> Why should a bank be ever able to dictate what the user does..
I'll deliberately answer early: because they're on the hook for your mistakes.
Your bank dictates security terms. This isn't new. They can demand you appear in person with multiple forms of identification. They can (and have) demand you use 2f hardware they provide. They can withdraw service if they think you're a risk to their business.
If I suddenly found myself with billions in potential liabilities, I'd do absolutely everything to ban footguns. Apps with system access installed from insecure sources. Yeah, no thanks.
I'll deliberately answer early: because they're on the hook for your mistakes.
Your bank dictates security terms. This isn't new. They can demand you appear in person with multiple forms of identification. They can (and have) demand you use 2f hardware they provide. They can withdraw service if they think you're a risk to their business.
If I suddenly found myself with billions in potential liabilities, I'd do absolutely everything to ban footguns. Apps with system access installed from insecure sources. Yeah, no thanks.