Re: [tlug] OT: Japans digitilization

[Christian Horn <chorn@example.com>]

Hoi Raymond,

On Sun, Sep 27, 2020 at 08:04:26PM +0800, Raymond Wan wrote:
> [..]
> Here (sorry, you opened a can of worms about the things here that irk
> me), they forced us to use 2FA for banking.  Then, they had this
> brilliant idea to merge it with our phones for "convenience".
> Really...I think they just wanted to not pay for a 2FA token device,
> even though I'm happy to pay for it...  So, previously, I can leave
> the hardware token safely locked at home.  But now, one has to carry
> it around.  Imagine the stress of losing one's phone!

Reminds me of my German bank, who tries to persuade customers into 
mobile-tan, so sending a SMS for verification to you phone.  Just that
they only accept German phone numbers for that.

For 2FA, they also offer what they call chipTAN, which is quite nice:
you have a small device which has 7 brightness sensors, and insert your
banking card into the device.
The bank website is then displaying an animated gif on the screen, as
you hover that animation with the device, informations about for
example a planned transaction are transferred into the device.  The
device then shows the details like destination bank account of the
planned transfer on it's LED display, and after you verified it you
get a TAN which you use on the website.
So the device is not smarter than it needs to be, and can be used
everywhere.

Chris