That does seem better than blind trust but that app infrastructure could get compromised. I would still be wary in any situation where I did not originate the call with the bank.
Ye, I only get called by banks when my transaction gets classified as potentially fraudulent (which pretty much just means that it is for a bigger amount of money) or some other even more rare situations like finishing a loan application. Still, I'd rather be double sure that it is the bank that's calling me because I don't want to assume solely based on the convenient timing.
If the app infrastructure is compromised, the bank is liable so it feels like less of a problem. If the app does offer authorizing through the app, I shouldn't be asked any personal details that my bank already knows so I (hopefully) would still be wary, if put in such a situation though. Obviously hard to know what I'd actually do unless it actually happens to me.