The frustrating thing is that this is both the final nail in the coffin for computing freedom, while also having a legitimate use case. I'm seeing new banks that flat out do not have a web UI at all. The reality is that desktop OSs and browsers have done nothing to stop the fact that it is trivial for a regular person to accidentally install malware which is completely transparent.
Online fraud and theft is exploding right now and the average person is simply not capable of securing a laptop so the companies have decided to only allow secure access through a phone which can usually be trusted to be malware free.
And in 100 years you will need to have your brain scanned to withdraw cash. The process will validate both your identity and that you aren't being coerced.
It has to stop somewhere. 100% security may reduce the banks' fraud costs but it isn't acceptable for personal freedom. "Choose a different bank then" only works until all they all adopt it.
The banks aren't the ones taking the loss for scams since their system doesn't have any faults, it's you or your computer that authorized the translation. I can see the reasoning for the push to more secure transactions. We constantly have people being scammed of their life savings due to sophisticated attacks beyond their understanding.
I assume an old person cares about not being left poor and helpless in retirement more than they care about free software and computing freedom.
I think it's probably likely that we will end up in a situation where some devices like phones and maybe laptops are considered "secure environments" where banking transactions and such can be safely executed, while alternative devices will be available for complete freedom and tinkering. You'll likely always be able to run any program you want on your laptop but those programs will be limited to their own sandbox rather than having free access to any other programs data.
I agree, sort of -- I still think it's a farce. Unless this is implemented in a way that has a checklist that is updated so frequently as to force Windows users to do what they're often notorious for LOUDLY refusing to do... then it's more theatre.
As long as Windows users are allowed to remain as out of date on patches as they are, and depending on what the browser users as its attestation "source", I don't see how the browser and website can ever meaningfully establish the validity of the statement "the client is trusted to be malware free".
I wish the answer was that MS would secure Windows better. Sandboxing applications, and making it a pain in the ass to request high privilege functions. The current state of things is you just get a useless popup to grant admin access which literally every program requests so as a user you have no real tools to combat malware.
It's too hard for even someone who is highly knowledgeable to know if they have malware, let alone the average person.
Online fraud and theft is exploding right now and the average person is simply not capable of securing a laptop so the companies have decided to only allow secure access through a phone which can usually be trusted to be malware free.