[t0bia_s]

Few weeks ago my bank force me to use password and SMS code for transactions because of EU regulations. But if I would use app (which I won't), I don't have to use any passwords.

Which EU regulation tell banks to use SMS and password to make transactions without app?

[stevesimmons]

Strong Customer Authentication (SCA), "a new set of rules that will change how you confirm your identity when making purchases online".

A Google search will surface help pages from most European financial regulators and payment processors and banks. For instance, [1-3].

The rollout was delayed a couple of times so cutoff dates mentioned on older pages may well have shifted. In the UK, the cutoff date was 14 March 2022.

[1] https://www.fca.org.uk/firms/strong-customer-authentication

[2] https://www.ukfinance.org.uk/our-expertise/cards/card-paymen...

[3] https://www.visa.co.uk/partner-with-us/payment-technology/st...

[preisschild]

My bank offered SMS code authentication as alternative before, but since new EU regulations came out 1-2 years ago, Im forced to either use a physical card-reader OTP generator (which, to be fair, is free, but clunky, so I can't easily put it in my pocket) or use their app that doesn't even work on my device (i use a hardened custom android distro, but have no root and bootloader is locked)