We all here live in a tech bubble. None of my friends and family have a 2FA app, or know what one is. They understand SMS, and it's better than no 2FA at all.
At worst it's no worse than SMS, but at best it's at least secure in transport and effectively free.
The downside to email is primarily that data is not a roaming perk for many. But if it's too access an app then a reasonable assumption of internet access even if not on the mobile is valid.
The other two downsides are: Some people may chose not to have their email account on the phone. Personally I don't want to carry around access to my main email at all times (the same goes for access to my main bank account, BTW.)
Also, email delivery sometimes takes a very long time, it can be minutes, if you rely on email forwarding to protect your main email address.
Separate from that, it is not productive for you to tell me to think about it more -- for all you know I've implemented two factor authentication in various forms for decades (from OPIE when I worked at NRL to Smartcards within DOD to Passkeys currently). What would be more productive is to get more insight into what you're thinking
If you have access to somebody's email you can just click reset password and then click the "2FA" in their email and then you have access to their account
For literally years Google Authenticator had no means to move between phones. Of course people who were told to use it decided never to use OTP apps again after getting screwed.
Yubikeys (and google's keys) have had issues where the keys were extractable and needed to be replaced.
and so on.
SMS has just worked. Yes, it has reliability issues, but it's almost like people can't model even the most basic ways that the non-SMS tech is basically terrible. Even Apple doesn't work well because of the broadcast behavior of the confirmations.
I don't know about Android but Apple users can literally start adopting TOTP without changing a single thing.
Providers should simply add instructions telling people that if they have an Apple device they can just go to the keychain and add the code displayed on the screen or use the QR with the camera
"Feature phone" can often have some android installed on it. From all definitions I ever saw, it was mostly about form factor (keeping that old Nokia looks with physical buttons). Nokias now have something called KaiOS, unix-based OS where you can develop just like elsewhere.
Porting some app into another OS would be probably a showstopper due to budgets/deadlines, even though even my old Nokia in 2006 could easily run java apps like these (but ended up mostly running Snake et al).
I don't know, which people were laughed at in the industry for the last few decades because they wanted to have control over their own computers and run their own code on their own machines?
At worst it's no worse than SMS, but at best it's at least secure in transport and effectively free.
The downside to email is primarily that data is not a roaming perk for many. But if it's too access an app then a reasonable assumption of internet access even if not on the mobile is valid.