This should be far more secure and privacy friendly than a Sim card of a cellular connection. Why isn’t this done more often? What are the Pros and Cons. I bet the price is similar as well.

  • Nithanim@programming.dev
    link
    fedilink
    arrow-up
    2
    ·
    2 months ago

    My EU bank never ever used my phone number to verify anything. They only used it to contact me on some occasions. 2FA is done through their app.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 months ago

      Oh, right, their closed source app. Thats allowed. So it requires a phone.

      So the OTP is still transmitted to satisfy the requirements of PSD2. But TOTP (a more secute system that doesn’t transmit the OTP at all) is not allowed.