Russian attack on Kyiv kills at least 20Kyiv's mayor declares a day of mourning after the major drone and missile attack on the Ukrainian capital.11 mins ago

    July 2, 2026
    Most Viewed News

    Watch: BBC at site of deadly Russian attack on Kyiv flatsSarah Rainsford reports from the completely destroyed nine-storey block of flats in Ukraine's capital. 18 mins ago

    July 2, 2026
    Most Viewed News

    EU border delays 'not bearable' over summer, warns airport bossHolidaymakers face long waits under the EU's new Entry-Exit System, the head of Berlin's airport says.2 hrs agoBusiness

    July 2, 2026
    Most Viewed News

    China says pilot crashed small plane into skyscraper for 'personal reasons'The 66-year-old, who died in the crash, had anxiety and referenced "ending his life" in his diary.2 hrs agoAsia

    July 2, 2026
    Most Viewed News

    Banned by Beijing, this comedian is taking his act to Chinese speakers abroadChizi, one of China’s biggest stand-up comedians, has found a new stage after falling afoul of China's censors.12 hrs agoAsia

    July 2, 2026
    Featured

    Dubai authorities arrest drug smuggling gang, seize nearly 200kg of narcotic pills

    July 2, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Editors Picks

    Last-minute launch problem delays satellite rescue mission for NASA

    July 2, 2026

    'Most massive' Russian attack on Kyiv kills at least 20Kyiv's mayor declares a day of mourning after the major drone and missile attack on the Ukrainian capital.11 mins ago

    July 2, 2026

    Watch: BBC at site of deadly Russian attack on Kyiv flatsSarah Rainsford reports from the completely destroyed nine-storey block of flats in Ukraine's capital. 18 mins ago

    July 2, 2026

    EU border delays 'not bearable' over summer, warns airport bossHolidaymakers face long waits under the EU's new Entry-Exit System, the head of Berlin's airport says.2 hrs agoBusiness

    July 2, 2026
    Latest Posts

    'Most massive' Russian attack on Kyiv kills at least 20Kyiv's mayor declares a day of mourning after the major drone and missile attack on the Ukrainian capital.11 mins ago

    July 2, 2026

    Watch: BBC at site of deadly Russian attack on Kyiv flatsSarah Rainsford reports from the completely destroyed nine-storey block of flats in Ukraine's capital. 18 mins ago

    July 2, 2026

    EU border delays 'not bearable' over summer, warns airport bossHolidaymakers face long waits under the EU's new Entry-Exit System, the head of Berlin's airport says.2 hrs agoBusiness

    July 2, 2026

    Subscribe to News

    Get the latest sports news from NewsSite about world, sports and politics.

    Advertisement
    Demo
    Gulf News Week

    Your source for the serious news. This demo is crafted specifically to exhibit the use of the theme as a news site. Visit our main page for more demos.

    We're social. Connect with us:

    Facebook X (Twitter) Instagram Pinterest YouTube
    Latest Posts

    Last-minute launch problem delays satellite rescue mission for NASA

    July 2, 2026

    'Most massive' Russian attack on Kyiv kills at least 20Kyiv's mayor declares a day of mourning after the major drone and missile attack on the Ukrainian capital.11 mins ago

    July 2, 2026

    Watch: BBC at site of deadly Russian attack on Kyiv flatsSarah Rainsford reports from the completely destroyed nine-storey block of flats in Ukraine's capital. 18 mins ago

    July 2, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    © 2026 Gulf News Week. Designed by HAM Digital Media.
    • Home
    • Politics
    • Economy
    • Sports

    Type above and press Enter to search. Press Esc to cancel.