In Denmark, we have a common login system called MitID (translated: MyID), which is used by all bank, insurance company, the governmental digital mail system (not email, but pdf's in a vault) and it still-alive now-commercial-only predecessor. I believe it is by law.
The system is 2FA with either your phone or a hardware dongle proving your identity.
It is strongly authenticating you as a person, that is precisely identified (but the services are only getting a token, but it can also validate your person-number - think SSN in US context).
It is quite harsh in device security, recently failing on beta versions of Android - on top of afaik always failing on rooted devices...
The phone version also requires you to scan a continuously changing qr-code twice to proceed, which is shown when you need to identify yourself (in an I-frame). This is to ensure you are "physically" present where you are being authenticated (i.e. to block of some phone scams).
Works pretty well and is reasonable secure, whilst still having some flaws..
In the future, I believe this system will work in some/all of the EU due to the coming eIDAS legislation...
The system is 2FA with either your phone or a hardware dongle proving your identity. It is strongly authenticating you as a person, that is precisely identified (but the services are only getting a token, but it can also validate your person-number - think SSN in US context).
It is quite harsh in device security, recently failing on beta versions of Android - on top of afaik always failing on rooted devices...
The phone version also requires you to scan a continuously changing qr-code twice to proceed, which is shown when you need to identify yourself (in an I-frame). This is to ensure you are "physically" present where you are being authenticated (i.e. to block of some phone scams).
Works pretty well and is reasonable secure, whilst still having some flaws..
In the future, I believe this system will work in some/all of the EU due to the coming eIDAS legislation...