Do you happen to know banks that meet these criteria?

  • Telephone banking (of some fashion) provided
  • TOTP for 2FA is a) available and b) its use is not contingent on the use of an app; 2FA seeds are freely exportable by the user via web login
  • ode@discuss.tchncs.deOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Intelligent is a euphemism for invasive.

    Consumers People who earn a living must have real choice in authentication options. It’s unacceptable to freeze out open standards because an internal marketing projection suggests the bank will make a few dollars doing so. If I only want to employ login+passphrase+TOTP, that’s my prerogative.

    • RealVenom
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Is it though? No offence but the vast majority of “people” do not know authentication well enough to be given their choice of login method.

      And when we entrust non-security vendors to implement their own authentication, you get situations like ServiceNSW encrypting and storing credentials with a 4 digit pin.

      If a bank wants to use a security vendor to strengthen their authentication, that’s better than the alternative, I’d prefer that to what I have experienced with one of the big 4 where they still use SMS.