Not the parent poster but my bank uses its own mobile app for 2FA. No app, no website.

It's not an option on most Thai banks due to Bank of Thailand's regulations.

They requires that for any transaction past 50k THB per day (not per transaction) you'll need to provide face recognition. This means banks need to develop its internet banking solution past Web 1.0 era. From what I know (and I didn't do much research) most banks simply just shutdown internet banking instead of complying with that, only business banking get a separate website. My bank they simply merge the personal banking and corporate banking into a new system, but you still need to approve the transaction on a push notification (and perform face recognition).

It doesn't help that I believe many online casinos and scammers are scraping internet banking and even mobile banking APIs. There was a bank that apparently you could find PHP classes on GitHub that emulate their mobile app, and when that was in the news people were saying that the bank doesn't have proper security even though to use the class you'd need to provide exact same information in the app itself. Scammers used those code to move money from mules to mules, obfuscating the money's movement. The banks doesn't talk to each other either, so once the money goes through a few banks the chance you could trace it is almost none.

There was a court case that the court have ruled that if you were to get scammed to install apps on your phone that scam you for money, the bank is at fault as they have improper security. So they're heavily incentivize to protect users from themselves.

As for facial recognition, disabled people sent letters to Bank of Thailand, as legally blind people are not compatible with the liveness checks, the bank apps do block screen captures and refuse to work when any accessibility services is on and all BoT says about that is "we already told banks to do something" and the disabled people just send a second open letter this week, as many banks did nothing, some banks probably have a backend account flag to bypass the checks but didn't train the branch agents to perform such changes on the account.

Also Thailand has move into cashless - most local people don't use cash now except for small mom & pop shops that are doing dodging tax. Of course credit card is not accepted (or with minimum) - Thai business owners doesn't like fee no matter how small it is.

Don't know if it's the same there, but where live (and I guess all of the EU) most banks allow you to use the website, but require the phone to authorize logins and transactions (as 2FA basically)

My bank retired their online banking website in favor of their app.

Not only that, but many of their core services (national payment network) are now exclusively offered in their app and no where else (yes, they will not allow you to do them in person or through their ATM). Your bank _will_ disable their website when you are the only one left using it.

I am not exaggerating. There is no way for me to use these core services if I don't use their app and they wont allow me to use their app thanks to their google play policy.

Unless otherwise mandated, their website will go away and they will have their way with your rights and make you pay for it.

Don't shrug this off. Fight this while you still can.