This is asked again and again. Apparently you guys in the USA or in other parts of the world are still lucky, but in Europe banks must be compliant with regulation that more or less force them to do 2FA through their app with the biometric authentication of either an Android or an iOS phone. There are other ways (eg giving a hardware OTP generator to customers,) but apps are the cheapest solution.
I'm just wondering since I'm currently using 3 different European banks without any biometric authentication to unlock my phone, password manager or provide a 2FA.
I'm asking so that I can adjust in time to any new regulations I'm not aware of.
Credit cards, which are US companies, use 3D secure. It's a 6 digits PIN plus a code sent to me by SMS. Amazon stores the card data and very seldom asks me for those PINs.
One bank gave me a hardware OTP generator. I type in the code, plus the bank PIN, plus a random number they show on screen.
Other banks send a push notification to their app on my authorized device (only one of my devices can be authorized at a given time). I must confirm the operation with my fingerprint or with the bank PIN. The fingerprint is easier, no password manager to open.
The result is that I can do online banking anywhere around the world but I can't use credit cards online unless I am in my home country, because for some reasons SMSes don't reach me abroad. There might be something wrong in my contract but I've not been able to sort it out.
The last time I've been in Australia I put a local SIM in slot 2 of my phone and used it for local communications and data. I could receive calls on my home SIM but no SMS. I even contacted the customer service of a credit card to attempt to make SMSes reach me on the Australian number. Fat chance.
