That's almost the case in Europe thanks to PSD2, for instance banks cannot use o... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		hocuspocus on Aug 11, 2023 \| parent \| context \| favorite \| on: GSMA considers giving away mobile device locations... That's almost the case in Europe thanks to PSD2, for instance banks cannot use only SMS tokens anymore. The second factor is typically a mobile app that prompts your biometric authentication, and this obviously allows geofencing ATM withdrawals.

usr1106 on Aug 12, 2023 [–]

A mobile app running on a phone that does not receive security updates anymore (or the user not installing them) and a platform fully accessible to the NSA. I really prefer hardware tokens distributed by the bank. Even if the implementation might suck from cryptographic point of view, they are offline.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact