Wednesday, August 17, 2022

Smartphones: a Single Point of Failure


i can’t log in to any of my banks without my phone. Most of the systems in my workplace also require phone app authentication. I can’t do any of those things with just a PC or laptop. Smartphones being the smallest and portable are surely the most lost and stolen. If someone got a hold of my PC or laptop - they would be able to do some damage, but not even close to if they were able to access my phone. Everything everywhere nowadays requires some app.

It seems wrong that Macs and PCs are in some cases now second-class citizens when they should be able to support a superset of the capabilities of a phone (well, aside from SMS).

Being able to run iOS apps on an iPad or Apple Silicon Mac is a potential workaround. As is Google Voice.

Sometimes, as with Symantec VIP Access, there is also a desktop version of the app, but that doesn’t mean that your bank or service actually supports registering multiple devices.


6 Comments RSS · Twitter

Not that this addresses the core issue, but I'm usually grateful I don't have to dig out my phone for sites that do 2FA via SMS since I have things set up so Mac Messages receives my "green" texts. I've heard of stories where people say their Mac doesn't get the SMS until much after the phone receives it. Thankfully that's never really been my experience.

@Lee I’m not sure how that’s possible. I thought the phone was literally relaying it?

I use four banks, three for personal accounts, and one for my business. They are all accessible via the web. I can't think of many banks that aren't.

I do agree that the primacy of the smartphone is problematic. We just got an electric car, and there are some charging networks you can only use via an app.

I'm using 2Stable's, which I may have read about here -- it syncs to iCloud, so I have the same 2FA available on the Mac that I do on the phone. Very handy.

With WSA on Windows, all of my formerly phone-only apps, from 2FA apps to banking apps, now run on my PC. And with Phone Links, 2FA codes sent with SMS also appear on my PC. The only problem I have is that one of the credit card apps can only be activated on one device at a time.

In Sweden the biggest banks have joined together and created an app that works similar to what Passkey will eventually be. It's been around for a decade now and it's used for a lot of things.

When I completely broke my phone it was about a week of not being able to access my comuter ticket, my bank, the tax registry, apply for "care of sick child" money, check how much mobile data I had left on my phone subscription, transfer small amounts of money etc.

It's definitely a blessing and a curse. Mostly a blessing though.

Leave a Comment