This should be far more secure and privacy friendly than a Sim card of a cellular connection. Why isn’t this done more often? What are the Pros and Cons. I bet the price is similar as well.

  • Nithanim@programming.dev
    link
    fedilink
    arrow-up
    2
    ·
    1 month ago

    My EU bank never ever used my phone number to verify anything. They only used it to contact me on some occasions. 2FA is done through their app.

    • delirious_owl
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 month ago

      Oh, right, their closed source app. Thats allowed. So it requires a phone.

      So the OTP is still transmitted to satisfy the requirements of PSD2. But TOTP (a more secure system that doesn’t transmit the OTP at all) is not allowed.