| ▲ | leidenfrost 11 hours ago | |||||||
The most absurd part is that you totally can access the home banking from your desktop PC with Linux, without any need of hardware attestation. Suddenly it's mandatory because the device is a phone? | ||||||||
| ▲ | daemin 6 hours ago | parent | next [-] | |||||||
These days banking is one of the things for which a phone is required for. It is used as the primary banking device for most people, and for the rest it is required for two factor authentication when logging in on a PC or to verify online transactions. Maybe some bank would allow you to use some third party two factor authentication device to log in sometimes, but most (if not all) would require you to use their "app". | ||||||||
| ▲ | RachelF 7 hours ago | parent | prev | next [-] | |||||||
I really don't understand why they do this - what is so special about banking apps vs a banking site in a web browser. What is the particular threat model of a rooted phone? | ||||||||
| ▲ | matheusmoreira 9 hours ago | parent | prev | next [-] | |||||||
In my country, banks force us to install "security modules" in order to do this. Once upon a time, back when I used Windows, I got bored and tried to pry one of these things open to see why they made the computer so unusably slow. I caught it intercepting every single network connection and doing god knows what with them. That told me all I needed to know. It used to be that Linux users like me were exempt but at some point they added Linux support. Now there's a goddamn AUR package for this thing. https://aur.archlinux.org/packages/warsaw https://aur.archlinux.org/packages/warsaw-bin > Banking security tool developed by GAS Tecnologia Yeah. Banking security tool. Who the fuck even knows what it does? It sure as hell isn't me. That thing is not going anywhere near my system. | ||||||||
| ▲ | Hackbraten 10 hours ago | parent | prev [-] | |||||||
People in Europe no longer can, thanks to PSD2. | ||||||||
| ||||||||