Can anyone recommend a US based bank (or a bank that accepts US customers) that 1) has either a 2FA token for phone e.g. with Google Authenticator, a hardware token, or some kind of other token based factor; and 2) has strong security when calling? I generally don't need a physical presence.
My current two banks don't have direct 2FA enabled. As far as I remember, the questions available to one of my banks (credit union) are simple enough that you could probably find out by doing a public info search somewhere, and the other bank (Chase) has SMS 2fa, but outside of that it's just public database questions (I know this because I had my card number stolen recently, I currently don't have access to my phone as I'm out of the country, and they asked me a few different questions from a public database, like if I had ever lived at ABC Dr., do you know this person, and what is the full name, etc.). I'd much rather be able to give the banks some kind of information that they are required to verify before they can access my account, like a verbal passphrase, but I don't think that's possible (as in, I wouldn't be able to access my account over the phone without the passphrase).
Although the list is a bit misleading. German banks are all listed without 2FA whereas in reality they all use some form of a TAN (transaction number). Not as safe as a hardware token but if you keep it safe, it's as secure as a hardware token.
And most Sparkasse branches will use actual hardware tokens. So the reality is not as bad as the list suggests.
The problem seems to be that no German bank I know of support 2FA for login purposes which is what that list tracks[0] (although they don't state that clearly – it took me a few minutes to track that down)
But listing "Sparkasse" as one German bank is misleading as there are 400 independent banks sharing that brand with different policies. They use at least a few different backends for their online system although there seemed to have been some consolidation in recent years.
You USED to be correct. I'm not military and I have a USAA bank account. For a couple/few years they opened accounts to civilians, but then reversed that decision about a year or so ago. Now bank accounts are only offered to military again.
Is that for Chase, or J.P. Morgan? My understanding is that Chase doesn't offer a 2FA besides SMS and when I go into my account settings I don't see anything that lets me enable 2FA.
They don't advertise this, but schwab offers 2fa with either a hardware token that they will ship you OR a 2FA token on your phone using https://m.vip.symantec.com/ . You have to call them up, but their customer service is pretty good.
My current two banks don't have direct 2FA enabled. As far as I remember, the questions available to one of my banks (credit union) are simple enough that you could probably find out by doing a public info search somewhere, and the other bank (Chase) has SMS 2fa, but outside of that it's just public database questions (I know this because I had my card number stolen recently, I currently don't have access to my phone as I'm out of the country, and they asked me a few different questions from a public database, like if I had ever lived at ABC Dr., do you know this person, and what is the full name, etc.). I'd much rather be able to give the banks some kind of information that they are required to verify before they can access my account, like a verbal passphrase, but I don't think that's possible (as in, I wouldn't be able to access my account over the phone without the passphrase).