| ▲ | username332211 7 hours ago | |
> Generally, yeah, to use the online government and financial services in Sweden need BankID, which is almost always on your mobile phone. Can someone explain to me why phones seem to be considered more secure than online communication channels or desktops? The way I see it, it's a computing device you install all sorts of crap on, sourced from all sorts of questionably trustworthy sources (especially as all sort of retail companies have started moving from loyalty cards to apps). The Estonian solution from the early 2000s - a dedicated identification device, seems far more secure and reasonable than the modern Swedish one. If any bank in my area started offering YubiKey in leu of app authentication, I'd switch to it in a heartbeat. | ||
| ▲ | lmz 6 hours ago | parent [-] | |
Because it can be more secure and everyone has one. And it can be made quite hard to tamper with, unlike your average desktop. Consider that apps are sandboxed by default, and hardware secure element key storage should be available. Of course a Yubikey would be better. | ||