They're referring to the Revised Directive on Payment Services ("PSD2") passed by the European Union which imposes a requirement to use "Strong Customer Authentication" for certain financial transactions (online or contactless) to reduce fraud, among other things.
When you make a payment over a certain size, you're required to verify that it's you making the payment. It's 2FA for payments essentially, you enter the code sent by SMS or you tap the approval button in your banking app, or enter your PIN again for contactless transactions.
It seems a lot of payment institutions have allegedly implemented SMS verification for these transactions. I bank with Monzo (https://monzo.com) which offers an approval notification in their app.
Unless you switch to a "challenger" bank like Monzo, you're going to be getting SMS to verify transactions (otherwise the transaction won't go through) and while I consider it hyperbole to mark this as "practically illegal", it does make things rather difficult for those with no phone or SIM card.
Most institutions I know have chosen SMS for Strong Customer Authentication which means sooner or later you in practical life will need your personal SIM card (banking, doctor visit, e-prescription, e-government etc.). Unless you chose to live off the grid for real.
But also, I think you have that situation understood the other way around.
SMS was chosen because everyone has it already. So it's not a matter of being forced to have it, it's a matter of "all other alternatives are less widespread."
I think there are actually more people globally with access to mobile phones than people who have access to basic sanitation, i.e. flushing toilets.
I'm sure that many or most of those organizations have alternative, non-electronic means of interaction - such as phone, paper (writing checks), or in-person. That is the alternative to using a SIM card.
Yes but situation before September was that I could use my account without SIM card. Now access to my account requires having a SIM card and a phone.
Now imagine taking all my six SIM cards on vacation to Thailand just because you may be in need to urgently use one of my multiple bank or brokerage accounts ;-)
This article summarizes a document that's titled "opinion". As long as there is no definite legal outlawing of SMS, many banks will continue to use it.
Well the document provided is an opinion on the implementation and further clarifies the specifications. It clears states that SMS is not PSD2 compliant. Banks found in breach will be forced to comply. I think is more a banking license issue than a "legality" issue.
>> To fulfil its statutory objective of contributing to supervisory convergence in the EU/European Economic Area (EEA), and to do so in the specific context of the RTS, the EBA is issuing a further opinion with a view to responding to the large number of queries that the EBA and national competent authorities (CAs) have received from market participants on SCA and, in particular, on what procedure or combination of authentication elements may or may not constitute SCA
When you say "practically illegal" I can only assume you mean "not illegal."