Hacker News new | past | comments | ask | show | jobs | submit login

My bank and my wife's bank both require 2FA. On the app, one of the Fs is having physical access to the device (the phone/app, which was vetted by the bank when the app was installed). On web browsers, these two banks don't offer any factor like that.

In end effect, the banks treat a non-rootable device as suitable as a "something you have" factor, but will not treat a rootable device as that.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: