← Back to context

Comment by shakna

6 days ago

Since before 2023, MFA has been mandated by the government in Australia [0], for all critical services, including banks.

One without, does not exist, or is in violation of their national obligations and likely to be cut off by the RBA.

The only "effective" complaint here, would be the gigantic effort to lobby for a change in laws entirely.

[0] https://www.apra.gov.au/use-of-multi-factor-authentication-m...

1 comment

shakna

Reply
severino  6 days ago

In my country there are regulations in effect too that mandate the use of MFA; however, using an application is not the only way to implement MFA, as I said, in Spain banks can use SMS, coordinate cards, etc., and they are all valid MFA methods. I think what these laws are missing is the obligation for the service (the bank in this case) to provide a MFA device if the user doesn't have one.