The readers cost money and people lose them. I still have one for one bank but otherwise it's SMS everywhere.
They clearly just don't see it as a realistic threat, on top of all the other security measures in place (for me it's a password, and also a memorable word that isn't typed on the keyboard, then SMS OTP). It's not a great defence of SMS but perfect is the enemy of good, and SMS is just about ok.
Most hacking stories I hear about seem to happen through social engineering, where people go to great lengths to authenticate themselves for someone over the phone.
One thing that is starting to take hold is banking apps, which once installed can be used to authenticate payment. Again not perfect but better than SMS, and users are increasingly likely to have them installed because of ease of use.
They clearly just don't see it as a realistic threat, on top of all the other security measures in place (for me it's a password, and also a memorable word that isn't typed on the keyboard, then SMS OTP). It's not a great defence of SMS but perfect is the enemy of good, and SMS is just about ok.
Most hacking stories I hear about seem to happen through social engineering, where people go to great lengths to authenticate themselves for someone over the phone.
One thing that is starting to take hold is banking apps, which once installed can be used to authenticate payment. Again not perfect but better than SMS, and users are increasingly likely to have them installed because of ease of use.