Under the new EU rules 2FA over SMS is not allowed because it is possible to tra... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		imtringued on Oct 9, 2019 \| parent \| context \| favorite \| on: I was just subjected to the most credible phishing... Under the new EU rules 2FA over SMS is not allowed because it is possible to transfer phone numbers to other devices (through social engineering or simply because providers reuse old numbers) and thereby intercept the code. Instead most banks use an authentication app so that 2FA is bound to a single device.

jwilk on Oct 9, 2019 [–]

Citation needed?

Some Polish banks definitely allow using SMS as a second-factor.

(And some even let you use a permanent cookie for that. :-O)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact