[JoshTriplett]

This would be less of an issue if there were an explicit regulatory mandate saying "businesses larger than X may not limit any consumer capabilities for interacting with their business in such a way that it can only be accessed by proprietary applications running on locked-down systems that a user cannot modify, control, or install their own software on. Offering to have a person handle that functionality on their behalf does not constitute an alternative to functionality made available via such an application". (With appropriate clear definitions for "locked-down", and other appropriate elaborations.)

[fluidcruft]

I don't know that sounds pretty dumb on the whole. The key challenge is determine who is at fault in the event of a breach. I don't think it's reasonable to hold companies responsible for privacy while also requiring them to allow privacy to be invaded.

[JoshTriplett]

The current situation is that banks regularly require the use of an unmodified, unrooted Android or iOS device, which reinforces the duopoly and makes it impossible for anyone to compete. (Even emulating Android doesn't help, as emulated Android won't pass the checks banks do to make sure you don't have control of your device.)

That situation is not acceptable. Got something better than insults like "pretty dumb" to say about how to resolve this abuse of the two-player oligopoly in the mobile phone market?

[fluidcruft]

I actually did explain specifically why it was pretty dumb and you ignored that point completely.

[JoshTriplett]

You are uncritically repeating the party line from banks who claim it is necessary for security, without giving any rationale or supporting evidence, and coupling it with an insult.

[fluidcruft]

The "party line" is not that holding companies accountable for security and also requiring them to be insecure is inconsistent.

[JoshTriplett]

The incorrect party line is that allowing rooting and running your own OS and apps is insecure.

Meanwhile, those same banks have websites.