Do you happen to know banks that meet these criteria?
- Telephone banking (of some fashion) provided
- TOTP for 2FA is a) available and b) its use is not contingent on the use of an app; 2FA seeds are freely exportable by the user via web login
Do you happen to know banks that meet these criteria?
Intelligent is a euphemism for invasive.
ConsumersPeople who earn a living must have real choice in authentication options. It’s unacceptable to freeze out particular standards because an internal marketing projection suggests the bank will make a few dollars doing so. If I only want to employ login+passphrase+TOTP, that’s my prerogative.Is it though? No offence but the vast majority of “people” do not know authentication well enough to be given their choice of login method.
And when we entrust non-security vendors to implement their own authentication, you get situations like ServiceNSW encrypting and storing credentials with a 4 digit pin.
If a bank wants to use a security vendor to strengthen their authentication, that’s better than the alternative, I’d prefer that to what I have experienced with one of the big 4 where they still use SMS.