Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone.
In a lot of counties banks are becoming mobile first. Want to login in the browser? Authenticate with your mobile app to approve. Don’t have a mobile phone with the requisites of the bank? Well, go to the branch, take a ticket, wait and then tell them what you want to do with your money. It’s not just about paying, banks are moving online authentication to be dependent on Google or Apple, whatever poison you pick.
This seems like same shit different flies. Still dependent on some centralised approval which doesn’t help openness and security. We need alternatives to the duopoly but this ain’t it, chief.
I’ve never encountered what you’re describing. There’s always other ways to authenticate than through a mobile app, at least from my experience, and I think I’ve used about a dozen different banks/credit unions over the past 15 or so years. Last credit union I cut ties with had ZERO MFA for their web portal, except on account creation. Like, no SMS, no email, nothing - just user+pass, and making sure you have the right background picture of the login screen you picked on account generation (like, a duck or a football or whatever). Completely ridiculous in 2025 (when I cancelled my account).
Regarding the OP, I think any new competition in this space right now is good, even if it ends up just being a triopoly vs a duopoly (fat chance with this thing but we can hope).
Ideally though we need an open protocol/standard that can be implemented through any manner of device software.
No offense but it sounds like you’re from the US, where banking is 20 years behind in comparison to Europe.
The other commenter is right, some banks are mandating 2FA using your phone even to log into web banking, so phone authentication is still required.
Also some EU countries have pretty much become cashless although it’s obviously still legal tender. Even some tiny village in the middle of Denmark has card readers.
Some countries are all-in on the digital transition and for a lot of things shops don’t even accept cash anymore. Digital QR code transfers are preferred. Be thankful that the banks that you deal with haven’t gone down this path.
2 factor TOTP exists and is secure enough for corporates to have adopted long time ago. Banks can adopt similar authentication methods but choose not to.
On the OP, not sure what the solution could be. However, going down this path seems flawed.