I think the issue is that phone companies weren’t prepared for their services to be used for such high security tasks. For many decades, your phone was just mostly for keeping up with friends and family. 2FA wasn’t even that popular until maybe in the last 10 years.
Just like how the locks we buy for our exterior doors are really weak but that’s currently fine for the status quo. You’re not going to preemptively spend money to upgrade your locks.
Yep, using SMS for 2FA is the same as colleges using your social security number as ID on everything back in the day. It absolutely was never intended for the use case.
Just like how the locks we buy for our exterior doors are really weak but that’s currently fine for the status quo. You’re not going to preemptively spend money to upgrade your locks.