[crdrost]

Note that this is about large tech service providers “taking this into their own hands.” The basic problem is that a lot of these companies deal with people who store their card information and then use an insecure password or so, or reuse the password at a different website... Someone else gets into the account and requests a transaction to a new address.

Also fun story about how your advice doesn't always work, I was locked out from my money multiple times on my honeymoon in Greece despite repeated calls to the bank, repeated unlockings of said account, “hi I am actually standing at an ATM in this bank branch, can we track this account lockup in real time?”... I think with all of the time on hold I actually might have spent something like 20+ hours in the trip trying to debug it over the several times it happened.

When we finally resolved it, I'm not 100% sure about the explanation, but it was something like “the person you called a week ago put in country code GE for Georgia rather than GR for Greece, and that is the first place everybody else who has serviced your request has probably looked, but they all probably thought GE was right because you have to memorize that DE is Germany and so people get confused real easily...”