I think part of the challenge is increasing tech literacy in America. Most of my friends and family have trouble understanding password managers or hardware 2fa.
I think you're overestimating the problem. Here in the UK, banks send out physical 2FA devices (card readers, little calculator style devices, etc) for those who don't want something eg linked a smart phone app. They're easy enough to use for anyone who can use online banking, and those who don't need or want online banking don't need them.
Which banks still send these? Former HSBC USA sent me one before they shut down their consumer products but it was very poorly implemented in their web interface
We got credit cards with chips way after Europe. We don't have anything close to GDPR because enough voters don't understand data privacy (and ofc regulatory capture).
> We got credit cards with chips way after Europe.
That was largely due to POS terminals in gas pumps — we have LOTS of gas pumps and the POS devices in them aren't uniform or inexpensive. When I worked on payment systems the resistance was from the merchants, not the consumers.
Where research (and experience) has shown some degree of consumer dissatisfaction is with entering PINs, which is why chip-and-PIN credit cards aren't commonly seen in the US. Even in countries where it's commonly used, you generally only require the PIN over a merchant-set amount.