And god do I hate every second of it. My bank is the worst offender, because they allow me to log in, look at my balances and everything. It is until I decide to transfer funds from savings to checking, do they suddenly decide “WAIT! VERIFY YOUR IDENTITY!”. All the while that I’m logged in!
Trying to call customer support to a car dealership to discuss changing dates on your lease? Welp, be prepared to know your child’s name, your state, your blood sample and all other shit just to reach an agent so you can ask one simple question.
Google sucks balls for this too, obviously. Can’t just simply sign in anymore, nope, gotta go find your phone and tell that, that it’s you trying to log in and then you can go in.
Not to mention the amount of fucking codes we have to enter along the way. This shit piles up, people. We waste minutes to hours, collectively, on doing this shit.
Are you advocating for less security, and identity checks when dealing with your bank?
A bank should not need to store your passport and driving licence after you’ve opened the account.
It should never have to phone you to verify your identity.
It should not use a random mobile phone number to send an SMS request to confirm a credit card transaction.
Each of those things are security theatre and actually make the whole system less secure.
As for 2FA, it should not be SMS based and it should be when you login, not when you transfer funds between your own accounts as the OP mentioned.