Precisely. You can use and old-style hardware token that only generates numbers ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		fph 23 days ago \| parent \| context \| favorite \| on: The Vietnam government has banned rooted phones fr... Precisely. You can use and old-style hardware token that only generates numbers to log in, but not to authorize an operation such as a money transfer. The requirement is called "dynamic linking" (the 2FA code must be tied to the specific transaction) and the relevant regulation is PSD2.

miahi 23 days ago [–]

There are "simple" hardware tokens that allow for that - you have to enter the amount and part of the destination IBAN and they generate a 2FA number based on that + probably the same number generator it uses for logins.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact