| ▲ | fy20 4 days ago | |
My country does this, however there are multiple authentication options. The main one is a private company that provides an authentication system using private certificates. When you try to login to an authenticated website your phone pops up a message asking you to verify the login and enter your PIN. That signs the request with your private certificate and sends it back to the provider. Other actions such as transfering money or signing contracts require you to authenticate using a different certificate, with a different PIN. The private certificate stays on your device (there are mechanisms to generate a new one if you lose your device). The other options are ID cards with a USB card reader or a mobile signature in the SIM card of your phone. For government website and utility companies you can usually authenticate with your bank as another option. I prefer it to username/password as all I need is my ID number (which unlike the US doesn't need to be private) and my phone. And basically everything you need to use to adult uses this system. | ||
| ▲ | OptionOfT 2 days ago | parent | next [-] | |
Sounds exactly like the system we used in Belgium. I don't think the system you explain is bad. It's essentially PKI. My issues are deliverability: what if I get the email and never open it? What if it gets marked as spam? And it requires me to read emails, something I've actually tried to reduce because every subject is screaming for attention. | ||
| ▲ | whatevaa 4 days ago | parent | prev [-] | |
What if phone is destroyed? It's a mobile device, can happen any time. | ||