There was only a single bank that I knew of, Wise, that let a customer use their APIs to read your account transactions... but not anymore, because of regulation 🫠
In the EU, that's how PSD2 forces you to "buy" API access to your own personal bank account transaction data through a third-party🤦♂️
@ilyess You might be wrong in 2 ways, at least if I relate this to how mobile banking is working in Europe:
Weak passwords are only a risk if brute forcing is possible. In Europe, after 3 or 5 false attempts to enter the password, access is blocked. Complex passwords do not help when so. is shoulder surfing.
There might have been a second factor: the phone as a possession factor (activated through some other trust factor), and/or biometrics (so maybe even 3 factors).
I wish I could go into detail about how f**ked up finance and payment providers are but that's covered with NDAs...
Granted most of it is just absurd #TechDebt and shitty tacked-on solutions like #3Dsecure and #PSD2 that never solved the core issues whilst bricking enough stuff that a complete redesign would've been more useful and economically...
@chris@aral The only things you can't do is buy real estate in cash or rent a car with cash, as both don't want to handle cash and car rental will likely prefer to pull the entire rent + deposit and then back-transfer the deposit after returning the car...
also banks here are extremely stingy in terms of loans and actual credit cards are sparse with low limits at best...
So if your CC doesn't support #3Dsecure, #PSD2 and Chip+Pin it may not work at all...
@Edent Fascinating! Probably not Meta’s fault. Strong Customer Authentication is an Payment Services Directive (EU PSD2) requirement. Your card’s issuing bank, not the merchant, decides how to meet that requirement. Most use a method inaccessible to a VR platform (bank’s mobile app with PIN/biometrics, country e-id app with PIN/biometrics, SMS links). Not sure how PayPal gets around this. AR/VR is a use case the EU should try to accommodate in the upcoming PSD3 revision.