I found that banks are one of the worst organizations when it comes to authentication. They are regulated but the requirements are completely outdated and irrelevant in a risk context.
And then you have banks such as Boursobank (a French online bank) that has weak traditional authentication (and a faulty app, but they do not care) and out of the blue also provides passkeys. Making it at the same time horribly bad and wonderfully good.
The worst part is that they hide behind regulations when in fact there are only few of them.
Other instiytutions such as SWIFT are as bad and equally arrogant.
And then you have banks such as Boursobank (a French online bank) that has weak traditional authentication (and a faulty app, but they do not care) and out of the blue also provides passkeys. Making it at the same time horribly bad and wonderfully good.
The worst part is that they hide behind regulations when in fact there are only few of them.
Other instiytutions such as SWIFT are as bad and equally arrogant.