Suppose you resist a bank that forces you to access your account exclusively via some shitty phone app, which also requires you to buy a new smartphone. And suppose you refuse, so your only access to the bank account is via the card.
What happens when the time comes that (e.g.) the gov or a creditor demands a payment by credit transfer, not by card? Are you consequently forced by your obligation to make a payment to then buy a phone? Or do you have a right to manually order a payment from your bank by sending a written letter or something?
There is this law but I’m not sure it’s applicable:
REGULATION (EU) No 260/2012, Art.4: Interoperability
…
3. The processing of credit transfers and direct debits shall not be hindered by technical obstacles.
I think that law was really intended for the bank-to-bank segment of the transaction, not consumer to bank. I get the impression we have no codefied rights, just recommendations to lawmakers, such as:
The European Commission, in its 2012 Green Paper, insisted that standardisation in the mobile payments area should ensure full interoperability between mobile payment solutions, and favour open standards to ensure the mobility of consumers when they wish to change their telecom operator or bank.
…
In its Mobile Payments Initiatives Overview, the European Payments Council stated that different mobile payment solutions from multiple payment service providers should be able to coexist in the same mobile device. In its opinion, consumers should not be bound to a specific network operator or particular mobile equipment, but should be able to switch between payment service providers, with interoperability as a key feature needed to achieve these goals.
But to be fair that was written 10 years ago. Any headway?
Not European, but hopefully adding to the question…
There is a balancing act here. Ease of use vs security.
Yes access to one’s money should be as frictionless as possible; but you need the security to know that no rando can get into your accounts.
I’d prefer to see better options for MFA. Rather that you must use the banks app, you should be able to use any app that supports TOTP or your own TOTP device.
— sms isn’t secure, but it is basically universal
Otherwise for someone who doesn’t have a phone, they would have to bank like we did before the internet.
Security can be done well, but even the best security adds friction to ease of use
The EU has that covered as REGULATION (EU) No 260/2012 imposes 2FA.
But for me personally, I do not trust closed-source apps from surveillance advertisers running on a Google or Apple proprietary platform, no matter how well they do the 2FA. Even if the endpoint were impenetrable, I do not trust the bank itself not to snoop – in part because I do not trust the GDPR, which is scantly enforced and regularly disregarded to a laughable extent. And from the ecocide PoV, I refuse to throw away good hardware and support designed obsolescence. They can pry my old phone from my cold dead hands.
I mean, if you don’t trust any apps or the GDPR or the bank, at that point you should probably just keep the money in cash under your tinfoil hat…
Of course. Cash would solve the problem. But creditors are refusing that now and also refusing cards at the same time. Otherwise the bank card could get cash out of the ATM and pay the creditors.