[bisq-network/proposals] Whitelist major banks and regions using 2FA to avoid mandatory account signing. (#154)

[chimp1984]

>  Moreover, there are 2FA methods that are easily overriden by scammers, such as SMS codes.

If we use 2FA we have to look at each banks way how they do it. SMS codes or allowing same decive to do mobile banking and token generation is terrible insecure. Might be still harder for a stoeln bank account scammer but if we get again a stolen bank account scam, reputation damage for Bisq is considerable and the only working protection mechanism we have has to be questioned (maybe for minor reasons as we did not verify enough the multitude of 2FAs and public information likely not available to collect that details).

So I am a bit skeptical if the added benefit justifies the risks and effort to generate such a list. But if there is easy way to render such a list which is reliable to not be polluted by insecure 2FA methods, I think its ok. 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/proposals/issues/154#issuecomment-566762788
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20191217/e6b48ea7/attachment.html>