"I steal your phone, you have your banking info on "auto complete" (just for example). I have your phone, and your login info stored on it. I use safari to login to your bank, it sends OOB/MFA SMS, one time password, passphrase, code, etc to THAT PHONE, I authenticate and I'm In. Effectivly NULLIFING the OOB/MFA by use of the same compromised device."
Thats just wonderful. Obviously it wouldnt be a OTP on the phone being authenticated for that very reason.
I believe SFOR patents have that covered. Between the keystroke encryption and the MFA/OOB.
How about using a biometric authentication on that phone on th OOB channel (finger print, retina, facial, voice, etc.)
IMO
Market Data 
Markets 
AI
