[acdha]

> Actually making changes requires further authorization. When I make a payment the screen asks me to confirm the amount I'm about to pay. The same applies to other security sensitive changes.

That’s a good answer, too, especially of that custom message can be large enough to display the name & amount. Anything to jar people out of the “I thought I was sending $100 to the cable TV company, not $6,000 to someone in India” autopilot state.

I generally agree with your larger point and wish that banks would make it easier to do things like setup a Yubikey and require it be used on any transaction over a certain amount. I’ve never in my life needed to make a large transaction where I wouldn’t have been able to grab a token from my safe to approve it, and at some point delay becomes a security feature since it give the bank staff time to do things like call you and make sure you really intended to do something.

[dalke]

Thank you for your supportive words.

Certainly seeing articles like this about possible flaws in a centralized system, and the last of economic responsibility for fixing issues in affected customers, ... about people losing their Google id, the monopoly abuses of Google and Apple, and the e-waste issues of depending on apps which don't support old-but-working phones (sometimes in the name of security, but more often because it's expensive to maintain old phones) ... really gives me a bad feeling about this brave new world.