Comment by retired
15 hours ago
My provider knows who I call, who I text, which websites I browse, my bank account number, my home address, my rough location, which countries I visited for holiday and through DTMF they can even sense which buttons I press on my handset.
Eh, no? How does your provider know all your bank accounts? If at all, then the one you are using for billing - but the 2FA apps do not expose such data to the provider? The Apps communicate via HTTPS calls in the background?
I think they're implying they can glean all that information based on the 2fa codes you receive. eg. "your security code for First Bank Of HN is: xxxxxx"
Which don't contain the bank account number (at least in any 2FA I've ever received from a bank.)
Maybe they meant their provider has it for payment info. That would not be unusual in Europe.