My bank recently made it that app-based MFA must be used for every single web login. Unless I and many others are willing to swap banks in the vain hope that the new bank won't do the same thing (I am not), then we're cooked.

I uninstalled banking related apps from my phone years ago. I used it so infrequently that every time I did use it, it was as if it had been newly installed and didn't remember anything about me. Now I use a desktop web browser for anything finance (and it's Firefox on Linux, so thankfully that works for now).

Many banks are slowly phasing out their websites to go app only.

Also, use ATMs if you can instead. Don't use propietary code on your own machine; run it on theirs instead.

Ain't gonna happen (unfortunately). Somehow people (outside of HN) seem to like to use apps for everything. EVERYTHING.

Except they did in several countries, typically using activeX.

It's too late for that. In many Asian countries, most of the banks have completely removed access via a browser.

> What if we collectively decide to use the web alternatives for banking?

So, like, legislate it?

Prior art exists on this point.

Can anyone confirm that the situation regarding authentication in EU will change with the PSD3 directive ? As far as I read the directive will require authentication methods to individuals without smartphones. Anyone alrady working on this ?