I wonder if there's really evidence to support that the app's protect you from phishing attacks.
I personally think notifications suck and are spam and not needed, and that we could make something new and better we don't have that today though. What do you use the bank authentication for in your country if you don't mind my asking?
If they use a website, they might mistype the URL or click on a fake link. They don’t really use bookmarks either. Even if they manage to reach the correct site or add it to their home screen, they still have to log in again each time they use it. The app removes all of that—they just tap one icon. Passkeys may improve web security, but they still have a long way to go for non-technical users.
Notification sucks, but overall I’m still in favor of it until we have something better. I’ve had to replace my credit card a few times due to fraud cases, and the same happened to my parents. Because we get instant notifications for every transaction or authentication attempt, we know immediately if something suspicious happens. That’s not really possible with web push, especially since our banks don’t support it.
Authentication is much better in the app as well. In the past, banks would ask lots of personal questions over the phone, which I’m no longer comfortable answering unless I made the call myself. With the app, the account is tied to one device, and biometric login makes it easy and secure. Any approval happens inside the app, which feels safer.
App is definitely not perfect, but for the majority of people (non-tech), it's just a lot easier and (unfortunately) safer for them.
and I answered indirectly that I don't use them.
Maybe you just are fixating on only particular answers being acceptable.
