Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.
I’ve never encountered what you’re describing. There’s always other ways to authenticate than through a mobile app, at least from my experience, and I think I’ve used about a dozen different banks/credit unions over the past 15 or so years. Last credit union I cut ties with had ZERO MFA for their web portal, except on account creation. Like, no SMS, no email, nothing - just user+pass, and making sure you have the right background picture of the login screen you picked on account generation (like, a duck or a football or whatever). Completely ridiculous in 2025 (when I cancelled my account).
Regarding the OP, I think any new competition in this space right now is good, even if it ends up just being a triopoly vs a duopoly (fat chance with this thing but we can hope).
Ideally though we need an open protocol/standard that can be implemented through any manner of device software.
No offense but it sounds like you’re from the US, where banking is 20 years behind in comparison to Europe.
The other commenter is right, some banks are mandating 2FA using your phone even to log into web banking, so phone authentication is still required.
Also some EU countries have pretty much become cashless although it’s obviously still legal tender. Even some tiny village in the middle of Denmark has card readers.
If this shit is what “ahead” looks like, I’m happy being “behind.”
This “shit” is being pushed by the US, and we Europeans are the ones pushing back on it. Just sayin.
Some countries are all-in on the digital transition and for a lot of things shops don’t even accept cash anymore. Digital QR code transfers are preferred. Be thankful that the banks that you deal with haven’t gone down this path.
2 factor TOTP exists and is secure enough for corporates to have adopted long time ago. Banks can adopt similar authentication methods but choose not to.
On the OP, not sure what the solution could be. However, going down this path seems flawed.