alt Hacker NewsIn the netherlands we do not have physical branches anymore. They died out. All banking started to go through browser. This was very sensitive to malware and viruses, so two-factor was added through phones. Then less and less people had PCs because phone provides enough. Now mobile apps for banking is the only way to do banking. Or it is required for MFA. Even if you’re calling with the bank it is used as MFA
Replies
So far in Canada... I must reiterate this, so far, this can and has been fought by one thing. Rural life, and nationalism.
There are plenty of places where mobile phones don't work, especially in the summer when there are leaves on the trees. This means SMS won't really work. So for this path, SMS, the bank has an alternative -- call a number on your account with a voice reading the 2FA code. Thus, landlines or VOIP work here.
When it comes to an app, forcing Canadians to use a phone OS controlled by US companies, still has pushback. An example being, the concept of "A Canadian having to use software from a US company, to identify themselves to a Canadian company" is still a hotspot. Especially with the US wanting to annex us.
So this lock in has not yet occurred.
Really, the phone call to a phone number on your account, not using SMS is as solid a protection, as an app running on a phone controlled by a foreign country's company. It's an alternate path. And it solves the whole 'rural person' access.
Many people living in rural areas don't even bother with a phone type device. Some have Kindles. But by buy a phone, if it doesn't work where you live?
This logic, combined with them closing rural banks, means they have to be quite sensitive here. EG, closing rural banks, then making it difficult to do online banking is political poison for our banks.
I wouldn't be surprised if it becomes impossible to even use cash in the Netherlands soon enough. The first year I was here I don't think I did even once. I've been using cash a lot more lately just out of principle and it's annoying - lots of pin-only check out lines, etc.
I still do banking through a random reader at ABN AMRO. I really hope they never get rid of it because I trust that little dumb plastic device 1000% more than my phone.
Same in Sweden, physical bank branches are rare and even they will often require an appointment. All banking is through bank apps or websites, and you use 2FA extensively. Sweden's digital ID system is called BankID because it was made by banks and, initially, for banking, though now BankID is used extensively for all kinds of government and private services.
That doesn't stop scammers. They also keep getting more sophisticated, often using a combination of social engineering and technical skill, and they keep tricking people into giving them money. So unfortunately, while malware is pretty much a non-factor, scammers still thrive.