You know how your bank asks you to verify details when you call?
Without the right details the customer support people don’t get entry into the customers account details.
Banks have been doing this for 30+ years..
Which is such a lame and flawed mechanism to avoid letting them access anyone's data. I mean what are you even trying to prove here? That banks care about customer's security when they can't even implement a secure 2FA which is not just an unencrypted text message
“Give a man a gun and he can rob a bank, but give a man a bank, and he can rob the world.”
> I mean what are you even trying to prove here?
That there are more options than holding your hands up and arguing the company couldn't have done anything further in terms of implementing effective controls.