Comment by XorNot
6 months ago
This is the real problem: I need my phone to work with my bank. So whatever we're doing, that's the bar to clear.
6 months ago
This is the real problem: I need my phone to work with my bank. So whatever we're doing, that's the bar to clear.
Buy the cheapest updatable phone that will work for your bank(probably a used iPhone) and use a free OS for everything else.
No, I don't want to buy, take care of, and carry around 2 devices at all times. I'm not a drug dealer.
You don't have to carry two phones. The idea is that the second phone stays home powered off and is used as an access token for the bank's website. There is no reason to carry it around. Pay cash in stores or use a credit card when cash is inconvenient.
7 replies →
Not a drug dealer but perhaps a bank dealer
so only drug dealers use two phones?
2 replies →
I use 4 different banks, they all work with GrapheneOS.
I use 3 banks, they all work as well. Plus they're all on a separate user profile, which makes it even more secure.
Is there something important in banking apps that cannot be done with a web browser?
My bank uses the banking app for auth if I try and login via a browser.
Barclays in the UK offer (or used to) a hardware device with a keypad allowing the user to do a challenge-response using the bank card's chip and PIN. Not sure if they still do, though.
Edit: https://en.wikipedia.org/wiki/Chip_Authentication_Program
What if one doesn't own an android/iphone device? Banking is a fundamental need, so most countries regulate them to cater to a wide range of users. In this case it's possible that the bank could be compelled to provide you a 2FA device if you don't have one.
2 replies →
Do they offer a physical 2FA device? Mine does and it's really useful
That's because they're stupid or doing something suspicious, probably both.
There's legitimately zero reason to allow 2FA only on your own propreitary app. You can't even make a financial argument - allowing other TOTP methods is cheaper because now you don't need an app!
11 replies →