Extend 2FA so that it doesn't just rely on the user having a mobile device, whether via SMS or authenticator app. This could be easily achieved by sending something by email.
The reason this is important is that in call centres, mobile phones are not permitted due to PCI compliance issues. It would be better to have a solution that allowed more rigorous security without a user requiring a mobile device/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.